Skip to content

SQ - discovered, explained

Security Qualification (SQ)

Certified IT security with certificate

With the Security Qualification (SQ), TÜVIT offers a standardised and flexible certification procedure that enables a holistic view of products and networked system solutions in accordance with the cyber security requirements of the EU.

What is the Security Qualification (SQ)?

TÜVIT has developed the Security Qualification (Sicherheitstechnische Qualifizierung, SQ) procedure for the testing and certification of complex IT systems and IT products. All available best-practice test procedures from our many years of experience have been incorporated into this procedure. The SQ was included as a standardised procedure in TÜVIT's Trusted Certification Programme as

  • Trusted Site Security (TSS) for IT systems and
  • Trusted Product Security (TPS) for IT products.

The SQ certification procedure offers much greater flexibility than simply working through checklists. This means that it can be used for very different applications, from relatively simple individual products to highly complex networked systems.

The range extends across all technologies from simple software components to appliance solutions or web applications through to distributed systems.

Special features of SQ

  • The certificate certifies the high safety level and quality of your products and systems to customers and partners
  • Proof of the requirements/standards defined by the EU (CENELEC) for compliance with various laws such as NIS-2, CRA or RED
  • Not only testing of the product, but also of the relevant processes
  • Comprehensive risk analysis as part of the certification

The benefits of Security Qualification (SQ) at a glance

  • Risk minimisation and cost efficiency through regular testing to eliminate vulnerabilities
  • Confidence-building and competitive advantage: with a certificate from TÜVIT, you certify the high security level and quality of your products and systems to customers and partners
  • Proof of trust for internal auditors and external supervisory authorities
  • 4-eyes principle, as our test reports are approved by the certification body

We will support you – no matter what

Get started at last!

We advise you


TÜV NORD IT Secure Communication I Berlin
Goal achieved?

We check that


TÜV Informationstechnik I Essen

Frequently Asked Questions (FAQ)

What you need to know about Security Qualification (SQ)

To determine the security-related properties of IT systems, TÜVIT has developed test criteria that are appropriately tailored to the system to be certified.

Test criteria for IT systems

  • Technical security requirements
  • Architecture and design
  • Installation and operation
  • Vulnerability analyses and penetration tests
  • change management

TÜVIT has developed test criteria to determine the security-related properties of IT products, which are customised in an appropriate manner to the product to be certified.

Test criteria for IT products

  • Technical security requirements
  • Architecture and design
  • Development process
  • Installation and operation
  • Operating specifications
  • Vulnerability analyses and penetration tests
  • Change management

  • The subject matter of the certification is defined in a kick-off workshop. In addition, the technical security requirements are defined in collaboration with our IT security experts and subsequently approved by the certification body. The technical security requirements form the basis for the test plan and are confirmed by TÜVIT with the certificate once the certification process has been completed.
  • The technical security requirements are tested as part of penetration tests and vulnerability analyses, depending on the selected Security Assurance Level (SEAL).
  • The test results are evaluated in a risk analysis and documented in a meaningful test report.
  • Certificates are issued upon fulfilment of all technical security requirements and SQ test criteria and, on request, the test mark is published on the TÜVIT website.