Seite 168 - Cloud Migration Version 2012 english

168 
o
Redundant power supply with UPS operation for at least 20 
minutes 
o
Redundant Internet connection 
o
Access control  
o
Fundamental facility security 
Contractual agreements are compliant with data protection 
requirements in the sense of the German Federal Data Protection 
Act 
Reasonable provisions for contract termination 
Clear agreements concerning customer data without right of 
retention by the contractor 
Contractual provisions with documented data export interfaces for 
returning and deleting the customer data on termination of the 
contractual agreement. 
Two‐Star Certification 
In addition to the requirements stated previously, the following mandatory 
criteria are fulfilled: 
The vendor provides verifiable information about the guaranteed 
services in terms of availability and speed of the application. 
Reporting functions are provided to confirm the fulfilment of the 
service agreement. 
The technical facilities fulfil the minimum requirements for a 
datacentre regarding redundancy of the technical services. Risks and 
building security are documented by the provider. 
The export formats for customer data are consistently documented 
and available for migration to other environments. 
Three‐Star Certification 
In addition to the requirements stated previously, the following mandatory 
criteria are fulfilled: 
The provider supports the choice of national jurisdiction by the user, 
or offers a contract subject to the user's legal system.