The German Federal Office for Information Security (BSI) will pilot a new TR-03185 “Secure Software Lifecycle” certification from February 2026 that keeps certified software compliant after updates without re-certification by certifying secure development processes, enabling faster releases, less administrative burden, and sustained trust.
BSI Enables Faster Software Updates Without Recertification
Public
Germany
Author: Ištvan Božoki
Category:
Fiscal subject related
Views:
488
Content accuracy validation date:
11.02.2026
Content accuracy validation time:
08:07h
The German Federal Office for Information Security (BSI) is introducing a new procedure that allows certified software to remain compliant after updates without requiring recertification. By certifying software development processes under TR-03185 “Secure Software Lifecycle,” manufacturers can deploy security-relevant updates faster while maintaining product certification.
Instead of recertifying every software version, the new approach focuses on ensuring that development and change processes are consistently secure and quality-assured. Certification under TR-03185 is valid for three years and maintained through annual surveillance audits, eliminating the need for re-certifications, maintenance procedures, and change notifications for updates.
The procedure will launch as a pilot from February 2026 for health apps (TR-03161), with plans to extend it to other technical guidelines. Although optional, TR-03185 certification offers manufacturers faster release cycles, reduced administrative effort, and a strong trust signal demonstrating secure development practices such as Security by Design and DevSecOps.
For more information, BSI will announce information sessions on its website. Questions can be directed to tr03185@bsi.bund.de
Other news from Germany
Germany: KoSIT Prepares XRechnung 4.0 in Line with New EU Standard
Public
Germany
Author: Ivana Picajkić
Germany
Author: Ivana Picajkić
KoSIT has confirmed strong progress on XRechnung 4.0, which will align with the upcoming EN 16931-1:2026 standard and enable a single, EU-compliant format for both B2G and future B2B e-invoicing. The update introduces major technical and regulatory changes (including ViDA alignment), is not backward compatible, and requires businesses to upgrade systems and prepare early for mandatory e-invoicing... Read more
New document was uploaded: E-invoicing system in Germany
Germany
Author: Ivana Picajkić
The purpose of this document is to describe how electronic invoices are handled in Germany. This document explains e-invoices, what they are, and how they are used, with special attention being paid to their legal treatment in Germany. Read more
Subscribe to get access to the latest news, documents, webinars and educations.
Already subscriber? Login
Germany: Guidance on Taxpayer Rights and Duties During External Audits
Germany
Author: Ivana Picajkić
A new guidance issued by Germany’s Federal Ministry of Finance, effective 1 January 2025, replaces the 2013 instructions and clarifies taxpayers’ rights and cooperation duties during external tax audits, with the document now required to be attached to audit orders. Taxpayers must support audits by providing records, data access, workspace, and knowledgeable staff, while auditors must identify themselves, respect taxpayer rights, and conduct audits fairly, including in the taxpayer’s favor. Read more
Subscribe to get access to the latest news, documents, webinars and educations.
Already subscriber? Login
Germany: Mandatory e-Invoicing is Coming – 2026 is the Key Preparation Year
Public
Germany
Author: Ivana Picajkić
Germany
Author: Ivana Picajkić
Germany is fundamentally transforming invoicing by introducing mandatory B2B e-invoicing, requiring companies to receive e-invoices from 2025 and to issue structured, EN 16931-compliant e-invoices from 2027 under the amended German VAT Act. As a result, 2026 is the key preparation year for businesses to upgrade systems, align processes with partners, and ensure compliance while laying the groundwo... Read more
Germany: Deutsche Fiskal Announces FCC 4.4.0 Release and System Updates for February 2026
Germany
Author: Ivana Picajkić
Deutsche Fiskal announced a February 2026 rollout of FCC version 4.4.0, mandatory system upgrades, and related technical changes, including new TSE selection options (initially test-only) and required authentication adjustments for customers upgrading from older FCC versions. All FCC DC installations will be upgraded during February 2026, February invoices will be temporarily issued from a fiskaly email address, and customers must ensure payments are made to the updated Commerzbank account. Read more
Subscribe to get access to the latest news, documents, webinars and educations.
Already subscriber? Login
New document was uploaded: S4FiscalBackoffice Patch
Author: Dejan Šijačić
S4F backoffice patch is intended for users who have already installed S4F backoffice and are intended to update existing installations to latest version. To do so apply only patches that are marked with version number that is newer than your currently installed instance of backoffice. Please make sure to install all available patches sequentially (without skipping). This package contains instruction, release notes, changelog and software packages required for deployment of this software component. Read more
Subscribe to get access to the latest news, documents, webinars and educations.
Already subscriber? Login