+SOV-5-03-AC

1. Overview

SOV-5-03-AC

The cloud service provider MUST maintain a documented process for identifying and managing external service dependencies relevant to the delivery of the cloud service. Where critical dependencies are identified, the cloud service provider MUST implement mitigation strategies and maintain architectural flexibility enabling substitution of service dependencies. If it is not technically and operationally feasible, this information MUST be adequately provided to the cloud service customer.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

BSI C3A - Criteria enabling Cloud Computing Autonomy -
Copyright by Bundesamt für Sicherheit in der Informationstechnik

C3A - Criteria enabling Cloud Computing Autonomy

Published under Creative-Commons-License CC-BY-ND 4.0 International.