Cloud computing compliance criteria catalogue (C5) of the BSI
Audit report from 18.12.2020
In the C5, the BSI specifies which obligations and requirements cloud providers must meet with regard to information security. The testing may only be carried out by an auditor as an independent third party. DRACOON was audited in this context by PwC, the leading auditing and consulting firm in Germany.
Download the audit report from PwC
ISO/IEC 27001:2013 Certificate
Awarded in 21.08.2020
ISO/IEC 27001 is the leading international standard for information security management systems.
Information about DRACOON's certification
IDW PS 951
Audit report from 29.01.2021
IDW PS 951 includes the audit of the internal control system at the service company (here: DRACOON) for functions outsourced to the service company. In this context, DRACOON was audited by PwC, Germany's leading auditing and consulting firm, as of the reporting date of September 30, 2020. The audit was conducted on the basis of the following criteria:
- Functionalities of the DRACOON solution
- Encryption of the information
- Architecture and system components
- Methods, principles and concepts for development and operation
- Technical and organizational measures for the provision of the cloud service based on the BSI C5 requirement areas.
- Control objectives of the service-related internal control system
Download the audit report from PwC
Planned certifications for DRACOON
ISO 27017:2015 (Information security for cloud services)
Planned certification by TÜV Rheinland
ISO 27018:2019 (protection of personally identifiable information (PII) in public clouds acting as PII processors)
Planned certification by TÜV Rheinland
ISO 22301:2014 (Business Continuity Management)
Planned certification by TÜV Rheinland
Comments
0 comments
Article is closed for comments.