Code of Practice for Cloud Service Providers
In September 2017 the Cloud Industry Forum announced an update to the Code of Practice to incorporate key components of the General Data Protection Regulation (GDPR).
Whilst the GDPR additions to the Code cannot ensure complete compliance to the Regulation they will offer both providers and customers much greater confidence that they are proceeding appropriately towards GDPR.
More information on the GDPR is available from the ICO website.
The purpose of the Code of Practice for Cloud Service Providers ("Code") is to bring greater transparency and trust to doing business in the cloud.
Code of Practice certified cloud service providers have declared and committed to providing good quality services that adhere to the guidelines and best practices set out in the COP.
The COP is a comprehensive framework that enables service providers to benchmark their operations against standards developed by their peers and in many ways is a checklist for best practice in the provision of cloud services.
The COP covers a broad range of areas and disciplines but focuses on TRANSPARENCY, CAPABILITY & ACCOUNTABILITY
For Consumers of Cloud Services
For Cloud Service providers
Become a Registered Supplier
Cloud Service Providers can begin their journey to Certification by becoming a Registered Supplier. This acts as a stepping stone to Certification and is free to enter, but providers may not describe themselves as Certified or use the CIF Certified logo. Once registered, providers have 12 months to complete their Certification.
The Certified Mark identifies an organisation that has Self Certified to the Cloud Service Provider Code of Practice and the public declarations are accessible on the suppliers website and the CIF website Register of Certified Organisation.
The Certified+ Mark is a higher level mark that identifies an organisation that has been independently assessed by an Accredited Assessor as being compliant with the Code of Practice. The public declarations will be visible on both the Suppliers own website and the CIF website register of Certified organisations.