Cloud Computing Compliance Criteria Catalogue (C5)

Fabasoft was 2017 the first European provider of cloud services to receive the attestation pursuant to the requirements of the catalog of requirements C5 (Cloud Computing Compliance Criteria Catalog, in short: C5), issued by the Federal Office for Information Security (BSI). The C5 attestation pursuant to the requirements of the BSI is a recognized and reliable proof which transparently reveals the high level of information security of the Fabasoft Cloud for all Fabasoft Cloud customers. Until 2020 the KPMG Alpen-Treuhand GmbH Wirtschaftsprüfungs- und Steuerberatungsgesellschaft issued the attestation.

Following the initial audit in accordance with BSI Standard C5:2020 at the beginning of 2021, this audit was carried out again at the beginning of 2022 by PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft, Germany, on behalf of Fabasoft.

The catalogue of requirements of the BSI specifies the minimum requirements that cloud service providers must meet. The information on the general conditions of the cloud service serves to provide customers with additional information on the level of information security offered by Fabasoft and ensures transparency with regard to information on jurisdiction and locations, availability and incident handling during regular operation, recovery parameters in emergency operation, availability of the data center, how investigation enquiries from government authorities are handled and certifications or attestations.