TISAX® Assessment

Security for automotive producers and suppliers

TISAX® (Trusted Information Security Assessment Exchange) is an industry-specific exchange mechanism of results from information security assessments in the automotive industry. These assessments are based on the VDA-ISA test catalogue, which includes information security controls for information security (based on ISO 27001), prototype and data protection.
With a TISAX® assessment, you demonstrate the maturity of your information security management system (ISMS) according to your customer requirements. This can be done at different test levels and the additional requirements for prototype and data protection of your customers. As proof of the maturity of your information security management system, you are issued so-called test labels that you can share with your business partners.
This makes TISAX® the basis for the testing and sharing mechanism of your information security management system in the automotive industry. For the implementation you need a good basis, which you can obtain in this qualification.


TISAX® is a registered trademark of the ENX Association. CIS has no business relationship with ENX in the context of these offers. The mention of the TISAX® trademark does not imply any statement by the trademark owner as to the suitability of the services advertised herein.

Your advantages
  • Fulfilment of automotive customer requirements
  • Recognition of test results on the automotive market / in the automotive supply chain
  • Protection of own company values
  • Raising awareness among employees
  • Basis for a possible ISO 27001 certification
  • Separate protection in the areas of prototyping and data protection
  • Sharing of the obtained test labels with selected business partners
Procedure of the TISAX® assessment
  • Internal self-assessment based on the VDA-ISA assessment catalogue
  • Registration on the ENX platform
  • Selection of the assessment provider (CIS)
  • Kick off meeting
  • TISAX® assessment (level 2 remote, level 3 on-site)
  • Joint agreement on the assessment result
  • Derivation of the standardized report
  • Processing of the measures
  • Issuance of the assessment label

The procedure of a TISAX® assessment is similar to that of an audit. The duration of the assessment depends on the size and structure of your company, and thus on the complexity of your ISMS, and is agreed with you by CIS. The individual elements are assessed using maturity levels, thus providing a good overall view of the strengths and potentials of the implemented ISMS.
If your company has already been certified according to ISO 27001, this provides an excellent basis and facilitates the TISAX® audit based on it. At the same time, ISO 27001 is not a mandatory prerequisite and the TISAX® requirements can also be implemented completely separately.


We are pleased that you are interested in our services. We gladly provide you with free and non-binding information and therefore kindly ask you for the following information:

Error: Contact form not found.

We look
forward to
hearing from

Write to us!

Do you have specific inquiries about the CIS service portfolio? Our experts will be happy to provide you with advice and support at any time!

We support you in reaching your long-term goals!

+43 1 532 98 90