ISO/IEC 22237 — Data Center Infrastructure
A complete, engineering-first approach to preparing your data center for ISO/IEC 22237 (Parts 1–7). Includes design review, documentation alignment, gap analysis, and pre-audit checkpoints.
Typical ISO-aligned facility with redundant infrastructure.
ISO/IEC 22237 is the global standard for the design, construction, power, cooling, cabling, security, and operation of data centers. It replaces the older EN 50600 framework and has become the most widely accepted benchmark for critical facility resilience, safety, and efficiency.
Unlike traditional engineering specifications, ISO/IEC 22237 evaluates how your facility truly performs: redundancy, maintainability, clear separation of power paths, environmental stability, structured cabling discipline, and operational maturity.
Covers facility, power, cooling, cabling, security, management and operations in a holistic way.
Independent of OEMs. Evaluates resilience and design quality — not product brands.
Accepted by hyperscalers, colocation providers, BFSI, telecom, and enterprise data centers.
As digital infrastructure becomes mission-critical, this standard gives owners and operators a consistent way to evaluate resilience, safety, uptime tolerance, and operational maturity.
Clear criteria for redundancy (N, N+1, 2N), maintainability, segregation of paths, fault tolerance.
Poor layouts, unsafe battery rooms, undersized cooling, and chaotic cabling are quickly exposed.
Auditors look for logs, SOPs, PM schedules, change control, and evidence discipline.
Demonstrates that your facility follows global best practices end-to-end.
ISO/IEC 22237 is often compared with TIA-942 and Uptime Tier certifications. Each serves a different purpose — and many facilities pursue more than one.
| Framework | Primary Focus | What It Certifies | Who Uses It |
|---|---|---|---|
| ISO/IEC 22237 | Infrastructure + Operations | Entire data center | Enterprises, BFSI, Telecom, Colocations |
| TIA-942 | Technical infrastructure | Design + Facility | Integrators, OEMs, Consultant-led projects |
| Uptime Tier | Topology + Resilience | Design or Facility Tier | Hyperscalers, colocation operators |
Note: NorthAudit is independent and vendor-neutral. No affiliation with ISO, TIA or Uptime.
ISO/IEC 22237 fits teams responsible for design, commissioning, compliance, and operations of critical digital infrastructure.
New builds, expansions, audits, and modernization.
Design alignment before installation or commissioning.
Documentation, logs, evidence, and SOP discipline.
Alignment between vendors, integrators, and consultants.
Start with a quick 20-question check — aligned with Parts 1–7.
ISO/IEC 22237 is divided into seven tightly connected parts. Together, they form the world’s most comprehensive model for building and operating resilient data centers. Below is a practical, engineering-first breakdown of what each part covers — and what auditors look for.
Part 1 defines the entire backbone of ISO/IEC 22237. It sets the terminology, risk categories, classification concepts, and high-level design boundaries for the rest of the standard.
Example — Availability Classes (simplified)
A1: Basic availability
A2: Improved resilience
A3: High resilience (dual paths recommended)
A4: Fault tolerant (multiple independent systems)
This part deals with the physical structure of the data center — walls, floors, loading, fire zones, cable pathways, and separation of hazards.
Visual — Typical Separation Layout
+-----------------------+-----------------------+
| Power Pathway | Data Pathway |
| (UPS, Panels, Cabling)| (Fiber, Copper) |
+-----------------------+-----------------------+
The heart of ISO 22237. Covers redundancy, switching, segmentation, grounding, and fault containment.
ISO expects each power path to run independently. Cross-coupling is allowed only with proper interlocks.
A-PATH B-PATH
+----------+ +----------+
| UPS A | | UPS B |
| PDU A | | PDU B |
| Rack PDU | | Rack PDU |
+----------+ +----------+
This part regulates cooling capacity, redundancy, containment, airflow, and control systems. A major cause of data center failures is cooling-related — ISO is very strict here.
COLD AISLE → RACKS → HOT AISLE
| |
CRAC/CRAH ← RETURN AIR ← HOT AISLE
Covers structured cabling, pathways, fiber/copper segregation, redundancy, and labeling requirements.
Part 6 ensures that the entire facility has a layered security model — physical, electronic, and procedural.
Arguably the toughest part. Even if your design is perfect, a weak operations program will fail the audit.
Operations Quality = Evidence × Consistency × Ownership
Our ISO/IEC 22237 engagements are structured to minimise disruption while giving a very clear, clause-aligned picture of your current state, gaps and remediation path.
Scope, target availability class, current drawings, installed systems, and planned timelines.
Collect key artefacts: layouts, SLDs, PM schedules, logs, SOPs, vendor submittals, test reports.
Engineering review of infrastructure plus operations, mapped to Parts 1–7 of the standard.
You receive a standards-mapped scorecard, gap list, closure plan and evidence pack structure.
Instead of a vague “pass/fail” view, we provide a clause-aligned scorecard where each domain is rated against ISO/IEC 22237 expectations. This helps management understand exactly where to invest effort.
| Domain | Coverage | Readiness Band | Typical Outputs |
|---|---|---|---|
| Facility & Building | Parts 1–2 | Green / Amber / Red | Zoning, loading, fire separations, physical risks |
| Power & Earthing | Part 3 | Green / Amber / Red | Redundancy map, discrimination gaps, resilience notes |
| Cooling & Environment | Part 4 | Green / Amber / Red | Capacity vs IT load, containment, sensor placement |
| Cabling & Pathways | Part 5 | Green / Amber / Red | Dual routes, loading, labeling, physical separation |
| Security & Access | Part 6 | Green / Amber / Red | Zoning, CCTV coverage, access policy gaps |
| Operations & Evidence | Part 7 | Green / Amber / Red | SOPs, logs, PM compliance, test documentation |
Illustrative heatmap (simplified)
Domain Status
-----------------------------------------
Facility & Building 🟢 Green
Power & Earthing 🟠 Amber
Cooling & Environment 🟠 Amber
Cabling & Pathways 🔴 Red
Security & Access 🟢 Green
Operations & Evidence 🟠 Amber
Not every gap is equal. We classify findings based on impact, likelihood and remediation effort, so you can decide where to act first without getting lost in a long list of observations.
| Severity | Description | Typical Example | Action Priority |
|---|---|---|---|
| Critical | Immediate risk to uptime, safety or compliance. | Single power path feeding both A/B PDUs, no redundancy test history. | Fix before inviting any Certification Body. |
| Major | Significant non-conformity; design or operations require change. | Mixed cable routing, insufficient cooling redundancy, missing logs. | Plan and close before audit date. |
| Minor | Deviation that does not immediately threaten availability. | Label inconsistencies, sub-optimal containment details. | Address as part of continuous improvement. |
| Observation | Improvement suggestion, often future-proofing. | Optional monitoring points, more granular logs. | Track in risk register or improvement backlog. |
Priority = Severity × (Likelihood of Occurrence) × (Remediation Effort Weighting)
ISO/IEC 22237 certification is heavily evidence-driven. Below is a simplified view of the documentation set we expect a mature facility to maintain. During an engagement, we tailor this list to your scope, region and certification body.
| Category | Examples | Linked Parts |
|---|---|---|
| Design & Layouts | Architectural plans, SLDs, cabling schematics, rack layouts, airflow diagrams. | Parts 1–5 |
| Policies & SOPs | Operations SOPs, EOPs, access policy, vendor policy, incident management. | Part 7 |
| Registers & Logs | Risk register, PM logs, change log, incident log, shift handover records. | Part 7 |
| Testing & Commissioning | FAT/SAT reports, integrated system testing records, redundancy test logs. | Parts 2–4 |
| Security & Access | CCTV layout & retention policy, access reports, visitor logs, badge policy. | Part 6 |
| Compliance & Approvals | Statutory approvals, OEM certifications, calibration certificates. | Multiple parts |
During a NorthAudit engagement, we provide a structured “evidence map” that links each document to specific clauses, so your team can respond faster when auditors ask “show me this”.
We combine ISO clause-level review with practical MEP and ICT engineering checks. The goal is to find issues on drawings and installed infrastructure before an external auditor or a live incident discovers them.
The most common reason facilities struggle in ISO/IEC 22237 audits is not design — it is day-to-day operations and missing evidence. We help your team build a realistic, sustainable evidence routine.
Strong audit performance rarely comes from last-minute preparation.
It comes from small, consistent, well-documented actions across the year.
Share your drawings and key documents. We’ll revert with a structured view of strengths, gaps and next steps.
ISO/IEC 22237 readiness is a specialised discipline. It requires deep engineering context, an operator’s mindset, and familiarity with how Certification Bodies interpret the standard. We bridge all three.
We review chillers, UPS systems, cable pathways, switching logic, and layouts with the same seriousness as documentation. This is not a paperwork-only engagement.
Every gap, recommendation, and remediation action is linked to a clause in Parts 1–7. This removes ambiguity and accelerates audit approvals.
Policies, SOPs, logs, templates, risk registers and test records are structured exactly how Certification Bodies expect to see them — saving days of back-and-forth.
Most importantly, we operate independently — no vendor influence, no certification sales, no hidden agenda. The only goal is clear, practical, verifiable alignment with ISO/IEC 22237.
Yes. ISO/IEC 22237 certification covers the full set (Parts 1–7). However, your scope may exclude certain spaces (e.g., non-critical rooms), which we clarify during discovery.
ISO/IEC 22237 is the internationalised version of EN 50600 — with alignment between both. Many European facilities start with EN 50600 and transition to ISO for global acceptance.
For a live facility with moderate complexity: 4–6 weeks. For new builds under commissioning: 6–12 weeks. The timeline depends primarily on documentation and closure effort.
No. New systems still require logs, test records, calibration certificates, and commissioning packages. ISO focuses on evidence, not age of equipment.
Yes. We brief Certification Bodies and remain available throughout audit week for clarifications, evidence coordination and technical guidance.
Only when required (e.g., to close documentation gaps or obtain certifications). All engagement is vendor-neutral.
Start with a free checklist, or share your drawings and policies for a structured readiness assessment.