NISG and EN 50600
Smart compliance for data centres
Legal certainty plays a major role for every company in Austria. However, data centres in their prominent role as critical infrastructure are even more affected by this if they fall under the NIS Act and actually house critical infrastructure on site (Austrian Network and Information System Security Act based on the corresponding EU directive). How do you ensure compliance here?
NIS Act and EN 50600
At present, statements can only be made with regard to the original version of the NIS Act dated 28 December 2018 and the associated ordinance currently in force. There are currently no relevant publications regarding the NIS 2 Act expected in October 2024.
However, the NIS Fact Sheet 9/2022 published by the Federal Chancellery and the Federal Ministry of the Interior on the currently valid NIS Act refers to EN 50600 for data centre facilities and infrastructures with regard to measures. Conformity with the requirements of EN 50600 can therefore also provide security with regard to compliance with the NISG.
Outlook NIS 2 Act
It can be assumed that, generally speaking, the security requirements for achieving compliance with the NIS 2 Act will be extended. From today's perspective, however, no significant change or concretisation is to be expected for the requirements in the sub-area of the basic data centre infrastructure.
Two birds with one stone
This means that by implementing the requirements from EN 50600, compliance with the NISG can probably also be established for this relevant sub-area in the future. EN 50600 certification provides good proof of this. We will be happy to answer any further questions you may have.
Further information on EN 50600 for data centres
- System certification EN 50600
- CIS is the first inspection body for EN 50600
- New developments on EN 50600 (German)