Discover your certification today Browse
Open page navigation
Cloud computing

New “Registered Supplier” category to act as a stepping stone to full Certification and will help the market adapt to the impending new realities of GDPR

The Cloud Industry Forum (CIF) has developed a new category for cloud suppliers on their journey to becoming certified. 

Designed to support the Cloud Service Providers’ (CSPs) journey towards GDPR readiness whilst enabling customers to identify these suppliers as a potential choice for delivering cloud services. With the impending introduction of the GDPR in May 2018, this move gives businesses more flexibility to adapt to its requirements.

Becoming a CIF Code of Practice (Code) Registered Supplier is a stepping stone to the ultimate goal of becoming a fully Certified Supplier. It is a sign of intent from a cloud supplier and offers them the opportunity to declare their GDPR readiness and credentials whilst proceeding to full certification.

CIF enhanced its Code of Practice to support GDPR compliance earlier this year, requiring CSPs to adhere to new additional GDPR aligned requirements. The new category of Registered Supplier is free of charge and requires CSPs to disclose key information about their business, including declarations on their transparency, their capabilities, and the accountability in the way that they operate.

These declarations align with the core principles of GDPR – for example, organisations must declare that they have a written policy and/or certifications on information security and data protection. There is no charge for becoming a Registered Supplier, but Registered Suppliers may not use the CIF Certified logo.

Alex Hilton, CEO at CIF, expanded on the reasoning behind the new category: “The GDPR brings a number of new requirements to the cloud computing market, and CSPs are doing in-depth audits into their own operations to understand how they will have to change the way they do business accordingly. The scale of these demands, however, means that for many CSPs it will be a long and complex journey to full readiness. In recognition of this, we’ve created this new category of Registered Supplier.”

“In addition to the reassurance that CIF certification provides, this serves two purposes. Firstly, it guides CSPs towards the vital initial steps that provide the groundwork for full GDPR readiness, such as a comprehensive understanding of countries where personal data that they are involved with may be processed in any way. Secondly, it signals to the market which suppliers are en route to GDPR compliance, and therefore provides a wider range of choice to those seeking CSPs which will enable them to make partnerships with organisations who are aiming to be ready come April 2018,” added Richard Pharro, CEO of APMG International.

“GDPR has huge consequences for how any business involved or implicated in cloud computing. The introduction of Registered Suppliers is another way in which CIF is aiming to make it easier for the entire market to adapt to this new reality,” concluded Alex.

For more information on becoming a Registered Supplier visit:



About the Cloud Industry Forum (CIF)

The Cloud Industry Forum (CIF) is a not-for-profit membership driven trade body established in 2009 as a direct response to the evolving supply models for the delivery of cloud based software and IT services.  

Under the direction of our members, CIF has three priorities:

  1. Create a platform to discuss, engage and partner within the cloud supplier community to ensure thought leadership and market direction. We do this through regular members meetings, media and customer events, whitepapers and market research – an example of the latest Digital Transformation report can be found here
  2. To drive a common and public level of transparency about the capability and substance of Cloud Service Providers through a process of self-certification to an EU recognised Code of Practice. This Code of Practice enables CSPs to present their proposition as trusted suppliers whilst raising their credibility and brand which are all publicly accessible via the CIF website.
  3. Acknowledging the digital skills gap, CIF has built a Professional Membership program enabling IT professionals to see best practice of cloud adoption. Following a Cloud Adoption Roadmap, users and suppliers can enhance their skills and achieve Professional Certification via an online training process. 

Visit the website 

Press contacts:

Edward Dodge / Henri Attan


T: +44 (0)20 7388 9988





Satellite overlooking earth

CDCAT® Insurance Services

Gain full awareness before accepting cover

View more
Large pile of timber logs perfectly stacked

ISO/IEC 27001

Demonstrate exemplary management of information security

View more
Person stood on a cliff edge looking upon clouds rolling through mountains

The Cloud Industry Forum (CIF) Code of Practice

Ensure your cloud services are a beauty to behold

View more