Your journey to the TISAX® label
Your journey to the TISAX® label
Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry. The TISAX label confirms that a company’s information security management system complies with defined security levels and allows sharing of assessment results across a designated platform.
The Original Equipment Manufacturer (OEM) collaborates with multiple companies across the value chain for the design, manufacturing, and distribution of their vehicles. To facilitate collaboration, the OEM frequently shares confidential information, such as a prototype design, with the supplier base. If valuable data is not effectively protected, the exchanges along the supply chain may cause losses, manipulations or even theft of trade secrets. Consequently, OEMs will want to ensure that their suppliers and partners, including marketing and sales organisations, have a solid information security management system in place before they are contracted.
To meet the information security needs of the automotive industry, the German Association of the Automotive Industry (VDA) established a set of widely accepted security requirements and outlined these in a catalogue known as the VDA Information Security Assessment (ISA). The TISAX label is based on the ISA requirements.
The TISAX label makes it easy for companies to share their information security status, which means:
Companies often embark on the process to achieve TISAX label upon request of a potential customer. Others initiate the process to be well-positioned for future prospects. Your individual TISAX journey will depend on your objectives, as well as the status of your current information security system. Irrespective of the path chosen, TÜV SÜD offers training and certification services to support you through the process, step-by-step.
The TISAX process consists of two phases: preparation and assessment
As a first step, identify the requirements your company are facing and map them against your implemented information security management system (ISMS).
The initial and mandatory self-assessment is followed by a third-party assessment. The audit can either require a documentation-based plausibility check (Assessment Level 2), or a more comprehensive on-site-inspection (Assessment Level 3). Upon completion of the successful audit, the auditor uploads the final report to your TISAX platform, including your company’s TISAX-label. With your approval, OEMs and other partners can then access your TISAX status, thereby attaining a third-party confirmation of your security efforts.
TÜV SÜD is approved by ENX to perform TISAX assessments and to issue the respective report and label. Select TÜV SÜD as an auditor when you register as a participant on the TISAX platform.
TÜV SÜD is a leading provider of auditing and training services for management system standards. With an international network of auditors and a broad training portfolio, we help customers worldwide to achieve stable operations and improved performance.
Get familiar with the requirements of ISO/IEC 27001 and TISAX to prepare for a smooth assessment
TÜV SÜD provides public training for professionals and companies of all sizes and industries. More than 300 experts at over 80 locations provide state-of-the-art technical and management qualification programs using a hands-on and practice-focused approach. Our qualifications and personnel certificates satisfy the highest quality standards and enjoy an excellent global reputation.
Certify your management systems according to ISO/IEC 27001 and/or TISAX and create customer trust
TÜV SÜD’s experienced auditors possess the accreditation and expertise to conduct ISO/IEC 27001 audits across industries. Furthermore, TÜV SÜD conducts TISAX assessments for the automotive industry, as approved by ENX. Through our worldwide network of professionals, we can provide certification services no matter where your business is located. The TÜV SÜD certification mark is recognised throughout industries, instilling trust and transparency.
Implement an Information Security Management System according to ISO / IEC 27001
Strengthen your competitive capabilities by demonstrating commitment to quality.
Gear up for safety and success in the automotive & transportation industry.