Seite 47 - Cloud Migration Version 2012 english

47 
requirements in the context of a standardised test procedure and are 
validated by qualified auditors. The ISO 27001 standards (IT Security 
Procedures ‐ Information Security Management Systems Requirements) is 
the most famous test procedure in the field of IT security. 
In terms of Cloud computing, security is only one aspect of the tests 
requirements. The specification of Service Level Agreements (SLA) and the 
contractual wording of data protection requirements are also highly 
relevant; as Cloud services are often provided by several stakeholders, it is 
also essential to verify whether the requirements of the entire supply chain 
are met.  
If the provider of a SaaS solution has an ISO 27001 certification, it says 
nothing about the security systems of its suppliers, such as those of a 
platform, or infrastructure service provider. 
The EuroCloud organisation therefore began work back in 2010 on the 
definition of a Cloud‐specific certification process. It was published in 2011 
under the name of EuroCloud Star Audit. With a uniform test procedure for 
all Cloud services and a graded evaluation process, it implements quality 
requirements in a way that is understandable for customers, documents the 
results and calls on auditors to validate them. 
Further details can be found in section 4.2.