HLRS Completes Data Security Assessment

01 October 2021

In accord with the TISAX framework, the High-Performance Computing Center Stuttgart formalizes its systems for information security management.

The University of Stuttgart has been registered on behalf of the High-Performance Computing Center Stuttgart (HLRS) as a participant in the Trusted Information Security Assessment Exchange (TISAX). By following this international standard for data security HLRS will ensure the protection of the data belonging to users of its computing systems.

"Making sure that our users' data is secure has always been of the highest priority," said HLRS Director Prof. Michael Resch. "Registration with TISAX formally reflects our many efforts to implement best practices in information security management across all levels of our organization."  

A comprehensive information security plan

Governed by the ENX Association on behalf of the German Association of the Automotive Industry (VDA), TISAX prescribes a standardized set of strict requirements for the management of data centers that are intended to protect data confidentiality, data integrity, and data availability. In many ways it is similar to the more common ISO 27001 standard for information security, although TISAX is more prescriptive of specific protocols that should be followed.

Following registration with TISAX, HLRS's data security practices were assessed by an independent, accredited audit provider.

The TISAX framework covers a range of best practices for data security, including protecting physical access to computing facilities, defining security responsibilities for technology providers and vendor staff, and implementing formal processes for managing security risks and information breaches. In addition, it details responsibilities of data center employees for data security, outlines relevant considerations in the procurement of new systems, and provides for formal review processes to guarantee that the center is meeting all relevant legal requirements.

"Although TISAX was principally formulated for the automotive industry, completion of this assessment means that all academic and industrial users of HLRS's computing systems can feel confident that we are protecting their proprietary information from being accessed, changed, or manipulated, and that redundancies are in place to prevent data loss," Resch explained.

TISAX assessment results

HLRS's TISAX assessment result is available on the ENX Portal under the Scope-ID S55W0V and the Assessment-ID AC6GXZ. TISAX and TISAX results are not intended for the general public.