Last year, we made the decision to take our ISO 27001 certification to the next level – by going through a completely new certification process with TÜV SÜD, one of Germany's most respected DAkkS-accredited certification bodies. What followed was one of the most intensive and, at the same time, most rewarding internal processes we have been through in years.
A Year of Preparation – and Two Days That Delivered
The path to the new certificate began with a comprehensive internal audit conducted together with an experienced external ISO 27001 consultant. The goal was not simply to close gaps, but to take a thorough look at our Information Security Management System (ISMS) from the ground up: processes, documentation, risk assessment, internal controls – everything under scrutiny.
At the end of April 2026, the moment arrived: two TÜV SÜD auditors spent a total of 25 hours with us in Frankfurt, reviewing our ISMS across all relevant areas of the business – from operations and customer support, through sales, all the way to HR and administration. The outcome: the audit was completed without any major findings. The certification body rated our management system as fully effective.
What Pleased Us Most
During the closing meeting, the auditors explicitly highlighted that all of our employees demonstrated a solid understanding of information security requirements. That is not a given – and we are proud that our team lives and breathes this every day. The tooling infrastructure we have built to support our ISMS also received positive recognition.
Of course, the process also surfaced some areas with room for improvement – and that was precisely the point. It is not about collecting certificates. It is about becoming a better organisation.
"We operate critical infrastructure for our customers – which means information security is not optional, it is foundational. This process showed us where we are already very well positioned, and where we can become even more precise. The TÜV SÜD certificate is, for me, confirmation from an independent, accredited body that we are on the right track."
— Holger Grauer, Managing Director, aixit GmbH
The Result
Since 3 June 2026, aixit is officially certified to ISO/IEC 27001:2022 by TÜV SÜD – covering the operation and management of data centre services in the areas of co-location, cloud, and connectivity. The certificate carries DAkkS accreditation and is valid until June 2029.
For our customers, this means one thing above all: you can rely on an information security framework that has been independently audited, structurally managed, and continuously developed – certified to the current version of the standard, and confirmed by one of Europe's leading certification bodies.
