Skip to content

Protection & Integrity

Information Security

Information is an essential component of economic success. TÜV NORD supports systematic security – for trusting business relationships.

Großaufnahme zweier Hände, die auf einer schwarzen PC-Tastatur tippen.

Systematically securing sensitive information

Data structures are becoming increasingly complex, cyber threats are on the rise and legal requirements are increasing. Against this backdrop, how can the confidentiality, integrity and availability of sensitive information be systematically safeguarded?

TÜV NORD supports organisations in all sectors with comprehensive services in the areas of information security, cyber security and physical security - from auditing and certification in accordance with international standards such as ISO 27001, TISAX® or EN 50600 to a wide range of seminars and the assessment of data centres, critical infrastructures and security concepts.

With our neutral expertise, we help companies to manage digital risks and secure trusting business relationships in the long term.

Information security: All services

C
C-ITS
TÜV NORD offers comprehensive support for the testing and certification of C-ITS solutions to ensure IT security in vehicle networking. Our services ensure compliance with the European Commission's security requirements for trustworthy Car2X communication.
Certification of data centers according to TSI, EN 50600, or ISO/IEC 22237
The certification of data centers according to TSI, EN 50600, or ISO/IEC 22237 by TÜV NORD guarantees availability, security, and resilience. Since 2002, over 1,000 projects have been successfully completed, making certified data centers a reliable benchmark in Germany and internationally and creating trust among third-party users.
Certification of security requirements in accordance with IEC 62443-2-1 and -2-4
The IEC 62443 standard provides an internationally recognized standard for network security in the process and automation industry, which is increasingly used in Industry 4.0. It helps prevent cyberattacks and serves as proof of due diligence in accordance with the Industrial Safety Regulation and Product Safety Act.
Certification of technical control centers according to TSA.STANDARD
The certification of alarm receiving centers and technical control centers in accordance with TSA.STANDARD or EN 50518 by TÜV NORD guarantees maximum reliability. It provides objective proof of the effective implementation of technical, operational, and organizational requirements, including process control and plant monitoring centers, for precise control and monitoring.
Commissioning of data centers
TÜV NORD's commissioning of data centers includes integration tests that ensure the proper functioning of critical infrastructure such as power supply, climate control, and security systems. As a neutral third party, TÜV NORD provides quality assurance to ensure trouble-free operation and verify system interactions.
Conformity assessment and GAP analysis of alarm receiving centers and technical control centers
TÜV NORD's conformity assessment and GAP analysis of alarm receiving centers and technical control centers identifies risks and potential for improvement. It provides a snapshot of the current level of security and optimally prepares you for certification according to EN 50518 or TSA.STANDARD.
Conformity assessment of data centers
TÜV NORD's conformity assessment of data centers ensures physical security and availability through standards such as TSI, EN 50600, and ISO/IEC 22237. These provide comprehensive requirements definitions for power supply, climate control, building construction, and security systems, enabling companies to demand quality guarantees from colocation providers.
D To top
Design Assesment of data centers
TÜV NORD's planning assessment of data centers ensures compliance with standards such as TSI.STANDARD, EN 50600, and ISO/IEC 22237. Early review of the draft design allows for corrections to be made in the event of deviations, ensuring high availability classes and optimal structural and technical measures.
Document management systems: Examination & certification PK-DML
TÜV NORD offers testing and certification of document management systems (DML) to ensure audit-proof archiving. We examine technical and organizational aspects to meet legal requirements such as unalterable archiving and process traceability.
E To top
eID, trust services & PKI – testing & certification
TÜV NORD offers testing and certification for trust service providers (TSPs) in accordance with the eIDAS Regulation, ETSI, and CEN standards. These services ensure compliance with legal requirements and enable inclusion in the EU Trusted Service List.
eIDAS (electronic registration and delivery services)
TÜV NORD supports providers of electronic registration and delivery services in achieving eIDAS compliance in order to be listed on the EU Trusted List. We offer preliminary tests, conformity assessments, and recertifications, as well as workshops and training courses on eIDAS and ETSI to meet the requirements of the eIDAS Regulation and national laws.
eIDAS (electronic seals)
TÜV NORD supports trust service providers for electronic seals in complying with the eIDAS Regulation in order to be included in the EU Trusted List. We offer testing, conformity assessments, and recertification, as well as workshops and eIDAS.PROFESSIONAL training courses to ensure optimal implementation of the legally required requirements.
eIDAS (electronic time stamps)
TÜV NORD supports qualified trust service providers in ensuring the legal certainty of documents through electronic time stamps. We offer audits, conformity assessments, and recertifications to enable inclusion in the EU Trusted List. Workshops and eIDAS.PROFESSIONAL training courses provide optimal preparation for certification.
eIDAS (remote signatures and seals)
TÜV NORD supports providers of remote signatures and seals in complying with the eIDAS Regulation in order to be listed as a qualified trust service provider. We offer comprehensive testing, conformity assessments, and recertification, as well as workshops and eIDAS.PROFESSIONAL training courses to make paperless signature processes secure and user-friendly.
eIDAS (trust service components)
TÜV NORD supports you in ensuring the eIDAS compliance of your trust service component by conducting tests in accordance with eIDAS and ETSI, preparing a compliance report, and assisting with certification. We help you set up a secure IT infrastructure and offer workshops and eIDAS.PROFESSIONAL training courses for comprehensive insights.
eIDAS.PROFESSIONAL Training
The eIDAS.PROFESSIONAL training course from TÜV NORD provides comprehensive knowledge of the eIDAS Regulation 910/2014, ETSI standards, and trust services. It optimally prepares participants for the examination aspects of the eIDAS conformity assessment.
Electronic archives & storage services: Auditing & certification of your trust service
TÜV NORD supports qualified trust service providers in the long-term storage of signed documents in accordance with the eIDAS Regulation. We offer testing and conformity assessments to ensure the legal validity of signatures and seals and enable inclusion in the EU Trusted List. Recertifications verify compliance with current standards and laws.
Electronic identification (eID): The basis for trustworthy communication
TÜV NORD supports identity providers in complying with the eIDAS Regulation for electronic identification solutions. We offer workshops to prepare for audits and notification, perform GAP analyses for security assessment, and certify the achieved security level after document review and audit.
EN 50600 (DC)
The European standard EN 50600 provides comprehensive guidelines for the planning, construction, and operation of data centers, focusing on power supply, air conditioning, and security infrastructure. TÜV NORD experts support you in designing your data center to be future-proof and state-of-the-art.
ENX Vehicle Cybersecurity
The ENX Association's Vehicle Cybersecurity (VCS) audit program focuses on standardized audits for cybersecurity management systems in the automotive sector, based on ISO/PAS 5112 and ISO/SAE 21434, and offers certification via the ENX platform upon successful testing by providers such as TÜV NORD.
I To top
ISO 20000-1
ISO 20000-1 certification confirms that a company can effectively plan, implement, and improve IT processes and meets international standards for a service management system (SMS), which ensures reliability, functionality, and security in IT-supported supply chains.
ISO 22301 - Business Continuity Management System (BCMS)
The ISO 22301 standard for business continuity management systems (BCMS) helps companies ensure business continuity in the event of critical incidents such as natural disasters or IT failures. TÜV NORD CERT offers certification to ensure proactive measures and testing procedures for crisis management.
ISO 27001 Certification
The ISO/IEC 27001 standard defines criteria for an effective information security management system (ISMS) that ensures the confidentiality, integrity, and availability of data. TÜV NORD offers customized audits for certification to ensure trust and continuous improvement.
ISO 27701 Certification
ISO 27701 extends ISO 27001 to include data protection aspects by ensuring the privacy of others is protected. TÜV NORD has been accredited since 2022 to certify companies to both ISO 27001 and ISO 27701 and offers comprehensive information security and data protection solutions.
ISO/IEC 22237
The international standard ISO/IEC 22237 provides comprehensive guidance on the planning, construction, and operation of data centers to ensure their physical security and availability. TÜV NORD experts support you in planning, operating, or expanding your data center in a future-proof manner in line with the latest state of the art.
ISO/SAE 21434 Certification
The ISO/SAE 21434 standard addresses cybersecurity in the automotive industry by defining process-oriented security requirements for electrical and electronic systems throughout the entire vehicle lifecycle to ensure protection against cyberattacks.
IT security catalog in accordance with Section 11 (1a) of the Energy Industry Act
As part of critical infrastructure, the energy sector must introduce and certify an ISMS in accordance with ISO 27001, as stipulated in the IT security catalog of the Federal Network Agency (BNetzA). TÜV NORD offers support and certification to ensure the security and reliability of networks.
IT security catalog in accordance with Section 11 (1b) of the Energy Industry Act
Energy generation plants must take security measures against threats to ICT in accordance with Section 11 (1b) of the German Energy Industry Act (EnWG). The expanded IT security catalog of the Federal Network Agency (BNetzA) requires certification by accredited bodies such as TÜV NORD to ensure secure network operation.
K To top
KRITIS and the IT Security Act
The IT Security Act 2.0 extends the protection of critical infrastructures (KRITIS) to include municipal waste disposal and companies of particular public interest. It lowers thresholds to oblige more organizations to increase their IT security, especially those that serve more than 500,000 people.
L To top
Location assessment of data centers
The location assessment for data centers is crucial for security. Early identification and mitigation of risks such as water, explosions, and hazardous substances are essential. The location influences the level of security, whereby potential hazards and traffic routes must be taken into account to ensure optimal conditions.
P To top
Planning evaluation of alarm receiving centers and technical control centers
In the planning assessment of alarm receiving centers and technical control centers, TÜV NORD supports companies, operators, and planners in integrating the requirements of EN 50518 from the outset. This ensures physical security and availability, avoids costly replanning, and ensures compliance with recognized standards.
Q To top
QSCD
TÜV NORD offers comprehensive support for the testing and certification of qualified signature and seal creation devices (QSCDs) in accordance with the eIDAS Regulation. As an accredited and designated body, we carry out security assessments in accordance with Common Criteria or our own processes to enable inclusion in the EU list of certified QSCDs.
Qualified Website Certificates & Authentication: Verification & Certification of Your Trust Service
TÜV NORD supports the establishment of a qualified trust service for website authentication in accordance with the eIDAS Regulation. We offer testing, conformity assessments, and recertification, as well as workshops and eIDAS.PROFESSIONAL training courses. Strengthen your customers' trust with tested certificates and the highest security standards.
Quality Gates & Construction guidance for Data Centers
TÜV NORD offers effective construction supervision to ensure the conformity and certifiability of high-availability data centers. Up to five on-site appointments during the construction phase allow deviations to be identified and corrected at an early stage, based on standards such as TSI.STANDARD, EN 50600, and ISO/IEC 22237, in order to avoid high costs for subsequent changes.
T To top
TISAX®
TISAX® is a testing procedure for information security in the automotive industry based on ISO 27001. It uses the VDA-ISA catalog to evaluate ISMS. Successful tests, such as those conducted by TÜV NORD, result in the issuance of a TISAX® label, which is recognized by VDA members and manufacturers such as Audi and BMW.
TSA.STANDARD: Physical protection of alarm receiving centers/technical control centers
The TSA.STANDARD from TÜV NORD is a comprehensive catalog of criteria for the certification of alarm receiving centers and technical control centers, based on DIN EN 50518. It ensures physical security and reliability, supplemented by additional features for functional safety. Continuous further development ensures conformity with the current state of the art.
TSE.STANDARD: Energy efficiency & sustainability in data centers
The TSE.STANDARD from TÜV NORD supports data centers in implementing energy efficiency and sustainability in accordance with the Climate Neutral Data Center Pact and the Energy Efficiency Act. It offers a modular system for compliance with EU directives and ISO 50001:2018 to demonstrate CO2 neutrality and sustainable operation.
TSI.PROFESSIONAL Training
The TSI.PROFESSIONAL training course from TÜV NORD offers comprehensive insights into the planning, construction, and operation of data centers, based on the TSI methodology and the TSI.STANDARD. It covers physical security, availability, and energy efficiency, based on BSI IT-Grundschutz and standards such as DIN EN 50600.
TSI.STANDARD: Availability & Physical Protection of Data Centers
TSI.STANDARD is a methodology developed by TÜV NORD for evaluating and certifying the physical security and availability of data centers. It offers a holistic approach that takes into account the physical infrastructure, organizational processes, and documentation to ensure high availability and security of the infrastructure.
V To top
Validation services for electronic signatures, seals, and time stamps: verification and certification of your trust service
TÜV NORD supports trust service providers for validation services in complying with the eIDAS Regulation in order to be included in the EU Trusted List. We offer preliminary assessments, conformity assessments, and recertifications, as well as workshops and eIDAS.PROFESSIONAL training courses to ensure that paperless documentation is secure and compliant.
W To top
Workshops for alarm receiving centers and technical control centers
The workshop for alarm receiving centers and technical control centers provides knowledge on assessment and certification in accordance with EN 50518 and TSA.STANDARD. It introduces the TSA methodology, explains requirements and test procedures, and offers an assessment of certifiability as well as space for project-specific questions.
Workshops for Data Centers
The workshop provides an overview of security standards for data centers based on TSI.STANDARD, EN 50600, and ISO/IEC 22237. Participants receive an assessment of certifiability, clarify project-specific questions, and learn details about test procedures and requirements.

Current information worth knowing about Information Security

Ein Raum voller Server mit blauen Lichtern und einem gepflasterten Boden.
20/03/2025
Well prepared against sabotage and natural disasters
Article
Information security
Crisis and risk management
Quality management
#explore
Read the full article
Zwei Männer arbeiten konzentriert an einem technischen Gerät in einem TÜV Nord Prüflabor mit Absorptionspyramiden im Hintergrund.
13/03/2025
Life Simplifiers in the Testing Laboratory
Interview
Cyber security
Elektromobility
Information security
#explore
Read the full article
Eine Hand hält ein Smartphone mit einer Smart-Home-App, die Beleuchtungssteuerung für das Wohnzimmer anzeigt. Im Hintergrund ist ein gemütliches Wohnzimmer zu sehen.
13/03/2025
Ten tips for saving energy
Article
Digitization and innovation
Energy efficiency
Information security
Smart Home
#explore
Read the full article
TÜVIT

Shaping digitalization securely

"IT security forms the backbone of successful digitalisation. We are convinced of this. As a knowledge company, we pave the way for this and provide a neutral view of the effectiveness of implementation. This builds trust."

Dirk Kretzschmar
CEO TÜVIT

About TÜVIT

Compact knowledge

We offer you in-depth expert knowledge on the subject of information security from the fields of training, technology, management and much more. Discover trends, tips and background information - presented in an understandable way for your everyday working life.

To the world of information security & cyber security