Cloud Sovereignty Index
← All frameworks

Cloud & AI Development Act

Proposed regulation

CADA COM(2026) 502 · European Commission · 3 June 2026

CADA is a proposed EU Regulation establishing legally binding Union Assurance Levels (UAL 1–4) for cloud sovereignty. It provides a harmonised, auditable set of criteria at four levels of sovereignty. UAL 2+ requires independent third-party audit for formal recognition. Not yet adopted law — results are indicative only.

Scoring model

Cumulative gate: UAL N is achieved if and only if all criteria at levels 1 through N are answered "yes". Self-assessment suffices for UAL 1; UAL 2–4 require third-party audit (CADA Art. 20) for formal recognition by national competent authorities (CADA Art. 17).

Objectives & weights (29 questions)

22 questions covering all CADA Annex II criteria (L1 through L4). Does not cover SOV-8 Environmental Sustainability.

Objective Weight Questions
SOV-1 Strategic Sovereignty 15% 4
SOV-2 Legal & Jurisdictional Sovereignty 10% 5
SOV-3 Data & AI Sovereignty 10% 6
SOV-4 Operational Sovereignty 15% 8
SOV-5 Supply Chain Sovereignty 20% 3
SOV-6 Technology Sovereignty 15% 1
SOV-7 Security & Compliance Sovereignty 10% 2

Source documents

Start CADA assessment → Decisions register