Cloud Computing Compliance Criteria Catalogue (C5)

In 2017, Fabasoft became the first European provider of cloud services to receive certification in accordance with the requirements of the C5 (Cloud Computing Compliance Criteria Catalogue) requirements catalogue, issued by the German Federal Office for Information Security (BSI). The C5 certification in accordance with the BSI’s requirements serves as recognised and reliable proof for all Fabasoft Cloud customers, demonstrating the high level of information security within the Fabasphere (Fabasphere AI Core (Fabasoft Cloud and Mindbreeze AI) and Fabasphere Solutions: Fabasoft Approve, Fabasoft Boards, Fabasoft Contracts, Fabasoft Dora, Fabasoft OneGov, Fabasoft Talents and Fabasoft Xpublisher) in the Public Cloud and Government Cloud operating models.

Since 2021, Fabasoft has been audited in accordance with the BSI C5:2020 standard. The most recent audit report was issued in April 2026 for the audit period from 1 January 2025 to 31 December 2025 by PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft, Germany.

The BSI requirements catalogue specifies the minimum requirements that cloud service providers must meet. The details regarding the framework conditions of the cloud service serve to provide customers with additional information about the level of information security offered by Fabasoft and ensure transparency regarding details on jurisdiction and locations, availability and fault rectification during normal operation, restart parameters during emergency operation, availability of data centres, handling of investigation requests from government authorities, and certifications or attestations.

For further information on the audit report, please contact us at trust@fabasoft.com.