Information security for the automotive industry
Many suppliers and service providers in the automotive industry process highly sensitive information from their clients. Given this, their clients regularly request evidence of compliance with stringent information security requirements.
In most cases, such evidence is provided with the help of the Information Security Assessment (ISA) criteria catalogues developed by the German Association of the Automotive Industry (VDA). However, as individual manufacturers have conducted these ISAs for their suppliers independently so far, many suppliers have had to undergo the same assessment several times.
To reduce these unnecessary efforts and expenses, in early 2017 VDA established TISAX (Trusted Information Security Assessment Exchange), a new assessment and exchange mechanism. The dedicated TISAX online platform is designed to support cross-company recognition of information security assessments in the automotive industry. By sharing their ISA results online on TISAX, companies enable OEMs to verify for themselves whether a service provider or supplier has already successfully completed the assessment.
In addition, TISAX can be used to commission audit providers such as TÜV SÜD to carry out an assessment. The results of such assessments are valid for three years.
Following registration, companies and audit providers can access the platform and share information. VDA has opted for ENX Association as TISAX operator and third-party body.
TISAX participants using the platform can:
Assessments may only be performed by audit providers specifically accredited for TISAX.
TÜV SÜD is currently undergoing the accreditation process and is allowed to carry out TISAX assessments.
Important for you: You keep control over your results at all times – this information can only be exchanged and shared after prior approval.
The completed report is uploaded to the exchange platform. Exchange of these summaries is only possible among registered participants and only after the assessed company has expressly released the results to the company that places the request.
Understand the TISAX assessment objectives and how they apply to your organization
Add value to your organization's network
Review the self-assessment process
Understanding TISAX with your supply chain
Select Your Location
Bosnia and Herzegovina