Cloud Computing Compliance Criteria Catalogue (C5)

Fabasoft was 2017 the first European provider of cloud services to receive the attestation pursuant to the requirements of the catalog of requirements C5 (Cloud Computing Compliance Criteria Catalog, in short: C5), issued by the Federal Office for Information Security (BSI). The C5 attestation pursuant to the requirements of the BSI is a recognized and reliable proof which transparently reveals the high level of information security of the Fabasoft Cloud for all Fabasoft Cloud customers. Until 2020 the KPMG Alpen-Treuhand GmbH Wirtschaftsprüfungs- und Steuerberatungsgesellschaft issued the attestation.

At the beginning of 2021, Fabasoft was audited for the first time in accordance with the new BSI Standard C5:2020. The audit was conducted by PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft, Germany.

The catalogue of requirements of the BSI specifies the minimum requirements that cloud service providers must meet. The information on the general conditions of the cloud service serves to provide customers with additional information on the level of information security offered by Fabasoft and ensures transparency with regard to information on jurisdiction and locations, availability and incident handling during regular operation, recovery parameters in emergency operation, availability of the data center, how investigation enquiries from government authorities are handled and certifications or attestations.