
TISAX label
Ensure information security along the entire automotive supply chain.What is TISAX label?
Trusted Information Security Assessment Exchange (TISAX) is an automotive industry assessment and exchange mechanism that assures users information will remain secure. TÜV SÜD’s TISAX label confirms your information security management system (ISMS) complies with defined security levels, and that it allows sharing of assessment results across a designated platform. s
Your individual TISAX journey will depend on your objectives, as well as the status of your current ISMS. TÜV SÜD offers training and certification services to support you through the process, step-by-step.
Why TISAX label is important
Original equipment manufacturers (OEM) collaborate with multiple companies across the value chain and frequently share confidential information with suppliers. Exchanges along the supply chain may result in losses, manipulations, or trade secret theft, if valuable data is not protected effectively. OEMs want to ensure the entire value chain has a solid ISMS before suppliers are contracted.
The TISAX label is based on the German Association of the Automotive Industry’s Information Security Assessment (ISA) requirements. The TISAX label makes it easy for companies to prove their automotive cybersecurity status, which means:
- Saving time and cost as you avoid duplication of assessments based on customer requirements.
- Gaining a competitive edge by fulfilling stringent industry requirements and creating customer trust.
- Protecting critical data and reducing liabilities.
How TÜV SÜD can help you with TISAX label
TÜV SÜD is a leading provider of auditing and training services for management system standards. Our international network of auditors and broad training portfolio helps customers worldwide to achieve stable operations and improved performance.
We are approved by ENX to perform TISAX assessments and issue TISAX labels. We also offer training for ISMS implementation, as well as ISO/IEC 27001 audit and certification services. More than 300 experts in over 80 global locations provide state-of-the-art technical and management qualification programmes. These satisfy the highest quality standards and have an excellent global reputation.
Select TÜV SÜD as an auditor when you register as a participant on the TISAX platform.
The TISAX label process
The TISAX process consists of two phases: preparation and assessment.
Preparation
The process to achieve a TISAX certification TISAX label starts with a thorough self-assessment. This first step of TISAX certification identifies the requirements your company is facing and maps them against your ISMS. It is vital to have a good understanding of requirements and criteria as this helps you to close critical gaps before the external TISAX audit.
If your company does not yet have an effective ISMS in place, you could implement it according to ISO 27001. While this is not a requirement for TISAX, it ensures effective information security management for your company overall. It is also a solid foundation for subsequent TISAX assessments.
TISAX assessment
The initial mandatory self-assessment is followed by assessment by an independent third-party such as TÜV SÜD. The TISAX audit requires either a documentation-based plausibility check (Assessment Level 2), or a more comprehensive on-site-inspection (Assessment Level 3).
Upon completion of the successful TISAX audit, the TÜV SÜD auditor uploads the final report to your TISAX platform. This includes your company’s TISAX-label. OEMs and other partners can then access your TISAX status, giving them reassurance of your automotive cybersecurity efforts.