+1.2 EU Cloud Sovereignty Framework and BSI C5:2026 as the C3A foundation

1. Übersicht

1.2 EU Cloud Sovereignty Framework and BSI C5:2026 as the C3A foundation

C3A adopt the structure (categorization) and objectives of the [European Union's Cloud Sovereignty Framework ](https://commission.europa.eu/document/09579818-64a6-4dd5-9577-446ab6219113_en)(EU CSF). In addition, the contributing factors of the EU CSF are reflected in the verifiable criteria of the C3A, but are expanded to include further aspects. Two areas of the EU CSF are intentionally not covered by the C3A: SOV-7 Security & Compliance Sovereignty is already covered by established BSI publications like [C5:2026](https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html) ,[ IT-Grundschutz ](https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Standards-und-Zertifizierung/IT-Grundschutz/it-grundschutz_node.html)or the [HA Benchmark compact](https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Hochverfuegbarkeit/HVB-kompakt/HVB-kompakt_node.html) . The aspects of SOV-8 Environmental Sustainability are not part of the area of BSI's responsibility. C3A presupposes that the cloud service provider meets the C5 criteria, as they reflect the security aspect of the sovereignty definition. The C5:2026 also includes criteria covering aspects in the overlap of autonomy and security.

1.1 Referenzen

1.2 Identifizierte Anforderungen

1.2 Related Regulation

2. Identifizierte Anforderungen

Anforderungen

3. Related Regulations

Regulations
Impressum