TSI - the de facto standard for data centers

Trusted Site Infrastructure (TSI) – The Method for the Certification of Data Centers

Trusted Site Infrastructure (TSI), established in 2001, is a methodology for evaluation and certification of the physical security and availability of data centers. The basis of our method lies on the TSI.STANDARD criteria catalog developed by TÜVIT.

With its different assessment areas, this takes a holistic approach that focuses on both the physical infrastructure as well as organizational processes and documentation of your data center. The goal is to optimally secure your data center by implementing and fulfilling the various planning, organizational and technical requirements, thus ensuring the highest possible availability.
  

  Proven availability & security

With a TSI certificate, you prove that your data center has particularly comprehensive & systematic security measures.  
  

  On the secure side of things

By identifying vulnerabilities, you reduce the risk of high correction costs, availability restrictions or even downtime of your data center. 

  Comprehensive performance thanks our TSI.ECOSYSTEM

Everything from a single source: From training & workshops to planning assessments & commissioning to the successful certification of your data center.
 

Trusted Site Infrastructure (TSI) – Die Zertifizierungsmethodik für Rechenzentren Trusted Site Infrastructure (TSI) – Die Zertifizierungsmethodik für Rechenzentren Trusted Site Infrastructure (TSI) – Die Zertifizierungsmethodik für Rechenzentren Trusted Site Infrastructure (TSI) – Die Zertifizierungsmethodik für Rechenzentren

TSI.STANDARD: Evaluation & Certification Basis

The basis for testing and certification is the TSI.STANDARD criteria catalog. This is based on the recommended measures of the “IT-Grundschutz”, basic IT protection standard of the German Federal Office for Information Security (BSI), and takes into account the relevant DIN; EN and ISO standards - in particular DIN EN 50600 & ISO/IEC 22237 - but also VDE regulations and VdS publications. The TSI.STANDARD has been continuously developed since 2001 with the aim of always reflecting the state of the art and standards. In addition, it takes into account the findings from the day-to-day practice of over 1750 projects in the sense of "best practices".

Since 2016, the TSI.STANDARD has also verifiably covered the requirements of the DIN EN 50600 in full. The EN 50600 requirements can optionally be added to the scope, making it possible to achieve two certificates, TSI and EN 50600, for data center operators.

With the publication of V4.5, an ISO/IEC 22237 specific supplementary assessment is also possible. Conformity to the three published parts of the standard (ISO/IEC 22237-1/ -3/ -4) is confirmed by means of an additional certificate.

The TSI.STANDARD is currently available in version V4.5 dated 01.07.2023 and replaces the previous version V4.4 dated 01.01.2023.
 

Your benefits at a glance

Benefits TSI: Proof of physical security & availability Benefits TSI: Proof of physical security & availability Benefits TSI: Proof of physical security & availability Benefits TSI: Proof of physical security & availability

Proof of physical security & availability
The TSI certificate proves the extensive & systematic security measures of your data center.
 

Protection against financial & reputational losses
Through an audit & certification, you prevent failures - and the associated economic & image damage.

Identification of vulnerabilities
With the TSI methodology, you can identify possible weak points in your data center and potential for optimization at an early stage.
 

Minimization of risks & downtimes
By uncovering vulnerabilities, you reduce the risk of availability restrictions or downtime and discover potential optimization measures.
 

Competitive advantages through proof of trust
With a TSI certificate, you secure decisive competitive advantages and stand out from the competition.
 

Positive risk assessment
A TSI certificate leads to a positive risk assessment with insurers & influences the amount of the premium.
 

Trust with customers & business partners
With a TSI certificate you strengthen the confidence of your (potential) customers & business partners into your business.
 

Continuous improvement
With a certification according to the TSI methodology, you engage in a continuous improvement process and therefore always strive to be better.
 

Our services for designers, general contractors and operators of data centers


Training

Provides the fundamentals of data center design, construction and operation with respect to physical security & availability.

Learn more


Workshop

Project-specific preparation for a Trusted Site Infrastructure (TSI) exam or certification.

Learn more


Site Evaluation

Ensure an optimal starting point for the data center being planned.

Learn more


Design Assessment

Supporting the planning & conceptual design of your data center.

Learn more


Commissioning

Quality assurance during the commissioning of your data center & performance of integration tests.

Learn more


Certification

Certification according to Trusted Site Infrastructure (TSI) and optionally EN 50600.

Learn more


Conformity Asssessment

Systematic identification of all potential risks and weaknesses of your data center.

Learn more

The assessment areas of the TSI.STANDARD criteria catalog

The criteria catalog is divided into nine thematically separated evaluation areas. These are in detail:

ENV: Environment 
  

CON: Construction
  

FIR: Fire Protection & Extinguishing Systems
  

SEC: Security Systems & Organization
  

CAB: Cabling
  

POW: Power Supply
  

ACV: Air Conditioning & Ventilation
  

ORG: Organization
  

DOC: Documentation
  

 

Optionally, there are three further evaluation areas that lead to supplementary test statements and, if necessary, also to further certificates.

 

DDC: Dual Site Data Center  

The DDC assessment area allows an availability statement to be made when two equivalent data centers are operated as a network.
 

EFF: Energy Efficiency

The EFF assessment area adds an energy efficiency statement to the TSI certificate.

PoC: Proof of Concept

The PoC assessment area includes requirements for a complementary process to prequalify standardized modular data center designs.

The TSI Levels in overview

The TSI.STANDARD certification allows a clear classification of the data centers into four different levels, which classifies the quality of the supply systems as well as all other elements:


Level 1: Medium protection requirement / Medium availability

Functional basic supply to ensure the operating conditions of IT server rooms taking into account access & fire protection


Level 2: Extended protection requirement / Extended availability

Securing the supply through redundancies, consideration of environmental hazards for IT, access security and fire protection


Level 3: High protection requirement / high availability

No single point of failure (SPoF) of active components in the supply, increased burglary resistance, protection of supply lines, fire control, monitoring of states


Level 4: Very high protection requirement / maximum availability

Dedicated data center building, apron protection, maintenance tolerances

The concept: Comply or Explain


The high level of expertise of our auditors allows us to proceed according to the "comply or explain" principle, which offers greater flexibility than the pure application of checklists. This means that a criterion does not necessarily have to be implemented according to the measure described, but that an operator is sometimes just as well positioned with alternative solutions or even solves a particular challenge better. "Comply or Explain" in this case means that special solutions can also be evaluated positively if they are just as effective and reliable.

Your way to the TSI Certificate

1. 

Workshop (optional)

Preparation for a potential certification according to the TSI.STANDARD. 

2. 

Documentation Analysis

Our experts evaluate your security concept in accordance to the requirements defined in the TSI.STANDARD.

3. 

On-Site Audit

The document review is followed by an on-site audit of the planned & implemented infrastructure measures in your data center.

4. 

Assessment Report

An assessment report that compiles, in a detailed manner, the results of the documentation analysis and the on-site audit. 

5. 

Certificate

A certificate is issued to data centers that fulfill the requirements defined in the TSI.STANDARD. The certificate is valid for a period of 2 years.

Are you interested in an evaluation or certification according to TSI methodology?

An extract of our references

Frequently Asked Questions (FAQ):

  

Who is the target group of the TSI.STANDARD?

The TSI.STANDARD is primarily aimed at operators and users of enterprise and colocation data centers. However, they also serve as an orientation and planning basis for designers. The TSI.STANDARD is often referred to in tenders and is therefore binding. Depending on the defined level (Level 1 - 4), it describes precise requirements for data center infrastructures and thus provides a target scope.

How do I receive the TSI.STANDARD criteria catalog?

For reasons of transparency, the TSI.STANDARD is handed out to existing customers free of charge as part of projects. Our TSI.PARTNERS and TSI.PROFESSIONALs are also provided with a digital copy of the criteria catalog.

How does the TSI.STANDARD corresponds to the EN 50600?

Since 2016, conformity to EN 50600 can also be tested and confirmed with the TSI.STANDARD. The EN 50600 was completely adapted into the catalog with parts 1, 2, 3. The customer receives an additional EN 50600 certificate if the defined requirements have been met.

How long is a certificate valid?

A TSI certificate is generally valid for 24 months and can be extended for a further 24 months in each case as part of a re-certification process. Surveillance audits are not required.

Does the TSI.STANDARD cover energy efficiency requirements?

On the one hand, the granularity level for energy efficiency capability can be determined with the EN 50600 specific requirements.

Furthermore, the customer can obtain an additional award, in which the standard-compliant PUE value according to Part 4-2 is confirmed and this is < 1.5 on an annual average. The certificate receives an additional "PUE stamp" if this value is achieved.

For a comprehensive evaluation of energy and resource efficiency, we recommend our maturity certification program according to the new TSE.STANDARD.

Can I certify a dual site data centers?

With the optional assessment aspect DDC (Dual Site Data Center), data center networks can also be tested and certified. The customer would receive an additional dual site data center certificate. The highest possible award is the "DDC Level 4 extended".

Why we are a strong partner for you

Independence

Our employees are not subject to any conflicts of interest, as they are not committed to any product suppliers, system integrators, stakeholders, interest groups or government agencies.

Expertise

Our experts have many years of experience in evaluation and certification of data centers and provide competent support in every area of infrastructure.

International network of experts

Around the globe: We support you both nationally and internationally. Our global network of experts is ready to help you in word and deed in all IT security issues.

Industry experience

Due to many years of experience in different branches of industry we can serve companies from a wide range of industries.

Tailor-made for you

We focus on individual services - and solutions - that optimally fit your current company situation and your set goals.
You have questions? We are pleased to help!

Mario Lukas

Senior Account Manager Data Center

+49 201 8999-567
m.lukas@tuvit.de

Further services