China available in the following languages:
or select your TÜV Rheinland region / country website:

TÜV Rheinland checks information security in accordance with TISAX

Standard for information security in the automotive industry: What you should know about TISAX!

As a service provider or supplier of the automotive industry, you must verify at regular intervals whether you are maintaining the high requirements of your customers with respect to information security. The basis for this is often the requirements catalog of the VDA ISA (Information Security Assessment).

At the beginning of 2017, a trustworthy exchange mechanism was created for the VDA ISA requirements catalog: TISAX (Trusted Information Security Assessment Exchange) serves as a company-wide recognition of assessments of information security in the automotive industry based on a common inspection and exchange mechanism under the aegis of ENX Association. Additional company-specific questionnaires have been replaced by it.

VDA ISA and TISAX: What is new?

The foundation of the testing continues to be the VDA ISA inspection catalog approved by the Information Security working group of the VDA in the current version, which demands essential aspects of the international standard ISO/IEC 27001 (Information Security Management System).

The regular testing is conducted according to international standards recognized throughout the industry and by accredited testing service providers.This is intended to avoid service providers or suppliers having to subject themselves to identical testing by customers at fairly frequent intervals.

TISAX stands for Trusted Information Security Assessment Exchange, a mechanism for the exchange of testing information which is operated by ENX Association as a common trust anchor.

The services
The basis is an assessment with clearly defined scope of services which is equally suitable and binding to all organizations across the entire value-added chain of the automotive industry. The duration of a test is dependent on the size and number of locations of the organization.

Why should you participate in TISAX?
All suppliers and service providers of automotive manufacturers and suppliers who process sensitive information from the respective firms should be interested in actively using TISAX, in order to meet the requirements of your customers. The results will always remain under the control of the customers who are being tested.

Who is allowed to test in accordance with TISAX?
The so-called TISAX assessments may be performed solely by testing service providers accredited in accordance with TISAX. TÜV Rheinland belongs to a few organizations authorized to test and certify organizations in the automotive industry worldwide according to TISAX.

Why TÜV Rheinland?
TÜV Rheinland is a global leader in independent inspection services, founded more than 140 years ago. The group maintains a worldwide presence with 19,600 employees; annual turnover is nearly EUR 1.9 billion.

For more than 15 years, TÜV Rheinland has been supporting the private and public sector with comprehensive consulting and solution expertise in IT, cyber security and telecommunications through digital transformation processes. With more than 600 specialists around the world, TÜV Rheinland provides strategic consulting, design and process optimization through to implementation, operation, and certification of systems

TÜV Rheinland is currently the largest independent service provider that combines ICT competency with comprehensive expertise regarding the industry and mobility, and whose core business has been to provide technical security to people and the environment around the world for more than 140 years.

The advantages of TISAX at a glance:

  • The renewal of existing supplier relationships is made easier.
  • TISAX inspections are recognized beyond the individual customer - throughout the industry.
  • Double and multiple tests are a thing of the past.
  • The standardization saves time and money.

Do you want to have your organization tested? If so, please contact us.

We will gladly provide you with detailed information about requirements and process.

Process of a TISAX Assessment

Related topics

Penetration Testing and IT Security Analysis

Penetration test and IT security analysis

Identify the weak points in your IT infrastructure with an IT security analysis.


ISMS According to ISO/IEC 27001

ISMS According to ISO/IEC 27001

Improve systematic control over your company’s information security.


Governance, Risk and Compliance

Governance, Risk and Compliance

Strengthen your corporate governance with software-supported automation of your management systems.


More information

TISAX ENX Association

Whitepaper TÜV Rheinland & VisualThreat


pdf Flyer TISAX 3 MB Download
pdf Flyer Governance, Risk & Compliance 986 KB Download
pdf Flyer ISMS 1 MB Download
pdf Flyer Partnership TÜV Rheinland & VisualThreat 1 MB Download


Please contact our local team for more information.