Information Technology and Cybersecurity Technical unit 1.7 at a glance

Focus of the technical unit

This technical unit accredits several types of conformity assessment bodies: testing laboratories (DIN EN ISO/IEC 17025), certification bodies for products, processes and services (DIN EN ISO/IEC 17065), certification bodies for management systems (DIN EN ISO/IEC 17021-1) and inspection bodies (DIN EN ISO/IEC 17020).

Information technology

Information technology (IT for short) is a generic term for electronic data processing and the hardware and software infrastructure used for this purpose. In industrialised countries, considerable parts of administration, organisation, communication and entertainment are accomplished on the basis of information technology. Accreditations of conformity assessment bodies in the area of IT for the testing and certification of products are therefore of fundamental importance. In practice, important attestations of conformity in this area are ISO/IEC 27001 and the sectoral standards in this group, ISO/IEC 15048 and the IEC 62443 series of standards, which deal with the information security of industrial automation and control systems (IACS) while pursuing a holistic approach for operators, integrators and manufacturers.


The Cybersecurity Act (CSA) is a framework for IT security certification of products, services and processes applicable throughout the EU. The cybersecurity legislation was introduced as part of a comprehensive package of measures to increase cybersecurity and strengthen the resilience of the European Union against cyber attacks.

The term cybersecurity refers to properties of technical or non-technical systems for information processing, retention and storage that ensure the protection goals of confidentiality, availability and integrity. Information security serves to protect against hazards or threats, to avoid economic damage and to minimise risks.

Conformity assessment bodies in this area are accredited in accordance with ISO/IEC 17065 pursuant to Article 60 CSA and require additional authorisation by the Federal Office for Information Security (BSI) under the Act on the Federal Office for Information Security (Section 9a BSIG). In addition, IT security laboratories are accredited in accordance with ISO/IEC 17025.


Johannes Feldmann

Information Technology and Cybersecurity

Nach oben