+OIS-02.03B

1. Übersicht

OIS-02.03B

The information security policy describes:

1. The importance of information security, based on the requirements of cloud service customers in relation to information security;
2. The security objectives and the desired security level, based on the business goals and activities as well as compliance obligations of the cloud service provider;
3. The cloud service provider's commitment to implement the necessary security measures for fulfilling the established security objectives;
4. The most important aspects of the security strategy to achieve the security objectives set; and
5. The organisational structure for information security in the scope of the ISMS.

Bezeichnung	Standard

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen
Source	Anforderung

3. Related Regulations

Regulations
Source	Regulierung

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html