Gerico Security Srl, supports companies that provide cloud services (IaaS, PaaS, SaaS) in obtaining CSA STAR Certification Level 1 and Level 2:

• • – Identifying the elements of discovery in terms of Information security with respect to the CCM V.4.0,
  • – Defining the most suitable path to comply with the CSA standard, in compliance with the CSA Security Guidance V.4.0
  • – Developing Information Security policies and procedures,
  • – Identifying the necessary corrections and improvements to business processes
  • – Ensuring the alignment of the Information Security measures and governance to any ISMS ISO / IEC27001 already implemented,
  • – Supporting the company to define an ISO / IEC 27001 compliant and certifiable ISMS where this is not present.

Also Gerico Security:

For STAR Level 1 in particular, the company is also supported in carrying out the Self-Assessment through the CCM (Cloud Control Matrix V4.0.x)

For STAR Level 2, the Company is accompanied in the CSA STAR certification process:

– carrying out specific audits according to the Maturity Model required by the certification audit

– supporting the company in compiling the CAIQ (consensus assessments initiative questionnaire v.4.0.x)

– where necessary, also managing relations with the Certification Body