Data Center audit / TVRA


How secure and efficient is your data center?


Can you check and certify the operational security of your IT system?


Our Threat, Vulnerability & Risk Analysis (TVRA) is tailor-made for our clients.


The operational security of data centers and server rooms is becoming increasingly important with the increasing digitization. Banks and insurance companies gear their entire granting of credits and premiums to the security and availability of the IT landscape. Customers operate their trading platforms in "secure data centers". With CLOUD Computing, the user demands even more that his data is actually protected and secure.


Audits from CPI support business and IT management in evaluating their own IT or the external operators of their data centers. Our experts check all relevant criteria for safety and efficiency: energy consumption, technical infrastructure, structural aspects and service processes and much more.


Take advantage of our service and have the operational safety of your data center certified by our partner TÜV after passing the audit. 


Your advantages at a glance:


  • With the examination of the operational security of your data center by CPI's specialists, you have a competent contact person during the entire project phase, who looks at and ensures the required services from an independent position.
  • They permanently consider the criteria of a possible future certification.
  • With the final audit report, you provide a level of availability and a recommendation to the certifying body.
  • They create trust with customers and partners through a recognised test seal.
  • You provide banks, auditors and other supervisory bodies with the necessary proof of safety and furnish proof of this to them.
  • They reduce the probability of failure and susceptibility of your data center and at the same time improve efficiency by reducing operating costs. 



Through our Data Center Audit, you, as the operator of data centers and server rooms, gain insight into your IT. The operation of data centers requires a high level of resources, especially energy and cooling capacity. In addition, a data center must constantly and flexibly adapt to the changing requirements and the growth of the company's business units in order to ensure the required availability.


The optimization in the data center is based on a solid analysis of the current conditions. For this purpose, all relevant parameters with regard to construction technology, air conditioning, energy supply and safety must be recorded and evaluated. On this basis, it is possible to determine which measures are to be implemented for effective optimization. We use vulnerability analyses to provide you with an overview of appropriate availability. Energy savings and an improvement of your profitability are in the foreground. Let us determine for you to what extent hidden potentials for measurable and logable energy savings are available and how the energy efficiency in your data center or server room can be optimized.


Together with you, we analyse the requirements situation, processes, IT, TC and security problems, discuss the future issues of your company and develop a basic concept that fits your corporate strategy. Above all, this ensures the economic viability of the concept against the backdrop of investment security. 


Services for you:

  • budget cost calculation
  • Objective investment decisions
  • Planning security for the future
  • liability minimization
  • Increased operational safety
  • Lower operating costs


The certificate is awarded in different availability classes from Step 1 - Step 4 


Step 1: Average protection requirement (corresponds to the infrastructure requirements of the BSI basic protection catalogues)

Step 2: Extended protection requirements (with additional requirements for the above-mentioned evaluation aspects)

Step 3: High protection requirements (complete redundancy of critical supply systems - No Single Point of Failure, climatic limit value compliance according to EN 1047-2)

Step 4: Very high protection requirement (additionally pronounced access security, no adjacent hazard potential, minimal intervention times in case of alarm messages)