TISAX

Automotive companies benefit from various advantages with a TISAX® assessment: In the automotive industry, the ENX Association and the VDA launched TISAX® at the beginning of 2017 to facilitate the exchange of proof of information security among manufacturers, suppliers and service providers across companies. The TISAX® platform saves time and money. Double and multiple information security checks are avoided. The audited company decides for itself with whom it shares its results. TISAX® registration leads to increased security awareness among employees and promotes company values. Registered companies can use the platform to ensure that their suppliers and service providers also meet the required level of information security.

The testing and exchange mechanism is based on the ISA catalog of requirements from the VDA, which eliminates the need for the special requirements and extensive catalogs issued by major automobile manufacturers. Since all ISO standards have the same high-level structure in the first sections, the TISAX® ISA catalog, with its references to ISO 27001, contains essential quality management requirements according to ISO 9001:2015. A robust IT security management system is always based on quality management, and above all on the organizational measures this requires. Thus, companies participating in TISAX® also lay the foundation for a possible later certification according to ISO 27001.

Phases of TISAX® certification
1.    Registration on the TISAX® platform
2.Selection of an audit provider
3.   Preliminary verification of label/scope assessment, infor-mation protection class, and simplified group assess-ment (if possible)
4.   Execution and signing of the contract
5.Self-assessment (Assessment Level 1)
6.Off-site audit (review of Assessment Level 1 according to documentation and label/scope confirmation or Assessment Level 2) optional
7.On-site audit (Assessment Level 3)
8.    Label validation
9.     Audit information shared with exclusive TISAX® part-ners designated by the audited member company

Benefits of TISAX® certification • Increased credibility with a certified information security system • Cross-company recognition among TISAX® members • Strong strategies for effective risk management • Transparency through harmonized VDA ISA catalog • Sharper focus on customer needs and expectations • Internationally recognized listing on the TISAX® online platform • Complete control over who can access your assessment results • TISAX® assessment every three years eliminating time and money spent on multiple checks