How many controls does BSI C5 have?

BSI C5 contains 8 controls organized across 2 domains.

Where does BSI C5 apply?

BSI C5 is applicable in Germany. Organizations operating in or serving customers in this jurisdiction should evaluate its requirements.

What frameworks does BSI C5 map to?

BSI C5 has control-to-control mappings with 465 other compliance frameworks in our database. Use our compliance platform to explore these mappings interactively.

How do I get started with BSI C5 compliance?

Start by understanding the framework's key controls and domains. Our compliance platform provides AI-powered gap analysis and mapping tools to help you assess your current posture and build a remediation plan.

BSI C5 — Cloud Computing Compliance Criteria Catalogue

The Cloud Computing Compliance Criteria Catalogue (C5) is the German Federal Office for Information Security (BSI) standard for assessing the security of cloud services. C5:2020 defines minimum security requirements that cloud providers must meet, organized into 17 topic areas with 121 criteria.

Domains

Cloud-Specific and Physical Security

Organization and Governance

Frequently Asked Questions

Map BSI C5 — Cloud Computing Compliance Criteria Catalogue to any other framework

Use our AI-powered compliance platform to find control overlaps, gaps, and build remediation plans in seconds.

Try Free on Compliance Platform