Introduction
The purpose of the StarAudit certification is to gain transparency and to increase confidence in Cloud Services by the performing neutral audits by vendor independent, accredited auditors according to a defined set of published audit criteria. StarAudit is providing several assessment tools for cloud providers, cloud users, consultants and auditors in order to compare, assess or audit cloud services.
OPERATIONAL FRAMEWORK
Non profit: The StarAudit program is operated as a financially independent, non commercial unit. Financial contributions for StarAudit services and StarAudit membership fees are solely to enable the further development and operation of the StarAudit programme, continuous maintenance and further development of the audit catalogue and the operational audit procedures, the accreditation procedures, the performance of accreditations and the issue of StarAudit certificates.
Content Development StarAudit is the only organisation worldwide that is permitted to continuously improve and develop the StarAudit catalogue audit scope, online tools such as the Academy, and assessment. The responsibility for this activity is appointed to the StarAudit Directorate supported by the international Advisory Board.
Accreditations are solely and exclusively appointed, terminated or withdrawn by the StarAudit Directorate. No other organisation is permitted to perform this task. Accreditations are only valid if published online on the StarAudit website. Complaints can be raised via webform at any time.
Certificates are the written proof of the positive results of an StarAudit audit process that was performed by an independent Audit organisation and by accredited auditors. They are exclusively issued by StarAudit. Certifications are only valid if published online on the StarAudit website.
The StarAudit-Advisory Board consists of representatives of the StarAudit partner organisations, Government or federal offices, Cloud-research organisations, law-firms and other senior cloud experts. The StarAudit Advisory board supports the directorate in the continuous improvement and further development of the StarAudit programme to ensure its content remains up to date and continuously matches the high quality standard of StarAudit.
COMPLIANCE RULES
The StarAudit organsation and the organisational unit “StarAudit Directorate” may not offer or perform StarAudit audits. Only accredited Audit Organisations may perform audits.
An StarAudit-Chapter (ACH) is the only partner organisation within the StarAudit eco-system that is granted an exclusive right to operate in a specific country or region. Therefore, special monitoring and care for compliance and transparency is required.
The StarAudit partner programme is an international eco-system based on European quality values for worldwide usage. This means that the StarAudit programme is open to all individuals and organisations who want to participate.
Commercial Activities may be performed by accredited StarAudit Partners in their assigned country or region of the world. Partners receive the granted the right to promote, execute StarAudit audits, consulting and training in their assigned country or region. They are permitted to act as an StarAudit-Partner as long as their active accreditation is published on the StarAudit website. They are not permitted to mandate other persons, organisations or subsidiaries, parent organisations, branch offices or any other third party organisation or company to act as an StarAudit-Partner.
An StarAudit Chapter (ACH) is an organisation accredited by StarAudit to exclusively represent StarAudit in the assigned country or region, responsible for promotion, facilitation and quality assurance of StarAudit related activities and with direct contractual relations with all local StarAudit partners.
The StarAudit Chapter is the only partner with an exclusive right to operate and represent StarAudit. Therefore, a potential candidate for a Chapter has to prove:
- strong interest in the development of the cloud market
- balanced and neutral approach to provider and user interest
- an active, healthy organisation with a good reputation
- a powerful management structure capable of developing the local StarAudit ecosystem and to handle
- organisational, contractual and legal challenges the capacity to provide the StarAudit localisation
- a strong network to all stakeholders
- a high reputation in delivering quality assurance
- a well established relationship with government organisations, political and standardisation bodies.
Preferably the organisation is a non-profit organisation. If the legal entity of the organisation is not non-profit the organisation has to prove that its StarAudit related activities are compliant with the above listed selection criteria for a Chapter.
Any organisation that applies for a Chapter accreditation has to prove its capability of accomplishing the mentioned requirements.
The decision as to whether an accreditation will be granted stays exclusively with the StarAudit directorate. In the case of several applications for a Chapter accreditation, the candidates will be invited to present their organisation and project plans.
COMPLAINT
COMPLAINT about irregularities or violations of the StarAudit Compliance Rule