06. Aug 2024

TISAX®: Information security in the automotive industry

TISAX® stands for TRUSTED INFORMATION SECURITY ASSESSMENT EXCHANGE. TISAX® is an internationally recognized industry standard that stands for an appropriate level of information security in the automotive and supplier industry. It helps to reduce the risk of information security incidents and strengthen security along the supply chain.

The latest version of the ISA catalog has been available since October 2023 - we have taken this as an opportunity to answer some important questions about TISAX®.

As part of a CIS series of articles, we will focus on the topic of TISAX® and take a closer look at individual aspects.

 

What is TISAX?

TISAX® represents an assessment and exchange mechanism for the information security of companies - especially within the automotive industry - and enables a joint recognition of assessment results between the participants.

TISAX® was developed on behalf of the German Association of the Automotive Industry (VDA) together with the ENX Association and has been established since 2017. The TISAX® assessment procedure is based on the VDA ISA catalog, which has been developed and refined by the VDA's information security working group since 2000 on the basis of the international standard for information security ISO/IEC 27001.

 

New version ISA 6

The new version 6.0 of the ISA catalog was initially published by the VDA on 16.10.2023. Since April 1, 2024, it has been mandatory to use this version when commissioning inspections in accordance with the TISAX® standard.

In contrast to ISO/IEC 27001 - THE international standard for information security - TISAX® not only considers qualitative aspects, but also uses a maturity model according to Automotive SPICE, which allows a quantitative assessment in the form of an overall maturity level.

 

Why is TISAX® so important?

TISAX® is of great importance for companies in the automotive industry, especially in the supplier sector. On the one hand, it is a figurehead on the market, and on the other hand, it is important for securing business relationships with car manufacturers.

 

Do you want to deepen your knowledge?

Together with CIS network partner and expert Wolfgang Glowatzki, we offer a TISAX® Deep Dive for details on the twelve assessment objectives (labels) that business partners usually request, as well as the three assessment levels:

 

Who is authorized to conduct assessments according to the TISAX® standard?

TISAX® assessments may only be carried out by ENX accredited TISAX® assessment service providers. The ENX Association approves the respective assessment service providers and monitors the quality of the implementation and the assessment results. This ensures that the final results meet the required quality and objectivity.

 

What advantages does CIS offer you as a testing service provider?

CIS Certification & Information Security Services GmbH is the leading service provider in Austria when it comes to certifications in the field of information security. The company was founded in 2000 and was the first certification company for information security in Austria. CIS has been conducting assessments according to the TISAX standard since 2021 and is one of the most experienced TISAX assessment companies on the European market.

CIS works in the Austrian market with Austrian auditors. For international assignments, we offer a network of experienced auditors to keep travel costs low. International assignments are supported by central quality assurance.

Customer focus and technical expertise are our top priorities. We support customers with practical recommendations for the further development of their information security controls and systems.

Do you have any questions or would you like to find out more?

CIS Certification & Information Security Services GmbH is the leading service provider in Austria when it comes to certifications in the field of information security, business continuity and data protection. Since 2021, CIS has been authorized to conduct audits according to the TISAX® standard. Thanks to a lot of concentrated know-how through cooperation on the European and international market and a broad network of specialist auditors, customer and service orientation are our top priorities. Click here to go directly to the TISAX® Assessment. We look forward to hearing from you!

 

contact us here

Our expert regarding TISAX®

Team

Mr. Wolfgang Glowatzki

Lead Expert Information Security | Lead Auditor TISAX® AL2 und AL3 | Lead Auditor ISO 27001

News & Events

The basis for long-term success!

26. Sep 2024

World Quantum Readiness Day

The first world day of this kind

Learn more
19. Aug 2024

Global Threat Report 2024: Current situation

Newest trends in cybercrime

Learn more
06. Aug 2024

Lateral entry as an IT security auditor – a field report

06. Aug 2024

TISAX® deep dive: the three assessment levels

06. Aug 2024

TISAX® deep dive: the 12 test objectives (labels)

10. Oct 2024

Event:CIS Compliance Summit 2024

Austrian platform for experts, professionals and desicion makers in the security industry. Be part of it - save the date: October 10th, 2024

Learn more
11. Jun 2024

Aspects of climate change included in the standards for management systems

New features and what happens next

Learn more
17. Apr 2024

CIS joins the Austrian Data Centre Association (ADCA)

New cooperation

Learn more
17. Apr 2024

Smart compliance for data centres

NISG and EN 50600

Learn more
28. Mar 2024

ISO 42001 – the new standard for artificial intelligence

World's first standard for AI

Learn more
07. Mar 2024

The future of AI and data ownership

A balancing act between AI, information security and data ownership

Learn more
07. Mar 2024

Are we losing control of our data through artificial intelligence (AI)?

A balancing act between AI, information security and data ownership

Learn more
+43 1 532 98 90