Welcome!

News Feed Item

BrightLine to Provide CSA STAR Attestation

BrightLine First and Only Firm to Provide STAR Certification and STAR Attestation

TAMPA, FL--(Marketwired - July 29, 2014) - Today, the Cloud Security Alliance (CSA) and the American Institute of CPAs (AICPA) issued the guidelines for CPA's who plan on conducting Service Organization Controls (SOC) 2 engagements in conjunction with the CSA's Cloud Control Matrix (CCM). This new hybrid attestation standard is known as the CSA Security and Trust & Assurance Registry (STAR) Attestation. Along with that, the CSA website now includes a listing of approved firms for STAR Attestation, which includes BrightLine. In addition, BrightLine has also been approved to provide STAR Certification services to clients. 

Organizations that outsource services to cloud service providers (CSPs) have a number of concerns regarding the security of their data and information. In the last year, the CSA STAR program has been enhanced, and moved from a self-assessment process to a certification program including the STAR Certification which is closely aligned with the ISO 27001 standard and performed by an ISO certification body. The new STAR Attestation program was developed to create an alternative path to STAR Certification utilizing the AICPA SOC 2 framework. The assessments must be performed by a licensed CPA firm where professionals have attained the CCSA Certificate of Cloud Security Knowledge (CCSK).

"The type of assurance vehicles utilized by cloud providers have historically been driven by their customers' industry and/or geographic preferences. Some of BrightLine's clients undergo SOC examinations, some ISO certification, and many both," stated Doug Barbin, Principal and cloud security leader at BrightLine. "The STAR Attestation program allows providers who have traditionally looked to SOC 2 examinations to provide assurance to their customers the ability to enhance that assurance through an integration of the CCM control set."

A licensed CPA firm and early adopter of the CCSK certification, BrightLine performs hundreds of SOC 2 examinations for CSPs annually. As an ISO and CSA STAR approved certification body, BrightLine is also the only firm providing CSPs with the ability to pursue the STAR Attestation and/or STAR Certification.

The CSA STAR Program is designed to recognize the varying assurance requirements and maturity levels of providers and consumers, and is recognized by customers, providers, industries and governments around the world. Further information about CSA guidelines regarding STAR Attestation is available at the Cloud Security Alliance website.

TWEET THIS:
@brightlinecpas first and only CPA firm providing CSA STAR Certification and Attestation @cloudsa #CSASTAR

ABOUT BRIGHTLINE

BrightLine CPAs & Associates, Inc. is a global provider of assurance and compliance services. As the first and only firm in the world fully accredited to provide a suite of services that includes SSAE 16 (SOC 1) examinations, SOC 2 Examinations, PCI DSS compliance validation, ISO 27001 certification, FedRAMP authorization, CSA STAR Certification and Attestation, BrightLine offers clients the unique opportunity to achieve multiple compliance objectives through a single third party assessor. For further information, please visit www.BrightLine.com.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Hitachi, the leading provider the Internet of Things and Digital Transformation, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Hitachi Data Systems, a wholly owned subsidiary of Hitachi, Ltd., offers an integrated portfolio of services and solutions that enable digital transformation through enhanced data management, governance, mobility and analytics. We help globa...
SYS-CON Events announced today that T-Mobile will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on ...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, will discuss how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He will discuss how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in compute, storage and networking technologies, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/...
Everyone wants to use containers, but monitoring containers is hard. New ephemeral architecture introduces new challenges in how monitoring tools need to monitor and visualize containers, so your team can make sense of everything. In his session at @DevOpsSummit, David Gildeh, co-founder and CEO of Outlyer, will go through the challenges and show there is light at the end of the tunnel if you use the right tools and understand what you need to be monitoring to successfully use containers in your...
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Building a cross-cloud operational model can be a daunting task. Per-cloud silos are not the answer, but neither is a fully generic abstraction plane that strips out capabilities unique to a particular provider. In his session at 20th Cloud Expo, Chris Wolf, VP & Chief Technology Officer, Global Field & Industry at VMware, will discuss how successful organizations approach cloud operations and management, with insights into where operations should be centralized and when it’s best to decentraliz...
“DevOps is really about the business. The business is under pressure today, competitively in the marketplace to respond to the expectations of the customer. The business is driving IT and the problem is that IT isn't responding fast enough," explained Mark Levy, Senior Product Marketing Manager at Serena Software, in this SYS-CON.tv interview at DevOps Summit, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
@DevOpsSummit at Cloud taking place June 6-8, 2017, at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long developm...