EN 50600 series covers various aspects of the design, construction, and operation of data centers and aim to improve the reliability and performance of information technology infrastructures. The standard addresses important issues such as energy efficiency, security, cooling, and power supply and sets out best practices and requirements in these areas.
EN 50600 guides in the following main areas:
- Infrastructure Management: Managing critical infrastructure systems such as electricity, cooling, security and telecommunications.
- Security and Access Control: Providing physical and digital security to data centers.
- Energy Efficiency: More efficient energy use and environmentally friendly solutions.
- Redundancy and Continuity: Backup solutions are required for the uninterrupted operation of systems.
- Layout and Design: Aspects to be considered in the configuration and design of the data center.
This standard plays an important role, especially for data centers that want to compete in the international market. It helps organisations run more secure, sustainable, and efficient data center operations.
Which standard is EN 50600 used in accordance with?
EN 50600 is generally used with the following standards:
- ISO/IEC 27001 (Information Security Management System): EN 50600 can be aligned with ISO/IEC 27001 to provide the infrastructure for information security in data centres. ISO/IEC 27001 defines requirements for the establishment, implementation and maintenance of information security management systems.
- ISO 50001 (Energy Management System): Energy efficiency is an important part of EN 50600. ISO 50001 specifies requirements for establishing and maintaining energy management systems. This is a standard aligned with EN 50600, which aims to ensure energy efficiency in data centres.
- ISO/IEC 20000 (Service Management): Data centres provide critical infrastructure for the delivery of IT services. ISO/IEC 20000 provides a framework for IT service management and can align data centre operations with this standard.
- EN 61508 / IEC 61508 (Functional Security): These standards specify functional security requirements for the security of critical infrastructures in data centres and can be used with EN 50600.
- LEED (Leadership in Energy and Environmental Design): This certification for environmentally friendly building design supports sustainability and energy efficiency goals in data centres in line with EN 50600.
- BREEAM (Building Research Establishment Environmental Assessment Method) is another standard for assessing and designing environmentally friendly buildings. Together with EN 50600, it promotes environmentally sound and sustainable data centre designs.
These standards and frameworks place the technical requirements and good practices set out in EN 50600 into a broader context, ensuring that data centres are safe, efficient and sustainable.
If you are not sure where to start, you can first compile the following information:
- Data Centre General Information
- Data centre type (Enterprise, Co-location, Cloud, Hybrid)
- Field of activity and customer base (e.g. banking, telecoms, e-commerce)
- Length of service of the data centre (Is it newly established or has it been operating for a long time?)
- Existing certifications (ISO 27001, ISO 22301, ISO 27017, ISO 27018 Uptime Institute Tier levels, etc.)
2. Physical and Structural Requirements
- Plant structural design and durability features
- Power infrastructure (UPS, generators, grid connections)
- Refrigeration systems and HVAC (heat, ventilation and air conditioning) management
- Fire prevention and emergency systems
- Physical security measures (biometric entry, camera monitoring, alarm systems, security personnel)
3. Telecommunication and Connection Infrastructure
- Network infrastructure and connection providers
- Redundancy levels (compliance with levels such as Tier 1, Tier 2, Tier 3, Tier 4)
- Network structure and security within the data centre (segmentation, backup lines, traffic management)
4. Operational and Operating Processes
-
- Is there a business continuity and disaster recovery plan?
- Data centre management procedures (maintenance, backup, monitoring processes)
- Power management and energy efficiency policies
- Safety audits and risk assessment
- Contracts with suppliers and third parties
5. Compliance and Regulations
-
- Declaration of compliance with legal regulations (GDPR, DPA, PCI DSS, ISO 27001 etc.)
- Previous audit reports (if any)
- Information security policies and data access controls
6. Organisational Structure and Personnel Information
-
- Team structure managing data centre operations
- Areas of responsibility and authorisation procedures
- Key personnel who will participate in the audit process (CTO, CISO, Data Centre Manager, etc.)
7. Additional Documents for the Application and Audit Process
-
- Architectural plans and technical documentation
- Internal policies and procedures (data security, access control, maintenance plans)
- Outage/downtime records and redundancy reports for the last 12 months
You can contact us at our e-mail address sales@cfecert.co.uk for our audit and training services on this subject.
