How many controls does CSA STAR have?

CSA STAR contains 15 controls organized across 3 domains.

Where does CSA STAR apply?

CSA STAR is applicable in International. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does CSA STAR map to?

CSA STAR has control-to-control mappings with 609 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with CSA STAR compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

CSA STAR (Security, Trust, Assurance, and Risk)

The Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) programme provides a comprehensive framework for cloud security assurance. Based on the CSA Cloud Controls Matrix (CCM), STAR offers three levels of assurance: self-assessment (Level 1), third-party audit (Level 2 — SOC 2 or ISO 27001 based), and continuous monitoring (Level 3).

Domains

Data Security and Privacy

Infrastructure and Operations Security

Threat and Vulnerability Management

Frequently Asked Questions

Map CSA STAR (Security, Trust, Assurance, and Risk) to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform