TAMPA, FL–(Marketwired – July 29, 2014) – Today, the Cloud Security Alliance (CSA) and the American Institute of CPAs (AICPA) issued the guidelines for CPA’s who plan on conducting Service Organization Controls (SOC) 2 engagements in conjunction with the CSA’s Cloud Control Matrix (CCM). This new hybrid attestation standard is known as the CSA Security and Trust & Assurance Registry (STAR) Attestation. Along with that, the CSA website now includes a listing of approved firms for Star Attestation, which includes BrightLine. In addition, BrightLine has also been approved to provide Star Certification services to clients.
Organizations that outsource services to cloud service providers (CSPs) have a number of concerns regarding the security of their data and information. In the last year, the CSA STAR program has been enhanced, and moved from a self-assessment process to a certification program including the STAR Certification which is closely aligned with the ISO 27001 standard and performed by an ISO certification body. The new STAR Attestation program was developed to create an alternative path to STAR Certification utilizing the AICPA SOC 2 framework. The assessments must be performed by a licensed CPA firm where professionals have attained the CCSA Certificate of Cloud Security Knowledge (CCSK).
“The type of assurance vehicles utilized by cloud providers have historically been driven by their customers’ industry and/or geographic preferences. Some of BrightLine’s clients undergo SOC examinations, some ISO certification, and many both,” stated Doug Barbin, Principal and cloud security leader at BrightLine. “The STAR Attestation program allows providers who have traditionally looked to SOC 2 examinations to provide assurance to their customers the ability to enhance that assurance through an integration of the CCM control set.”
A licensed CPA firm and early adopter of the CCSK certification, BrightLine performs hundreds of SOC 2 examinations for CSPs annually. As an ISO and CSA STAR approved certification body, BrightLine is also the only firm providing CSPs with the ability to pursue the STAR Attestation and/or STAR Certification.
The CSA STAR Program is designed to recognize the varying assurance requirements and maturity levels of providers and consumers, and is recognized by customers, providers, industries and governments around the world. Further information about CSA guidelines regarding STAR Attestation is available at the Cloud Security Alliance website.
@brightlinecpas first and only CPA firm providing CSA STAR Certification and Attestation @cloudsa #CSASTAR
BrightLine CPAs & Associates, Inc. is a global provider of assurance and compliance services. As the first and only firm in the world fully accredited to provide a suite of services that includes SSAE 16 (SOC 1) examinations, SOC 2 Examinations, PCI DSS compliance validation, ISO 27001 certification, FedRAMP authorization, CSA STAR Certification and Attestation, BrightLine offers clients the unique opportunity to achieve multiple compliance objectives through a single third party assessor. For further information, please visit www.BrightLine.com.
Executive Vice President
866.254.0000 ext 140
Support InfoStride News' Credible Journalism: Only credible journalism can guarantee a fair, accountable and transparent society, including democracy and government. It involves a lot of efforts and money. We need your support. Click here to Donate