167
institutions, Cloud providers, legal experts and financial auditing
associations.
Specifically, the EuroCloud Star Audit includes the following categories:
Provider profile
Contract and compliance
Security
Infrastructure
Operational processes
Application
Implementation
A rating system, and a specification with a minimum criterion, means that
the provider can achieve various quality levels (between one and five stars).
The core issues include legal aspects, reliable provision of technical services,
as well as data protection, data security and compliance with fundamental
quality standards for operation processes and application design. The
provider must offer concrete evidence for statements made in the audit;
furthermore, the provider commits to report significant changes in basic
parameters (for example, the location of the service facilities, changes in
agreements with subcontractors) and critical incidents without delay.
As a result, the following three quality levels are assigned according to the
degree of implementation:
Trusted Cloud Service ‐ three stars
Trusted Cloud Service Advanced ‐ four stars
Trusted Cloud Service Advanced HA (High Availability) – five stars
One‐Star Certification
The provider has fulfilled the following mandatory criteria:
The company is registered in an EU commercial registry.
Technical operation of the application takes place in an
infrastructure suitable for providing web‐based services.
This includes:
o
A separate area for hardware components