The Cloud Industry Forum announces that cloud suppliers can now take an interim step to becoming Code of Practice Certified
New “Registered Supplier” category to act as a stepping stone to full Certification and will help the market adapt to the impending new realities of GDPR
The Cloud Industry Forum (CIF) has developed a new category for cloud suppliers on their journey to becoming certified. The new category is designed to support the Cloud Service Providers’ (CSPs) journey towards GDPR readiness whilst enabling customers to identify these suppliers as a potential choice for delivering cloud services. With the impending introduction of the GDPR in May 2018, this move gives businesses more flexibility to adapt to its requirements.
Becoming a CIF Code of Practice (Code) Registered Supplier is a stepping stone to the ultimate goal of becoming a fully Certified Supplier. It is a sign of intent from a cloud supplier and offers them the opportunity to declare their GDPR readiness and credentials whilst proceeding to full certification.
CIF enhanced its Code of Practice to support GDPR compliance earlier this year, requiring CSPs to adhere to new additional GDPR aligned requirements. The new category of Registered Supplier is free of charge and requires CSPs to disclose key information about their business, including declarations on their transparency, their capabilities, and the accountability in the way that they operate.
These declarations align with the core principles of GDPR – for example, organisations must declare that they have a written policy and/or certifications on information security and data protection. There is no charge for becoming a Registered Supplier, but Registered Suppliers may not use the CIF Certified logo.
Alex Hilton, CEO at CIF, expanded on the reasoning behind the new category: “The GDPR brings a number of new requirements to the cloud computing market, and CSPs are doing in-depth audits into their own operations to understand how they will have to change the way they do business accordingly. The scale of these demands, however, means that for many CSPs it will be a long and complex journey to full readiness. In recognition of this, we’ve created this new category of Registered Supplier.”
“In addition to the reassurance that CIF certification provides, this serves two purposes. Firstly, it guides CSPs towards the vital initial steps that provide the groundwork for full GDPR readiness, such as a comprehensive understanding of countries where personal data that they are involved with may be processed in any way. Secondly, it signals to the market which suppliers are en route to GDPR compliance, and therefore provides a wider range of choice to those seeking CSPs which will enable them to make partnerships with organisations who are aiming to be ready come April 2018,” added Richard Pharro, CEO of APMG International.
“GDPR has huge consequences for how any business involved or implicated in cloud computing. The introduction of Registered Suppliers is another way in which CIF is aiming to make it easier for the entire market to adapt to this new reality,” concluded Alex.
For more information on becoming a Registered Supplier visit: https://www.cloudindustryforum.org/content/become-registered-supplier