TÜV Rheinland checks information security in accordance with TISAX
Standard for information security in the automotive industry: What you should know about TISAX!
As a service provider or supplier of the automotive industry, you must verify at regular intervals whether you are maintaining the high requirements of your customers with respect to information security. The basis for this is often the requirements catalog of the VDA ISA (Information Security Assessment).
At the beginning of 2017, a trustworthy exchange mechanism was created for the VDA ISA requirements catalog: TISAX (Trusted Information Security Assessment Exchange) serves as a company-wide recognition of assessments of information security in the automotive industry based on a common inspection and exchange mechanism under the aegis of ENX Association. Additional company-specific questionnaires have been replaced by it.
VDA ISA and TISAX: What is new?
The foundation of the testing continues to be the VDA ISA inspection catalog approved by the Information Security working group of the VDA in the current version, which demands essential aspects of the international standard ISO/IEC 27001 (Information Security Management System).
The regular testing is conducted according to international standards recognized throughout the industry. This is intended to avoid service providers or suppliers having to subject themselves to identical testing by customers at fairly frequent intervals.
TISAX stands for Trusted Information Security Assessment Exchange, a mechanism for the exchange of testing information which is operated by ENX Association as a common trust anchor.
The basis is an assessment with clearly defined scope of services which is equally suitable and binding to all organizations across the entire value-added chain of the automotive industry. The duration of a test is dependent on the size and number of locations of the organization.
All suppliers and service providers of automotive manufacturers and suppliers who process sensitive information from the respective firms should be interested in actively using TISAX, in order to meet the requirements of your customers. The results will always remain under the control of the customers who are being tested.
Why TÜV Rheinland?
We are a testing company with almost 150 years of experience in the field of technical security and with 20 years of experience in the field of cybersecurity. Therefore, we know the markets in which we are operate very well and have extensive know-how in solving complex challenges in the areas of IT security, data protection and infrastructure.
As one of the first TISAX testing service providers with more than 650 TISAX® assessments worldwide within the last 3 years.
The advantages of TISAX at a glance:
- The renewal of existing supplier relationships is made easier.
- TISAX inspections are recognized beyond the individual customer - throughout the industry.
- Double and multiple tests are a thing of the past.
- The standardization saves time and money.
Do you want to have your organization tested? If so, please contact us.
We will gladly provide you with detailed information about requirements and process.
Please contact our local team for more information.