Cloud Assurance Powered by CloudeAssurance (rating system algorithm) protects customers by measuring and ensuring cloud service providers’ ability to securely deliver cloud services in accordance with industry cloud best practices, standards and regulatory compliance.
CloudeAssurance platform is the industry’s first risk-intelligent rating, continuous education and continuous monitoring system assuring cloud service provider’s cloud security and governance, risk and compliance. Customers can know which cloud providers have the best cloud assurance score and history, a measure of cloud trust they can depend on. This platform enables safe and secure adoption of Cloud Computing!
We serve four main target users:
1. Customers of Cloud Service Providers (Consumers)
Consumers may use a Cloud Service Provider’s “Provisional” or “Validated” CloudeAssurance Score to evaluate, select and negotiate new and existing contracts, Request For Information (RFI), Request for Quote (RFQ) and Request for Proposal (RFP) with their Cloud Service Providers.
2. Cloud Services Brokers (CSBs)
External or Internal entities that pay an intermediary role in cloud computing. CSBs make it easier for organizations to consume and maintain cloud services, particularly when they span multiple providers. CSBs include system integrators, big data platforms, cloud integrators, insurance brokers and insurance underwriters.
3. Cloud Auditors
External or Internal entities that perform standards based independent assessments and/or audits of cloud services such as HISPI Qualified Independent CAAP Assessors, PCI-DSS QSAs, SSAE16 (SOC 1, 2 and 3) Auditors, ISO Auditors and FedRAMP Accredited 3PAOs.
4. Cloud Service Providers (CSPs)
Cloud Service Providers that are willing to demonstrate evidence that they are effectively managing Security and Governance, Risk management and Compliance (GRC) expectations of their customers through continuous education and self-assessments against our CloudeAssurance Scoring system. The output of this self-assessment is a “Provisional” CloudeAssurance Score valid for 180-days.
Their CloudeAssurance Score will move from “Provisional” to “Validated” once the cloud service provider’s CloudeAssurance Score has been independently and objectively validated by a company on the HISPI managed Cloud Assurance Assessor Program (CAAP).
HISPI managed Cloud Assurance Assessor Program (CAAP) addresses the need for industry wide standardization and consistency in providing on-going transparency and assurance that cloud service providers are effectively managing Security and Governance, Risk management and Compliance (GRC) expectations of their customers.
HISPI CAAP offers access to a global network of qualified assessors who have completed two certifications; HISP certification managed by HISPI and CCSK managed by the Cloud Security Alliance.
3-Step CAAP Validation Process
Step 1 – Self-Assessment
- CSP performs CloudeAssurance Self-Assessment
- CSP obtains CloudeAssurance Provisional Score
Step 2 – CAAP Validation Assessment
- CSP hires HISPI Qualified Independent CAAP Assessor
- Independent CAAP Assessor Validates CSP’s CloudeAssurance Score
Step 3 – Validation Seal
- CAAP Oversight Board (CAAPOB) accepts Validated CloudeAssurance Score
- CSP publishes validated score in a Validation Seal
OR
- CAAP Oversight Board (CAAPOB) rejects Validated CloudeAssurance Score