The EU-SEC Multi party recognition framework training and awareness package
Cloud service providers are under considerable pressure to comply with several international, national, and sector specific standards and requirements. Such a proliferation of standards and requirements demands more resources be spent, increases compliance acquisition costs, and potentially also creates room for security vulnerabilities. As a consequence, the process of adhering to different standards, laws and regulations for CSPs is inefficient, with a lot of duplicated work that unduly increases costs and complexity. The EU-SEC project has worked on addressing these issues by, for instance, identifying the common denominators between widely known standards and presenting them under a well-defined and comprehensive framework, namely the EU-SEC’s Multi Party Recognition Framework (MPRF). The Framework has been validated by 4 consortium members in a 12 month pilot, the results of which have been used to improve the Framework.
A high level motivation and explanation of EU-SEC’s Multi Party Recognition approach can be found in our videos here.
In addition, the EU-SEC multi party recognition training and awareness package contains guidelines, slides and documents that allow auditors, CSPs, Cloud Service Customers and regulators to understand the principles and details that are required for the implementation of multi party recognition between existing cloud security certification schemes such as ISO27001, SOC2, CSA STAR Certification and Attestation, BSI C5, and other national schemes or requirements in the domain of cloud security. The package contains:
- Guidelines for Implementing Continuous Audit-Based Certification
- The EU-SEC Multi Party Recognition Training and Awareness Slide Set
- The EU-SEC Multiparty Recognition Framework White Paper