Foundation Training on TISAX® - Trusted Information Security Assessment

ABOUT THE TISAX COURSE

Information security is one of the key elements in the automotive industry. Suppliers and service providers from the industry often process highly sensitive information from their clients. This results in client requests on evidence of compliance with stringent information security requirements. A supplier or service provider in the automotive industry thus requires to prove their compliance to the relevant standards at regular intervals.  

In the past, this evidence was provided by the supplier and/or service provider through the Information Security Assessment (ISA) developed by the German Association of the Automotive Industry (VDA). However, since individual manufacturers had to conduct these ISAs multiple times for their clients, it resulted in repeated assessments several times. In order to avoid the repetition and reduce the redundant audits, VDA has developed Trusted Information Security Assessment Exchange (TISAX) - an inter-company exchange mechanism based on Information Security Assessment (ISA). The dedicated TISAX online platform is designed to support cross-company recognition of information security assessments. 

TÜV SÜD is pleased to introduce an implementer course, to enable participant and companies to implement their TISAX requirements. As a part of the training course, qualified trainer/s will be delivering / guiding / helping participant and organizations to understand the implementation requirements and move further to achieve formal certification for their organisations.

Duration: 2-day course

Language: English

WHAT WILL YOU LEARN FROM THE COURSE?

At the end of the course, participants will be able to:

• understand information security requirement in Automotive Sector/Supply Chain 
• understand TISAX^® assessment requirement for implementation  
• get formal qualification for TISAX^® assessment

Topics to be covered in the course include:

• Course objectives and methodology
• Importance of information security
• Basics of information security
• Information security management system
• Introduction to "TUV-tools Inc." case study
• Organisational aspects of ENX, TISAX^® and VDA ISA
• Scope, applicability and approval of ISMS
• Guideline on information security
• Organization of information security and regulation of responsibility
• Handling modifications
• Management of information security assets
• Analysis of risks in information security
• Features of mobile assets
• Policy Mobile Devices & Remote Access
• Mobile Data Carriers
• Policy for taking away assets
• Access data and authentication
• User Access Management
• Password Management
• Authentication
• User Account Management
• Privileged User Access
• User Account Management
• Particular considerations for information security in project business
• Features when using cloud-based services
• Procurement and development of IT systems
• Handling suppliers and service providers
• Data protection and compliance
• Technical and organizational measures
• Responsibilities, training and awareness
• Reporting channels and emergency management

• Effectiveness and monitoring

what is the course methodology?

Participants will learn through lectures, case studies, group exercises and discussions.

Exam details: Closed book exam with 40 multiple-choice questions with a passing criteria of 65%. 
Certification: On successful completion, participants will receive a passing certificate. Participants unable to clear the exam would be provided an attendance certificate.

WHO SHOULD TAKE THE COURSE?

Professionals in the area of Automotive Product Designing, Automotive Embedded Software Designing, Data processing and Information security management, Automotive product designers and service providers – who are having high interface with OEMs and TIER 1 through data/information exchange and having an obligation of confidentiality management and liability to secure information are the right participants and organization for attending this implementer course of TISAX^® assessment. 

Pre-requisites: Basic knowledge about Information Security

WHO IS THE COURSE ADVISOR?

The course content and structure are designed by the domain experts from TÜV SÜD.

With immense experience and knowledge in the relevant standards, our team of product specialists and technical experts at TÜV SÜD, developed the course content based on current business landscape and market requirements.