<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

SUITE OF SERVICES services menu

Hamburger-menu.png
MobileSearchIcon.png

C5 Attestation

In response to the ever-growing need to consider information security in the cloud computing world, the C5 Attestation or Cloud Computing Compliance Criteria Catalogue, was published. The program is a baseline of security controls that was developed by the Federal Office for Information Security in Germany, BSI.

REQUEST A CONSULTATION

With the C5 security controls baseline cloud service providers (CSPs) are able to better develop transparent and trusted relationships between themselves and their cloud customers.  The catalogue of controls pulls from internationally recognized standards such as International Organization for Standardization (ISO) 27001, ISO 27002, and ISO 27017, as well as the Cloud Control Matrix (CCM) of the Cloud Security Alliance (CSA).

This combination of standards is what makes Schellman a turnkey solution to achieving your C5 attestation with our depth of experience within the ISO standards as well as our work with the CSA.

 

The client specifies whether a “Type 1” or “Type 2” examination will be performed for the C5 report:

"Type 1"

Schellman performs a “Type 1” C5 examination when management requires a report on the fairness of presentation of the CSP’s system and the suitability of the design of controls as of a specified date.

"Type 2"

A “Type 2” C5 examination is performed when management requires a report on the fairness of presentation of the CSP’s system and the suitability of the design and operating effectiveness of controls over a period of time.

C5 Attestation Process

process_c5-1

Schellman was founded solely to meet an untapped need in performing high-quality attestation examinations.  Our personnel meet the qualifications outlined by BSI that include:

  • At least three years of professional experience with IT audits
  • Maintain an average of 4 certifications that include CISA, CISSP, Lead ISO Auditor and CCSK

Contact us

Debbie Zaller

C5 Practice Director

DEBBIE ZALLER

MEET DEBBIETHOUGHT LEADERSHIP