Over the past three years, many cloud providers have adopted SOC2 reporting as a primary mechanism to address customer compliance requirements and also built a foundation of controls that was linked to other standards. Today, cloud providers are under increasing pressure to help large enterprise customers achieve their evolving security, governance and compliance objectives. Over the next three years, cloud providers will refine and integrate more granular controls and compliance requirements into their external reporting strategy. CSA STAR Attestation, which combines SOC2 and CCM, represents a powerful option that cloud providers can now use to help address enterprise customers' evolving requirements in a way that is closely linked with other industry standards. This session will explain the 12/15/14 update to SOC2, describe current trends in cloud assurance and standards, discuss external reporting strategy, illustrate a typical path to STAR Attestation and preview the future of cloud assurance.