TISAX® - Best Practice
Get your free e-book now!
2. confirm your e-mail address.
3. receive your free e-book
VDA ISA / TISAX is a test standard developed by the German automotive industry. The German Association of the Automotive Industry (VDA) has developed a self-assessment catalog with about 500 requirements for this standard. The catalog contains several categories, including information security management, data protection and the connection of third parties. An important part is the area of prototype protection. This part defines the exact ideas of the automotive industry regarding the handling of prototypes. It describes exactly how to camouflage prototypes or which details have to be considered during test drives. Additional points such as perimeter protection of the company premises as well as associated buildings and real estate round off the catalog of requirements.
TISAX is based on a network of trust. The ENX Association provided an internet platform for the project. In the associated database, registered companies can share their audit results after a successful audit. This way, future business partners can quickly and easily view and assess the information security status of their counterpart.
The assessment is uniform and obligatory for all suppliers and service providers who want to work with the German automotive industry.
A TISAX certification is a standard for information security defined by the automotive industry. The German Association of the Automotive Industry (VDA) has developed a catalog of measures that reflects the requirements of this standard. TISAX is based on the international standard 27001 but has been extended to include the area of prototype protection. The test results of all participating companies are published in a portal specially provided for this purpose.
Due to the high complexity our experience shows that especially small and medium-sized companies can hardly gain an overview of the topic without expert help.
We at digIT 4u have specialized in accompanying the complete process up to certification. Our team includes certified personnel who have already managed several customer projects with the highest security level.
Based on our experience, we can answer this briefly and concisely. Seven steps lead to success.
With a company of 25 - 99 employees, our assessment is as follows:
Most of the time the topic "TISAX" is assigned to the IT manager and one might think that TISAX is a pure IT topic - this is not so. Many more areas are affected. New processes are being developed for the human resources department, for the project management, possible legal departments and last but not least of course IT is being scrutinized and integrated into new processes.
Tisax is a matter for the boss and is run by the management.