+OIS-01.02B

1. Overview

OIS-01.02B

The measures for setting up, implementing, maintaining and continuously improving the ISMS are documented. The documentation includes:

1. Context of the cloud service provider;
2. Scope of the ISMS (section 4.3 of ISO/IEC 27001);
3. Statement of applicability (section 6.1.3 of ISO/IEC 27001);
4. Overview of how activities in the ISMS cover the cloud service;
5. Description of how the cloud service provider maintains and improves the cloud service's security; and
6. Results of the last management review (section 9.3 of ISO/IEC 27001).

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

Cloud Computing Compliance Criteria Catalogue (C5:2026) -
Copyright by Bundesamt für Sicherheit in der Informationstechnik (https://www.bsi.bund.de/)

https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Empfehlungen-nach-Angriffszielen/Cloud-Computing/Kriterienkatalog-C5/C5_2025/C5_2025_node.html