TÜV Rheinland checks information security in accordance with TISAX

Standard for information security in the automotive industry: What you should know about TISAX!

As a service provider or supplier of the automotive industry, you must verify at regular intervals whether you are maintaining the high requirements of your customers with respect to information security. The basis for this is often the requirements catalog of the VDA ISA (Information Security Assessment).

At the beginning of 2017, a trustworthy exchange mechanism was created for the VDA ISA requirements catalog: TISAX (Trusted Information Security Assessment Exchange) serves as a company-wide recognition of assessments of information security in the automotive industry based on a common inspection and exchange mechanism under the aegis of ENX Association. Additional company-specific questionnaires have been replaced by it.

Campaign Title

New standard

Cyber security in the automotive industry

Campaign Title

TISAX testing

A look at the TISAX testing process:

Campaign Title

Contact

Questions about TISAX? We will gladly assist you!

VDA ISA and TISAX: What is new?

The foundation of the testing continues to be the VDA ISA inspection catalog approved by the Information Security working group of the VDA in the current version, which demands essential aspects of the international standard ISO/IEC 27001 (Information Security Management System).

In addition to Version 3.0 published in January 2017, the regular testing conducted according to international standards recognized throughout the industry and by accredited testing service providers is new. This is intended to avoid service providers or suppliers having to subject themselves to identical testing by customers at fairly frequent intervals.

TISAX stands for Trusted Information Security Assessment Exchange, a mechanism for the exchange of testing information which is operated by ENX Association as a common trust anchor.

The services

The basis is an assessment with clearly defined scope of services which is equally suitable and binding to all organizations across the entire value-added chain of the automotive industry. The duration of a test is dependent on the size and number of locations of the organization.

Why should you participate in TISAX?

All suppliers and service providers of automotive manufacturers and suppliers who process sensitive information from the respective firms should be interested in actively using TISAX, in order to meet the requirements of your customers. The results will always remain under the control of the customers who are being tested.

Who is allowed to test in accordance with TISAX?

The so-called TISAX assessments may be performed solely by testing service providers accredited in accordance with TISAX. TÜV Rheinland belongs to a few organizations authorized to test and certify organizations in the automotive industry worldwide according to TISAX.

Why TÜV Rheinland?

TÜV Rheinland is a global leader in independent inspection services, founded more than 140 years ago. The group maintains a worldwide presence with 19,600 employees; annual turnover is nearly EUR 1.9 billion.

For more than 15 years, TÜV Rheinland has been supporting the private and public sector with comprehensive consulting and solution expertise in IT, cyber security and telecommunications through digital transformation processes. With more than 600 specialists around the world, TÜV Rheinland provides strategic consulting, design and process optimization through to implementation, operation, and certification of systems

TÜV Rheinland is currently the largest independent service provider that combines ICT competency with comprehensive expertise regarding the industry and mobility, and whose core business has been to provide technical security to people and the environment around the world for more than 140 years.

The advantages of TISAX at a glance:

  • The renewal of existing supplier relationships is made easier.
  • TISAX inspections are recognized beyond the individual customer - throughout the industry.
  • Double and multiple tests are a thing of the past.
  • The standardization saves time and money.

Do you want to have your organization tested? If so, please contact us.

We will gladly provide you with detailed information about requirements and process.

Ask us!

TÜV Rheinland i-sec GmbH

Am Grauen Stein

51105 Köln

Tel. +49 221 56783 501

E-Mail: tisax@de.tuv.com