TISAX® - Best Practice
Get your free e-book now!
1. enter name and e-mail.
2. confirm your e-mail address.
3. receive your free e-book
2. confirm your e-mail address.
3. receive your free e-book
Home_en
TISAX - Consulting
With our preparation for a successful audit.
For a common safety level and reliable quality in the automotive industry, the test standard TISAX was developed. Based on the one information security management system of ISO 27001, TISAX becomes even more detailed in many points. Concrete industry requirements of the automotive industry, such as the protection of prototypes, were taken into account. The jointly created label offers the greatest possible transparency and security. Throughout the industry, OEMs can use this certification to determine whether their business partners meet the necessary security standards.
Have you been informed that you need a TISAX label? We would be happy to advise you and determine your current status through a GAP analysis. Afterwards we will accompany you up to the audit if you wish.
This way you can best estimate where you stand and what is in store for you.
TISAX CONSULTING - Just 1 click away
The TISAX Consulting Package contains everything you need to get started with the TISAX certification and meets the necessary requirements in the shortest possible time:
- Inventory & creation of the basic conditions
- Planning, conception & implementation of the management system including PDCA cycle
- Support of internal audits and derivation of recommendations
- Subsequent ongoing support (workshops, coaching, reviews, document revision, analyses, internal audits etc.) - optional
TISAX (Trusted Information Security Assessment Exchange)
VDA ISA / TISAX is a test standard developed by the German automotive industry. The German Association of the Automotive Industry (VDA) has developed a self-assessment catalog with about 500 requirements for this standard. The catalog contains several categories, including information security management, data protection and the connection of third parties. An important part is the area of prototype protection. This part defines the exact ideas of the automotive industry regarding the handling of prototypes. It describes exactly how to camouflage prototypes or which details have to be considered during test drives. Additional points such as perimeter protection of the company premises as well as associated buildings and real estate round off the catalog of requirements.
TISAX is based on a network of trust. The ENX Association provided an internet platform for the project. In the associated database, registered companies can share their audit results after a successful audit. This way, future business partners can quickly and easily view and assess the information security status of their counterpart.
The assessment is uniform and obligatory for all suppliers and service providers who want to work with the German automotive industry.
Advantages of a
TISAX Certification
- Comprehensive recognition of the label by all German car manufacturers
- Saving of costs and time through uniform test procedure
- Long validity period of 3 years
- Great trust in audited companies
Our common way to your Security Certification!
1.
Determination of auditability
(GAP analysis)
(GAP analysis)
2.
Examination management/support for registration and enrollment,
and the selection of a testing service provider
and the selection of a testing service provider
3.
Development of an information security management system (ISMS)
Development of an information security
management system (ISMS)
management system (ISMS)
4.
Schools & sensitize employees
5.
Advising the Information Security Officer (ISB) on questions
around the ISMS
around the ISMS
6.
Monitoring of the certification
7.
Ongoing consulting and support as an external consultant or external ISB
Frequently Asked Questions
(FAQ)
What is TISAX and what do I need it for?
A TISAX certification is a standard for information security defined by the automotive industry. The German Association of the Automotive Industry (VDA) has developed a catalog of measures that reflects the requirements of this standard. TISAX is based on the international standard 27001 but has been extended to include the area of prototype protection. The test results of all participating companies are published in a portal specially provided for this purpose.
Are there different levels of certification?
What requirements must I meet?
Where can I find support?
What is the best approach?
Based on our experience, we can answer this briefly and concisely. Seven steps lead to success.
- Determination of auditability (GAP analysis)
- Examination management / support in application and registration, as well as in the selection of an examination service provider
- Development of an information security management system (ISMS)
- schools and sensitize employees
- Consultation of the information security representative (ISB) with questions approximately around the ISMS
- Monitoring of the certification
- Ongoing consulting and support as an external consultant or external ISB
What effort do I have to expect?
Which areas of my company are affected?
Who is responsible in my company?