The Microsoft approach to cloud transparency – Part VIII

Welcome! Please comment and leave me a note telling me what you like and what you'd like to see more of. Sign up to my RSS Feed!
This entry is part of a wonderful series, Microsoft Cloud Transparency»

Thank you for coming back for the exciting Part VIII of The Microsoft approach to cloud transparency

The Microsoft approach to cloud transparency


Using the Cloud Security Alliance’s Security, Trust & Assurance Registry (STAR)


Part VIII – Aligning to STAR

When mitigating risk while deploying a cloud solution, an organization must consider the cloud-specific risks described in the preceding “Cloud assurance challenges” section as well as organizational goals. Common as well as cloud-specific risks must be weighed and evaluated carefully to assure the best results for the organization.

One best practice is to proceed with the selection of a cloud provider as described earlier, by using a common framework. This approach will help mitigate risk but also help avoid the cost of engaging outside expertise and a costly independent review process, relying instead on combined efforts that represent years of expertise in the field.

Using STAR, an organization can compare  various cloud offerings, select criteria important to the organization, and document how and why a specific solution was selected. This approach  helps mature future selection efforts and adds to the organization’s knowledge base.


Organizations can use the control criteria in the CCM to help mitigate the risk of missing important evaluation criteria. STAR also allows organizations to use a fully developed framework to carefully compare similar offerings. In addition, it can provide a way to measure and quantify weighting factors for related criteria.


Come back next week for Part IX!