TISAX - Consulting
With our preparation for a successful audit.
free of charge and without obligation
Throughout the industry, OEMs can use this certification to determine whether their business partners meet the necessary security standards.
Have you been told that you need a TISAX label? We will be happy to advise you and determine your current status through a GAP analysis. If you wish, we will then accompany you through to the audit.
TISAX® - Best Practice
Get your free e-book now!
2. confirm your e-mail address.
3. receive your free e-book
TISAX - Consulting
For a common safety level and reliable quality in the automotive industry, the test standard TISAX was developed. Based on the one information security management system of ISO 27001, TISAX becomes even more detailed in many points. Concrete industry requirements of the automotive industry, such as the protection of prototypes, were taken into account. The jointly created label offers the greatest possible transparency and security. Throughout the industry, OEMs can use this certification to determine whether their business partners meet the necessary security standards.
Have you been informed that you need a TISAX label? We would be happy to advise you and determine your current status through a GAP analysis. Afterwards we will accompany you up to the audit if you wish.
This way you can best estimate where you stand and what is in store for you.
TISAX CONSULTING - Just 1 click away
- Inventory & creation of the basic conditions
- Planning, conception & implementation of the management system including PDCA cycle
- Support of internal audits and derivation of recommendations
- Subsequent ongoing support (workshops, coaching, reviews, document revision, analyses, internal audits etc.) - optional
TISAX (Trusted Information Security Assessment Exchange)
VDA ISA / TISAX is a test standard developed by the German automotive industry. The German Association of the Automotive Industry (VDA) has developed a self-assessment catalog with about 500 requirements for this standard. The catalog contains several categories, including information security management, data protection and the connection of third parties. An important part is the area of prototype protection. This part defines the exact ideas of the automotive industry regarding the handling of prototypes. It describes exactly how to camouflage prototypes or which details have to be considered during test drives. Additional points such as perimeter protection of the company premises as well as associated buildings and real estate round off the catalog of requirements.
TISAX is based on a network of trust. The ENX Association provided an internet platform for the project. In the associated database, registered companies can share their audit results after a successful audit. This way, future business partners can quickly and easily view and assess the information security status of their counterpart.
The assessment is uniform and obligatory for all suppliers and service providers who want to work with the German automotive industry.
Advantages of a
- Comprehensive recognition of the label by all German car manufacturers
- Saving of costs and time through uniform test procedure
- Long validity period of 3 years
- Great trust in audited companies
Our common way to your Security Certification!
and the selection of a testing service provider
management system (ISMS)
around the ISMS
Frequently Asked Questions
A TISAX certification is a standard for information security defined by the automotive industry. The German Association of the Automotive Industry (VDA) has developed a catalog of measures that reflects the requirements of this standard. TISAX is based on the international standard 27001 but has been extended to include the area of prototype protection. The test results of all participating companies are published in a portal specially provided for this purpose.
If you have not been asked, you should ask your OEM for the requirements in possibly existing requirement specifications or directly.
The exact requirements can be found in the VDA catalog (VDA ISA catalog).
Due to the high complexity our experience shows that especially small and medium-sized companies can hardly gain an overview of the topic without expert help.
We at digIT 4u have specialized in accompanying the complete process up to certification. Our team includes certified personnel who have already managed several customer projects with the highest security level.
Based on our experience, we can answer this briefly and concisely. Seven steps lead to success.
- Determination of auditability (GAP analysis)
- Examination management / support in application and registration, as well as in the selection of an examination service provider
- Development of an information security management system (ISMS)
- schools and sensitize employees
- Consultation of the information security representative (ISB) with questions approximately around the ISMS
- Monitoring of the certification
- Ongoing consulting and support as an external consultant or external ISB
With a company of 25 - 99 employees, our assessment is as follows:
- 10 – 20 external consultant days
- 20 – 40 internal person days (across all departments of the company)
- 6 Months time for implementation
Most of the time the topic "TISAX" is assigned to the IT manager and one might think that TISAX is a pure IT topic - this is not so. Many more areas are affected. New processes are being developed for the human resources department, for the project management, possible legal departments and last but not least of course IT is being scrutinized and integrated into new processes.
Tisax is a matter for the boss and is run by the management.