Formal qualification of foundation level TISAX® assessment
Formal qualification of foundation level TISAX® assessment
Information security is one of the key elements in the automotive industry. Suppliers and service providers from the industry often process highly sensitive information from their clients. This results in client requests on evidence of compliance with stringent information security requirements. A supplier or service provider in the automotive industry thus requires to prove their compliance to the relevant standards at regular intervals.
In the past, this evidence was provided by the supplier and/or service provider through the Information Security Assessment (ISA) developed by the German Association of the Automotive Industry (VDA). However, since individual manufacturers had to conduct these ISAs multiple times for their clients, it resulted in repeated assessments several times. In order to avoid the repetition and reduce the redundant audits, VDA has developed Trusted Information Security Assessment Exchange (TISAX) - an inter-company exchange mechanism based on Information Security Assessment (ISA). The dedicated TISAX online platform is designed to support cross-company recognition of information security assessments.
TÜV SÜD South Asia is pleased to introduce a TISAX implementer course, to enable participant and companies to implement their TISAX requirements. As a part of the TISAX training course, qualified trainer/s will be delivering / guiding / helping participant and organizations to understand the implementation requirements and move further to achieve formal certification for their organisations.
Participants will be able to
• understand information security requirement in Automotive Sector/Supply Chain
• understand TISAX® assessment requirement for implementation
• get formal qualification for TISAX® assessment
• Course objectives and methodology
• Importance of information security
• Basics of information security
• Information security management system
• Introduction to "TUV-tools Inc." case study
• Organisational aspects of ENX, TISAX® and VDA ISA
• Scope, applicability and approval of ISMS
• Guideline on information security
• Organization of information security and regulation of responsibility
• Handling modifications
• Management of information security assets
• Analysis of risks in information security
• Features of mobile assets
• Policy Mobile Devices & Remote Access
• Mobile Data Carriers
• Policy for taking away assets
• Access data and authentication
• User Access Management
• Password Management
• Authentication
• User Account Management
• Privileged User Access
• User Account Management
• Particular considerations for information security in project business
• Features when using cloud-based services
• Procurement and development of IT systems
• Handling suppliers and service providers
• Data protection and compliance
• Technical and organizational measures
• Responsibilities, training and awareness
• Reporting channels and emergency management
• Effectiveness and monitoring
The right participants and organisations to attend the TISAX training are professionals in the area of Automotive Product Designing, Automotive Embedded Software Designing, Data processing and Information security management, Automotive product designers and service providers. This training is ideal for professionals who are have high interface with OEMs and TIER 1 through data/information exchange and having an obligation of confidentiality management and liability to secure information as a part of TISAX requirements set out by the VDA ISA assessment catalogue.
02 Days
Basic knowledge about Information Security
Closed book exam with 40 multiple-choice questions with a passing criteria of 65%.
On successful completion of TISAX training, participants will receive a passing certificate. Participants unable to clear the exam would be provided an attendance certificate.
Site Selector
Global
Americas
Asia
Europe
Middle East and Africa
