Scribd Logo
Upload

Welcome to Scribd!

  • Cloud Computing Compliance Controls Catalogue (C5) : - Table of Content

    Uploaded by

    SNFK2018
    9 views1 page
    This document provides an overview of the Cloud Computing Compliance Controls Catalogue (C5). It discusses the structure and contents of the C5, which outlines uniform requirements for cloud computing based on existing standards. It also describes how conformity with the C5 requirements can be proven through an independent audit. The audit would be conducted according to international auditing standards and criteria, with the goal of assessing the cloud provider's system and issuing an audit report. Regular audits and contractual agreements are recommended to ensure ongoing compliance.

    Original Description:

    Original Title

    C5313

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an overview of the Cloud Computing Compliance Controls Catalogue (C5). It discusses the structure and contents of the C5, which outlines uniform requirements for cloud computing based on existing standards. It also describes how conformity with the C5 requirements can be proven through an independent audit. The audit would be conducted according to international auditing standards and criteria, with the goal of assessing the cloud provider's system and issuing an audit report. Regular audits and contractual agreements are recommended to ensure ongoing compliance.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views1 page

    Cloud Computing Compliance Controls Catalogue (C5) : - Table of Content

    Uploaded by

    SNFK2018
    This document provides an overview of the Cloud Computing Compliance Controls Catalogue (C5). It discusses the structure and contents of the C5, which outlines uniform requirements for cloud computing based on existing standards. It also describes how conformity with the C5 requirements can be proven through an independent audit. The audit would be conducted according to international auditing standards and criteria, with the goal of assessing the cloud provider's system and issuing an audit report. Regular audits and contractual agreements are recommended to ensure ongoing compliance.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Cloud Computing ComplianCe Controls Catalogue (C5) | taBle oF Content

    Tab

    1 Introduction 10

    1.1 Current situation 10

    1.2 Uniform requirements based on existing standards 10

    2 Structure and contents of C5 13

    2.1 Structure of C5 13

    2.2 Content-related presentation of the controls areas 14

    2.3 Underlying national and international standards 16

    3 Proving conformity with the requirements by an independent audit 18

    3.1 Introduction 18

    3.2 Auditing standards and criteria 18

    3.2.1 ISAE 3000 (Revised) as auditing standard 18


    3.2.2 Correspondingly applying further auditing standards 19
    3.2.3 Criteria 20

    3.3 Subject of the audit including system description 20

    3.3.1 Subject of the audit 20


    3.3.2 System description of the cloud provider 21
    3.3.3 Use of evidence from other audits 22

    3.4 Audit objective and reporting 23

    3.4.1 Audit objective 23


    3.4.2 Reporting of the auditor 23

    3.5 Separate and supplementary requirements of the BSI 23

    3.5.1 Qualification of the auditor 23


    3.5.2 Reporting on existing and/or identified exceptions to
    the requirements 24
    3.5.3 Information on the limitation of liability 24
    3.5.4 Updates of C5 25

    3.6 Application notes for potential cloud customers: Regular


    audits and contractual assurance 25

    You might also like