Cloud Compliance Audit: Learn More On The Unified Certification Standard From The MSP Alliance

Cloud Compliance Audit: Learn More On The Unified Certification Standard From The MSP Alliance

I have written previously about various types of audits that are necessary to validate your cloud service.  In this post, I will cover the cloud service audit that helps you pick the right cloud service provider (CSP). While it is important that customers take the initiative in checking the various guarantees offered by the vendor on their own, it is helpful to have an industry certification that verifies each of the major parameters and that backup the vendor’s claims.

The Unified Certification Standard (UCS) from the industry body, the International Association of Managed Service Providers (MSP Alliance), shows promise in this regard.

The UCS, previously known as the Managed Services Accreditation Program (MSAP), has auditors who visit the facilities of the CSPs that request to be audited, and evaluate the CSP on eleven major control objectives.

1. Provider organization, governance, planning and risk management

This verifies that the vendor company has established an organizational structure that will allow it to effectively manage their services and provide an appropriate level of risk management.

2. Documented policies and procedures

This part verifies that the employees are trained and made aware of compliance procedures and that there is a periodical review of those procedures.

3. Service change management

This part verifies that the vendor is properly documenting the capacity planning and control change operations.

4. Event management

Customer support is essential for cloud computing customers. Thus, the audit verifies that the vendor has an established ticketing system and a help desk, and that it staffs their Network Operations Center (NOC) with trained personnel.

5. Logical security

Physical access to the servers and password management procedures are verified in this audit.

6. Change management

This part of the audit verifies that changes to policies and systems are logged and documented.

7. Data integrity

Security of your organization’s data is very important, and in this audit the vendor’s policies concerning data access and security policies are evaluated.

8. Physical and environmental security

The vendor must have sufficient safeguards in its datacenter to protect itself against vandalism and other kind of attacks. Apart from this, the audit checks that the environment is sufficiently safe from natural forces and has an effective DR/BC (Disaster Recovery/Business Continuity) planning.

9. Service level agreements

The vendor must provide SLAs that are duly signed by the clients.

10. Client reporting, billing and satisfaction

The vendor must provide proper invoicing and billing and send periodic reports to its customers.

11. Financial health

To ensure that you have an uninterrupted access to your services, the vendor’s financial position must be stable and it must have been running a profitable business over the past six months.

All these factors are important for any cloud customer, and it would be great if all CSPs were accredited according to these objectives. Let us know, if your vendor is accredited by UCS and share your experiences.

By Balaji Viswanathan

Balaji

Balaji Viswanathan is the founder of Agni Innovation Labs that helps startups and small businesses with their marketing and tech strategy. He has a Masters in Computer Science from the University of Maryland and has been blogging for the past 7 years on technology and business related topics.

One Response to Cloud Compliance Audit: Learn More On The Unified Certification Standard From The MSP Alliance

Cloud Computing Offers Key Benefits For Small, Medium Businesses

Cloud Computing Offers Key Benefits For Small, Medium Businesses

A growing number of small and medium businesses in the United States rely on as a means of deploying mission-critical software products. Prior to the advent of cloud-based products — software solutions delivered over the Internet – companies were often forced to invest in servers and other products to run software and store data. The…

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things

Cloud Infographic – Monetizing Internet Of Things There are many interesting ways in which companies are looking to connect devices to the cloud. From the vehicles to kitchen appliances the internet of things is already a $1.9 trillion dollar market based on research estimates from IDC. Included is a fascinating infographic provided by AriaSystems which shows us some…

Cloud Infographic – The Future Of Big Data

Cloud Infographic – The Future Of Big Data

The Future Of Big Data Big Data is BIG business and will continue to be one of the more predominant areas of focus in the coming years from small startups to large scale corporations. We’ve already covered on CloudTweaks how Big Data can be utilized in a number of interesting ways from preventing world hunger to helping teams win…

The Education Revolution: Cloud In The Classroom

The Education Revolution: Cloud In The Classroom

The Education Revolution: Cloud In The Classroom With the back-to-school season now upon us, parents, students and teachers everywhere are once again struggling with the perpetual challenge of making kids job-ready in a high-speed and fast-changing environment. There is little doubt in anyone’s mind that information technology plays a central role in all areas of life…

Cloud Infographic: Corporate IT Security Stats

Cloud Infographic: Corporate IT Security Stats

Cloud Infographic: Corporate IT Security Stats Each week on CloudTweaks we provide a few shoutouts to companies who provide engaging and interesting infographics that reflect our readers interests.  In this case, we have an excellent infographic provided by the team at arellia.com which takes a closer look at cyber-security and some of the biggest malware threats…

CONNECT TO THE CLOUD

 

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100


Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Contact

CloudTweaks Media
Phone: 1 (212) 763-0021