As a service provider or supplier of the automotive industry, you must verify at regular intervals whether you are maintaining the high requirements of your customers with respect to information security. The basis for this is often the requirements catalog of the VDA ISA (Information Security Assessment).
At the beginning of 2017, a trustworthy exchange mechanism was created for the VDA ISA requirements catalog: TISAX (Trusted Information Security Assessment Exchange) serves as a company-wide recognition of assessments of information security in the automotive industry based on a common inspection and exchange mechanism under the aegis of ENX Association. Additional company-specific questionnaires have been replaced by it.
The foundation of the testing continues to be the
VDA ISA inspection catalog
approved by the Information Security working group of the VDA in the current version, which demands essential aspects of the international standard ISO/IEC 27001 (Information Security Management System).
In addition to Version 3.0 published in January 2017, the regular testing conducted according to international standards recognized throughout the industry and by accredited testing service providers is new. This is intended to avoid service providers or suppliers having to subject themselves to identical testing by customers at fairly frequent intervals.
TISAX stands for Trusted Information Security Assessment Exchange, a mechanism for the exchange of testing information which is operated by ENX Association as a common trust anchor.
The servicesThe basis is an assessment with clearly defined scope of services which is equally suitable and binding to all organizations across the entire value-added chain of the automotive industry. The duration of a test is dependent on the size and number of locations of the organization.
Why should you participate in TISAX?All suppliers and service providers of automotive manufacturers and suppliers who process sensitive information from the respective firms should be interested in actively using TISAX, in order to meet the requirements of your customers. The results will always remain under the control of the customers who are being tested.
Who is allowed to test in accordance with TISAX?The so-called TISAX assessments may be performed solely by testing service providers accredited in accordance with TISAX. TÜV Rheinland belongs to a few organizations authorized to test and certify organizations in the automotive industry worldwide according to TISAX.
Why TÜV Rheinland?TÜV Rheinland is a global leader in independent inspection services, founded more than 140 years ago. The group maintains a worldwide presence with 19,600 employees; annual turnover is nearly EUR 1.9 billion.
For more than 15 years, TÜV Rheinland has been supporting the private and public sector with comprehensive consulting and solution expertise in IT, cyber security and telecommunications through digital transformation processes. With more than 600 specialists around the world, TÜV Rheinland provides strategic consulting, design and process optimization through to implementation, operation, and certification of systems
TÜV Rheinland is currently the largest independent service provider that combines ICT competency with comprehensive expertise regarding the industry and mobility, and whose core business has been to provide technical security to people and the environment around the world for more than 140 years.
Do you want to have your organization tested? If so, please contact us.
We will gladly provide you with detailed information about requirements and process.
Identify the weak points in your IT infrastructure with an IT security analysis.
Improve systematic control over your company’s information security.
Strengthen your corporate governance with software-supported automation of your management systems.