In this version of the catalogue, we've introduced a new Area focused on GDPR and several enhancements to existing controls as part of this major update.
Over the past uears, we have worked very intensively on updating the StarAudit Catalogue and amending it with controls in connection with the GDPR. It has been a long journey to which many people actively made important contributions, and a number of small corrections were made as well.
New Control Catalogue in German
The 4th version of the Control Catalogue has been ready for some time and can be found starting today also in German language. The core improvement in the new version is the introduction of a new control area, namely Area 07 “Data Protection”. The existing control areas, especially Area 03, were also evaluated in terms of their coherency with the new area and adapted accordingly.
New GDPR Area
The Area 7 features nearly 30 new controls addressing the requirements for cloud providers under the European General Data Protection Regulation. It does not represent a GDPR certificate (for data processors), however; rather, it is intended as a suitable and comprehensive list of requirements that a data controller (i.e. the cloud service customer) can expect from its data processor (i.e. the cloud service provider).
Download & Availability
The new German version of the StarAudit Catalogue is available for download in the Publications section of the StarAudit website.
Integration into the Assessment Tool
The 4th version of the Catalogue in German will be fully integrated into the StarAudit Assessment Tool as well in the upcoming period. In order to use the latest StarAudit Catalogue, you need to create a new or edit an existing project in the Assessment Tool, select "Structure", add a new Assessment and select the associated template for v4.0. After saving the structure, you will be able to navigate through all the areas and controls.
The 4th version of the Catalogue is the standard to achieve a StarAudit Certificate.
EuroCloud Europe would like to thank all the persons who supported Version 4.0 revision 3.1 and have worked very hard over a period of several months to provide input, content, new controls and all relevant update information necessary to produce this fully amended version of the StarAudit control catalogue.
We would specifically like to mention the authors Martin ANDENMATTEN, Norbert FESEL, Jens ECKHARDT, Stefan LEITNER, Leopold OBERMEIR and Ernst-Oliver WILHELM.
We would also like to thank the International Network of Privacy Law Professionals (INPLP). Many of its members—all of whom are specialised IT lawyers—supported the revision of the contents of the catalogue in Area 2 (Contract) and Area 7 (Data Protection) with valuable input and feedback.
Our gratitude goes out to the members of the project SECCAT (KIRAS Sicherheitsforschung des österreichischen Bundesministeriums) for their detailed feedback as well as to the members of the EU project CREDENTIALS (Horizon 2020) and especially to the Austrian Institute of Technology (AIT) for extensive input pertaining to Area 3 (Security).
EuroCloud Europe would also like to thank the StarAudit advisory board for their valuable support and would specifically like to mention Dr. Gary GONG (Honorary President of the Advisory Board) and Dr. Jens ECKHARDT (Chairman of the Legal Advisory Board).