SQ - discovered, explained

Security Qualification (SQ)

Certified IT security with certificate

With the Security Qualification (SQ), TÜVIT offers a standardised and flexible certification procedure that enables a holistic view of products and networked system solutions in accordance with the cyber security requirements of the EU.

What is the Security Qualification (SQ)?

TÜVIT has developed the Security Qualification (Sicherheitstechnische Qualifizierung, SQ) procedure for the testing and certification of complex IT systems and IT products. All available best-practice test procedures from our many years of experience have been incorporated into this procedure. The SQ was included as a standardised procedure in TÜVIT's Trusted Certification Programme as

Trusted Site Security (TSS) for IT systems and
Trusted Product Security (TPS) for IT products.

The SQ certification procedure offers much greater flexibility than simply working through checklists. This means that it can be used for very different applications, from relatively simple individual products to highly complex networked systems.

The range extends across all technologies from simple software components to appliance solutions or web applications through to distributed systems.

Special features of SQ

The certificate certifies the high safety level and quality of your products and systems to customers and partners
Proof of the requirements/standards defined by the EU (CENELEC) for compliance with various laws such as NIS-2, CRA or RED
Not only testing of the product, but also of the relevant processes
Comprehensive risk analysis as part of the certification

The benefits of Security Qualification (SQ) at a glance

Risk minimisation and cost efficiency through regular testing to eliminate vulnerabilities
Confidence-building and competitive advantage: with a certificate from TÜVIT, you certify the high security level and quality of your products and systems to customers and partners
Proof of trust for internal auditors and external supervisory authorities
4-eyes principle, as our test reports are approved by the certification body

We will support you – no matter what

Get started at last!

We advise you

TÜV NORD IT Secure Communication I Berlin

To the consulting services Contact us

Goal achieved?

We check that

TÜV Informationstechnik I Essen

To the test offers Contact us

Frequently Asked Questions (FAQ)

What you need to know about Security Qualification (SQ)

To determine the security-related properties of IT systems, TÜVIT has developed test criteria that are appropriately tailored to the system to be certified.

Test criteria for IT systems

Technical security requirements
Architecture and design
Installation and operation
Vulnerability analyses and penetration tests
change management

TÜVIT has developed test criteria to determine the security-related properties of IT products, which are customised in an appropriate manner to the product to be certified.

Test criteria for IT products

Technical security requirements
Architecture and design
Development process
Installation and operation
Operating specifications
Vulnerability analyses and penetration tests
Change management

The subject matter of the certification is defined in a kick-off workshop. In addition, the technical security requirements are defined in collaboration with our IT security experts and subsequently approved by the certification body. The technical security requirements form the basis for the test plan and are confirmed by TÜVIT with the certificate once the certification process has been completed.
The technical security requirements are tested as part of penetration tests and vulnerability analyses, depending on the selected Security Assurance Level (SEAL).
The test results are evaluated in a risk analysis and documented in a meaningful test report.
Certificates are issued upon fulfilment of all technical security requirements and SQ test criteria and, on request, the test mark is published on the TÜVIT website.