Question 27
UnclassifiedThe Open Certification Framework is structured on three levels of trust. Those three levels of trust are:
Correct answer: D
Explanation
The Open Certification Framework uses three trust levels: “CSA STAR Self-Assessment,” “STAR Certification & Attestation (Third-party Assessment),” and “STAR Continuous.” These names identify the framework’s progression from self-reported assurance to third-party validation and ongoing continuous assurance.
Why each option is right or wrong
A. CSA STAR Self-Assessment, STAR Certification & Attestation (Third-party Assessment), STAR Compliance
B. CSA STAR Audit, STAR Certification & Attestation (Third-party Assessment), STAR Continuous
C. CSA STAR Self-Assessment, STAR Certification & Attestation (Third-party Assessment), STAR Monitoring and Control
D. CSA STAR Self-Assessment, STAR Certification & Attestation (Third-party Assessment), STAR Continuous
The Cloud Security Alliance’s Open Certification Framework is defined as a three-tier trust model: Level 1 is the CSA STAR Self-Assessment, Level 2 is STAR Certification & Attestation based on a third-party assessment, and Level 3 is STAR Continuous. The framework is intentionally structured to move from self-attestation to independent validation and then to continuous assurance, so the listed three labels match the official levels exactly.