STARWatch – manage your compliance with CSA STAR (Security, Trust and Assurance Registry) requirements
Damir will deliver a live demo on STARWatch, a Software as a Service (SaaS) application. Developed by the CSA, the application is designed to provide organizations a centralized way to manage and maintain the integrity of the vendor review and assessment process. Additionally, STARWatch includes access to more than 200 CSA STAR assessments, helping organizations save time with research and aiding in quicker decision making.
STARWatch delivers the content of the CSA’s de facto standards Cloud Control Matrix (CCM) and CSA’s Consensus Assessments Initiative Questionnaire v3.0.1 (CAIQ) in a database format, enabling users to manage compliance of cloud services with the CSA best practices. STARWatch is designed to provide cloud users, providers, auditors, security providers assurance and compliance on demand. During the initial beta phase, CSA achieved tremendous success with more than 250 active licenses activated.
Damir Savanovic is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO 27001 and PCI DSS and before that for quality of IT processes based on COBIT and ITIL frameworks. Before joining Société Générale Group, Damir worked as Information Systems Auditor at Ernst & Young. His field of expertise is information security, cloud computing and assurance. He worked in variety of industries including financial, telecommunications, manufacturing and retail in the Central Eastern Europe. Damir has performed multiple information system audits, security and compliance audits in various banks and financial institutions in the region. With his broad knowledge of information security and understanding of IT and business processes, he is capable of communicating technical topics to business managers. He is very active in the community as board member of CSA Slovenia chapter and ISACA Slovenia chapter. Damir graduated from University of Ljubljana (Slovenia) in Information Technology and holds CCSK, CISM and CISA certifications.