Skip to main content

Cloud Computing Compliance Criteria Catalogue (C5)


Fabasoft was 2017 the first European provider of cloud services to receive the attestation pursuant to the requirements of the catalog of requirements C5 (Cloud Computing Compliance Criteria Catalog, in short: C5), issued by the Federal Office for Information Security (BSI). The C5 attestation pursuant to the requirements of the BSI is a recognized and reliable proof which transparently reveals the high level of information security of the Fabasoft Cloud for all Fabasoft Cloud customers. Until 2020 the KPMG Alpen-Treuhand GmbH Wirtschaftsprüfungs- und Steuerberatungsgesellschaft issued the attestation.

Fabasoft has been audited in accordance with BSI Standard C5:2020 since 2021. The last audit report was issued in April 2025 for the audit period 01.01.2024 to 31.12.2024 by PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft, Germany.

The catalogue of requirements of the BSI specifies the minimum requirements that cloud service providers must meet. The information on the general conditions of the cloud service serves to provide customers with additional information on the level of information security offered by Fabasoft and ensures transparency with regard to information on jurisdiction and locations, availability and incident handling during regular operation, recovery parameters in emergency operation, availability of the data center, how investigation enquiries from government authorities are handled and certifications or attestations.

For more information on the audit report, please contact us at trust@fabasoft.com.