Security requirements for suppliers

We are building an ISMS for an ISO 27001 certification of our entire company. Now the question comes up about the requirements for our data center. Are all these points that are important for certification complete?
- Access protection
- Password policy compliance
- Typical irritant signals: fire loads, dirt or water-bearing cables in data centers or craft materials in server cabinets or unlabeled data carriers lying around.

1. In other words: What are the requirements for our data center provider if we want to certify ourselves as an entire company ISO72001?

Answer: The requirements your datacenter provider must fulfill are practically the same you would have to fulfill if the datacenter belonged to your organization, and without more detailed information abou t your context it is not possible to provide an specific answer. Since your provider is not ISO 27001 certified yet, I'd suggest you to talk to them about performing a risk assessment together to identify which risks the provider must have to treat, so these treatments can be defined as contractual clauses in your service agreement.

These articles can provide you additional information:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
- Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/

2 . Can we also successfully certify ourselves to ISO 27001 with a data center without ISO 27001 certification?

Answer: Provided that your provider can show evidences that it is handling your security requirements as defined in the service agreement, there is no need for the provider to be ISO 27001 certified, although this certification can prove beneficial to it to minimize compliance costs.