Data center certification based on TÜViT's Trusted Site Infrastructure methodology puts data center operators, colocation and cloud infrastructure providers on the safe side. Your data centers are highly available and benefit from third-party auditing and inspection for risk mitigation.
Since 2002, TÜViT performs certifications of data centers. Since then, more than 600 certification projects have been completed successfully. The TÜViT certified data center is a proven standard for data centers in Germany and increasingly within the international environment.
A team of technical experts in various disciplines
The TSI methodology involves a 25-person interdisciplinary team of experienced auditors and technical experts. The more own resources, expertise and interdisciplinary teams an evaluation body deploys and the more well-versed the audit is performed thanks to many years of experience, the more is the certificate meaningful and valuable. In addition, the TSI method defines the procedures in compliance with DIN EN ISO/IEC 17065. This standard for certification bodies ensures that qualified auditors are assigned, quality controls are performed, and certification decisions are made independently. The inspection and certification can be performed according to the following TÜViT criteria catalogs:
- TSI.EN50600
- TSI.STANDARD
With these two approaches, TÜViT can now meet the requirements for dedicated certificates for data center standard EN 50600 (TSI.EN50600) as well as offer more comprehensive evaluations (TSI.STANDARD). These allow for a better distinction of data centers and provide comparability regarding the availability and the protection qualities on four levels (TSI Level 1 - 4).
This results either in a TSI.EN50600 or TSI.STANDARD certificate, which has been established for years. Based on the previously mentioned criteria catalogs, TÜViT evaluates data centers on conformity to requirements in various disciplines:
- Environment (ENV)
- Construction (CON)
- Fire protection, alarm and extinguishing systems (FIR)
- Security systems and organization (SEC)
- Cabling (CAB)
- Power supply (POW)
- Air conditioning and ventilation (ACV)
- Organization (ORG)
- Documentation (DOC)
- Dual Site Data Center (DDC) (only for TSI.STANDARD)
Whitepaper Download: Data Center Certification
Our free white paper focuses on the topic of certification, examines the various data center standards and discusses the certification process and benefits.
Download with restricted access
TSI.STANDARD and TSI.EN50600 in comparison
| TSI.STANDARD | TSI.EN50600 |
|---|---|
| Established in the German-speaking region since 2002 | Based on a European standard |
| Classification in four distinct levels | Classification in a combination of four availability classes, four protection classes, and three granularity levels |
| Comprehensive investigation, in order to give operators the greatest possible security | Streamlined process |
| Detailed specifications | Abstract specifications in some areas |
| Conclusive audit report | Results report for certification decision |
| Certification of dual site data centers | Not possible |
| Unambigous specification of requirements in order to ensure clear comparability | Risk analysis affects the implementation of requirement criteria |
Data center: relevant standards
With regard to certifications of data centers, there is a fundamental differentiation between security from a physical, IT-technical and organizational point of view. Figuratively speaking, it is possible to compare the different security levels to a house. In this metaphor, management standards such as EN ISO 9001 and ISO/IEC 27001 present the roof of the house, while the technical inspections, such as TSI, form the foundation. In addition, there are the so-called “Common Criteria“ (ISO/IEC 15408) concerning the building structure (a floor of the house).
But data center operators hardly come into contact with these inspections, since among other things, Common Criteria concern operating systems, firewalls, encryption software or hardware. Here, the manufacturers of these products rather must ensure that the respective installations are accurate with regard to security. In addition, for providers of colocation and cloud infrastructure the ISO/IEC 20000 is applied as well, covering the IT service management. The physical security is covered, for instance, by TSI (Trusted Site Infrastructure).
Overview of our evaluation and certification process
- workshop (optional): create uniform understanding of the requirements, orientation within the criteria catalogues, preparations needed for certification, brief assessment of existing data center, specification of the target level
- review of documentation (security concept, design descriptions and explanatory reports, plans and schemes, etc.)
- certification audit to inspect the planned and implemented infrastructure measures
- preparation of a conclusive and detailed certification report
- certificate award if document review and site inspection has been passed successfully
- re-certification: prior to the expiry of the certificate after 24 months for a complete certificate renewal process
Your benefits at a glance
- security during the contract award process for the planning of a new data center
- minimizing risks and downtime by identifying vulnerabilities
- competitive advantages from reliable proof of trust: the certificate documents particularly extensive and systematic security measures
- proof of trust to supervising institutions and insurance companies, and proof for internal audit purposes
- positive risk assessment by insurance companies
- comprehensive team of over 25 excellently trained and experienced auditors and technical experts
- examination of all disciplines (power supply, mechanical systems, etc.) by an interdisciplinary team of experts
- audit and certification by the market leader
- added value through high profile and high market acceptance
