Cloud computing compliance criteria catalogue (C5, Type 2) of the BSI
Audit report from November 3, 2023
In the C5, the BSI specifies which obligations and requirements cloud providers must meet with regard to information security. The testing may only be carried out by an auditor as an independent third party. DRACOON was audited in this context by HKKG, a prestigious legal firm in Germany, and previously by PwC, the leading auditing and consulting firm in Germany.
To get a copy of the complete report, please contact your sales representative at DRACOON.
ISO/IEC 27001:2013 certificate including ISO/IEC 27017:2015 (Information security for cloud services) and ISO/IEC 27018:2019 (Protection of personal data in cloud services)
Issued August 29, 2023
ISO/IEC 27001 is the leading international standard for information security management systems.
Information about DRACOON's certification
IDW PS 951 (Type 2)
Audit report from November 3, 2023
IDW PS 951 (Type 2) includes the audit of the internal control system at the service company (here: DRACOON) for functions outsourced to the service company. In this context, DRACOON was audited by HKKG, a prestigious legal firm in Germany, with a reporting date of November 3, 2023 (auditions in earlier years: with a reporting date of October 25, 2022 by HKKG; with a reporting date of October 13, 2021 by PwC, Germany's leading auditing and consulting firm).
The audit was conducted based on the following criteria:
- Functionalities of the DRACOON solution
- Encryption of the information
- Architecture and system components
- Methods, principles, and concepts for development and operation
- Technical and organizational measures for the provision of the cloud service based on the BSI C5 requirement areas
- Control objectives of the service-related internal control system
To get a copy of the complete report, please contact your sales representative at DRACOON.
Comments
0 comments
Article is closed for comments.