A row of white pencils with a pink pencil in the middle against a pink background

T-Systems certificates

Certified processes and services make it easier to navigate our wide range of products and services

Product quality and data security are a matter of trust

T-Systems operates data networks and processes data on behalf of its customers worldwide in its own data centers, giving absolute top priority to data protection and data security. The ICT provider therefore has its services audited regularly by independent institutes. Furthermore, the provider has its compliance with global standards accredited, for instance, through respective certifications.

T-Systems achieves top marks

Sustainable corporate management is the basis for the wide range of certificates awarded. T-Systems subsidiaries thus currently meet standards ranging from quality management, information security management, and service management requirements to environmental management, occupational safety, and health care.

Top marks for high service standards

T-Systems achieves excellent scores in surveys, for example, on customer satisfaction. In the current TRI*M study by TSN Infratest, the Deutsche Telekom subsidiary is once again among the top 10 percent of European ICT service providers.

Integrated management system at T-Systems

All activities relating to ISO management system certifications and regular reviews in accordance with international standards are managed by the DTAG Group's global Certification Management Team. T-Systems is an integral part here, which ensures that customers worldwide are aware about the high standards and can enter into a trustworthy working relationship.

A selection of our current certificates

Quality management in accordance with DIN EN ISO 9001¹

Certificate ISO 9001

As an internationally established standard, ISO 9001 outlines the minimum requirements for a quality management system that an organization must fulfill in order to provide products and services that meet both customer expectations and legal requirements.

Information security management in accordance with ISO/IEC 27001¹

Certificate ISO 27001

As an international standard, ISO/IEC 27001 defines requirements for the rollout, implementation, monitoring, and optimization of information security management systems (ISMS).

Privacy Information Management System in accordance with ISO/IEC 27701¹

Certificate ISO 9001

This ISO/IEC 27701 standard specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a privacy information management system in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management.

Business continuity management in accordance with ISO/IEC 22301¹

Certificate ISO 22301

The internationally valid ISO standard 22301 provides the framework for holistic business continuity management in the company in order to minimize potential damage in the event of a disruption.

Service management in accordance with ISO/IEC 20000-1¹

Certificate ISO 20000

ISO/IEC 20000-1 specifies requirements for service providers for the enhanced planning, rollout, implementation, operation, monitoring, review, maintenance, and improvement of their SMS.

Environmental management according to ISO 14001

Certificate ISO 14001

This certification is proof of a cost-effective and efficient environmental management system. ISO 14001 identifies weaknesses in the environmental management system, thus laying the foundation for a continuous improvement process.

Occupational health and safety management in accordance with ISO 45001

Dekra Siegel, ISO 45001, Managementsystem Sicherheit und Gesundheit bei Arbeit

The emphasis of the ISO 45001 standard is on the protection of people, their occupational safety, and health care. Preventive measures must be implemented to avoid accidents and illnesses.

Information security controls for cloud services in accordance with ISO/IEC 27017 (Testat)

Certificates ISO IEC 27017

ISO/IEC 27017 provides guidance on the information security aspects of cloud computing. The standard gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • additional implementation guidance for relevant controls specified in ISO/IEC 27002
  • additional controls with implementation guidance that specifically relate to cloud services

This standard provides controls and implementation guidance for both cloud service providers and cloud service customers to help make cloud services as safe and secure as the rest of the data included in a certified information management system.

Protection of personally identifiable information in public clouds in accordance with ISO/IEC 27018 (Testat)

Certificates ISO IEC 27018

ISO/IEC 27018 establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

In particular, ISO/IEC 27018 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services. The standard provides guidance aimed at ensuring that cloud service providers offer suitable information security controls to protect the privacy of their customers’ clients by securing PII (Personally Identifiable Information) entrusted to them.

Trusted cloud data protection profile for cloud services (TCDP)

Certificates ISO IEC 27018

With the TCDP 1.0 certificate, T-Systems is the first IT Service Provider to recieve a legally compliant data protection certification for defined cloud services. A certificate based on the Trusted Cloud Data Protection Profile (TCDP) makes it much easier for companies to fulfill the control obligations for commissioned data processing. The TCDP formulates objective criteria that can be used to compare the security level of different cloud services. These criteria are grouped into clear protection classes. By selecting a service with the TCDP certificate, the control obligations are fulfilled according to the German Federal Data Protection Act. TCDP is based on ISO 27001 and ISO 27018.

Advantages for our customers:

  • cost savings, as an own assessment pursuant to § 11 paragraph 2 of the German Data Protection Act (BDSG) is no longer required
  • the level of data protection of the service can be assessed transparently
  • the possibility of observing the data protection regulations against their own customers.

See the official listing at TCDP (German)

Compliance management systems (CMS) in accordance with IDW PS 980

The IDW PS 980 defines the basic elements of a compliance management system and other terms in a very structured form. The standard provides compliance officers in companies with a guideline and the basis for compliance with laws, regulations, and self-commitments within the framework of a compliance management system and provides companies with possibilities to demonstrate their own compliance and also to place specific requirements on their business partners.

An audit according to this standard allows an independent statement of the company’s own CMS in comparison to a general standard.

To the audit report on the effectiveness of the compliance management system according to IDW PS 980 for the anti-corruption unit of T-Systems International GmbH.

Certified companies: Deutsche Telekom AG, Telekom Deutschland GmbH, T-Systems International, Detecon, Telekom Shop Gesellschaft, Vivento Customer Services, Deutsche Telekom Kundenservice, Deutsche Telekom Technischer Service, Deutsche Telekom Technik, Deutsche Telekom Regional Services and Solutions.

European Telecommunications Standards Institute (ETSI)

The security and performance of individual solutions and products offered by the trust center are assured through regular certifications. The team works in accordance with the requirements of the European Telecommunications Standards Institute (ETSI). TÜV Informationstechnik GmbH has successfully audited the Deutsche Telekom Security CA’s: Server.ID and Business.ID.

eIDAS certified trust services

Deutsche Telekom complies with EU requirements for electronic identification, authentication, and trust service (eIDAS). Pursuant to article 21(2) in conjunction with article 3(16a) of Regulation (EEC) No. 910/2014 (eIDAS Regulation) it was awarded the status of qualified trust service provider for the creation of qualified certificates for:

  1. Website authentication for the trust service Server.ID.
  2. Electronic signatures for the trust service Qualified.ID.

¹ Under the umbrella certificate of Deutsche Telekom AG

We look forward to your project!

We would be happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitalization plans. Get in touch!

Do you visit t-systems.com outside of Germany? Visit the local website for more information and offers for your country.