Risk & Compliance Programs


CSA Security, Trust & Assurance Registry (STAR)

CSA STAR is the industry’s most powerful program for security assurance in the cloud. STAR encompasses key principles of transparency, rigorous auditing, and harmonization of standards. JNN Group is a Cloud Security Alliance Corporate Partner and Service Provider. Our team is trained and certified to help your organization assess, test and certify its compliance to the CSA STAR principles.


CMMI Appraisals

JNN Group is a CMMI Institute Partner. As a provider of a world-class performance improvement framework that helps organizations achieve high-performance operations, Jnn Group is among an elite group. CMMI Institute Partners are the only authorized external sources of official CMMI and DMM courses and services, including:

  • Capability Maturity Models Integration

  • Data Management Maturity

  • Cybersecurity Assessments



The CSA Code of Conduct for GDPR Compliance is a tool created in collaboration with industry experts and representatives from EU national data protection authorities to assist organizations in adhering to the European General Data Protection Regulation. The CSA’s Code include all the necessary requirements a Cloud Service Provider has to satisfy in order to comply with the EU GDPR.



Our privacy assessments audits and attestations services ensures that the personal information you collect, use, process, retain, and dispose is handled in accordance to your organization’s privacy notices and with the criteria set forth by your overseeing regulatory body (i.e. HIPAA/HITECH, etc.)


SOC Examinations

System and Organization Controls (SOC) is a suite of services that test system-level controls of a service organization or entity-level controls of other organizations. JNN Group can perform SOC Examinations and Attestation, including

  • SOC 1®— SOC for Service Organizations: ICFR

  • SOC 2®— SOC for Service Organizations: Trust Services Criteria

    • SOC for Service Organizations: SOC 2® HiTrust

    • SOC for Service Organizations: SOC 2® CSA STAR Attestation

  • SOC 3® —SOC for Service Organizations: Trust Services Criteria for General Use Report

  • SOC for Cybersecurity