Secure Your Business

from implementaion to certification:
the project phases


The certification process for Data Centers, aligned with ANSI/TIA 942 or EN 50600, is broken down into the project phases described below. This procedure is also valid for IT service management acc. to ISO/IEC 20000, for information security acc. to ISO/IEC 27001 as well as for integrated management systems with combined audits.




Information: An initial interview with CIS furnishes details about the certification process.
This is followed by registration and project planning.


Analysis: Evaluation of the individual requirements and assessment of existing measures

within the scope. CIS as an independant Certification Body is not involved here.


Implementation: Establishing measures according to the requirements placed by the standard.
CIS as an independant Certification Body is not involved here.



CIS Stage Review (voluntary): Upon request, CIS reviews the conformance and usefullness of the implemented elements during the project.


CIS System & Risk Review (preliminary): CIS reviews interpretation of the requirements placed by the standard as well as the extent of the available documentation. Deficiencies and opportunities for improvement will be laid down in a report. Thus you are optimally prepared for the Certification Audit.


CIS Certification Audit: The CIS Auditor reviews the system by making multiple samples in all defined areas of the data center infrastructure. The audit report shows the appropriate rating and opportunities for improvement.



CIS Licence: By obtaining the “Certificate Issuance & Right to Use Licence”, you obtain the Attestation of Conformity, which will be valid for three years – the CIS Certificate, which makes the quality and security of the data center processes visible even to your customers.


CIS Surveillance Audit: The Surveillance Audit, which is conducted once a year, is focused on certain portions of the scope. The auditors check those areas where major changes have been realized and also review, if weaknesses according to the last audit report have been removed.


CIS Recertification Audit: After 3 years, the Certificate, which has expired, can be renewed.

CIS - Certification & Information Security Services GmbH T +43 (0)1 532 98 90 office@cis-cert.com