TECHNOLOGY COMICS

Spice up your Newsletters, Website, Powerpoint Presentation, eBook, Infographic or Social media platforms with our technology related comics...

Cloud Compliance Audit: Learn More On The Unified Certification Standard From The MSP Alliance

Cloud Compliance Audit

I have written previously about various types of audits that are necessary to validate your cloud service.  In this post, I will cover the cloud service audit that helps you pick the right cloud service provider (CSP). While it is important that customers take the initiative in checking the various guarantees offered by the vendor on their own, it is helpful to have an industry certification that verifies each of the major parameters and that backup the vendor’s claims.

The Unified Certification Standard (UCS) from the industry body, the International Association of Managed Service Providers (MSP Alliance), shows promise in this regard.

The UCS, previously known as the Managed Services Accreditation Program (MSAP), has auditors who visit the facilities of the CSPs that request to be audited, and evaluate the CSP on eleven major control objectives.

1. Provider organization, governance, planning and risk management

This verifies that the vendor company has established an organizational structure that will allow it to effectively manage their services and provide an appropriate level of risk management.

2. Documented policies and procedures

This part verifies that the employees are trained and made aware of compliance procedures and that there is a periodical review of those procedures.

3. Service change management

This part verifies that the vendor is properly documenting the capacity planning and control change operations.

4. Event management

Customer support is essential for cloud computing customers. Thus, the audit verifies that the vendor has an established ticketing system and a help desk, and that it staffs their Network Operations Center (NOC) with trained personnel.

5. Logical security

Physical access to the servers and password management procedures are verified in this audit.

6. Change management

This part of the audit verifies that changes to policies and systems are logged and documented.

7. Data integrity

Security of your organization’s data is very important, and in this audit the vendor’s policies concerning data access and security policies are evaluated.

8. Physical and environmental security

The vendor must have sufficient safeguards in its datacenter to protect itself against vandalism and other kind of attacks. Apart from this, the audit checks that the environment is sufficiently safe from natural forces and has an effective DR/BC (Disaster Recovery/Business Continuity) planning.

9. Service level agreements

The vendor must provide SLAs that are duly signed by the clients.

10. Client reporting, billing and satisfaction

The vendor must provide proper invoicing and billing and send periodic reports to its customers.

11. Financial health

To ensure that you have an uninterrupted access to your services, the vendor’s financial position must be stable and it must have been running a profitable business over the past six months.

All these factors are important for any cloud customer, and it would be great if all CSPs were accredited according to these objectives. Let us know, if your vendor is accredited by UCS and share your experiences.

By Balaji Viswanathan

About CloudBuzz

Daily tech news snapshots and insights from around the world...

View Website
Consulting and outsourcing services provider Accenture Plc reported a 4.7 percent increase in quarterly net revenue, helped by strong demand for its digital and cloud services. Net income attributable to Accenture fell to $838.8 million or $1.33 per share in ...
Read More
Together, AppDynamics and Cisco will give customers comprehensive visibility from code to consumer and everything in-between SAN JOSE, CA--(Marketwired - Mar 22, 2017) - Cisco (NASDAQ: CSCO) today announced that it has completed the acquisition of AppDynamics, a leader in ...
Read More
Rackspace Ranks 74th on FORTUNE List SAN ANTONIO, TX--(Marketwired - March 21, 2017) - Rackspace® today announced it has been ranked 74th on the 2017 Fortune 100 Best Companies to Work For, according to global research and consulting firm Great ...
Read More