TISAX: Information security for the automotive industry

TISAX® Label and Training

Your journey to the TISAX® label

Your journey to the TISAX® label

What is TISAX®?

Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry. The TISAX label confirms that a company’s information security management system complies with defined security levels and allows sharing of assessment results across a designated platform.

 

Why information security is important to OEMs

The Original Equipment Manufacturer (OEM) collaborates with multiple companies across the value chain for the design, manufacturing, and distribution of their vehicles. To facilitate collaboration, the OEM frequently shares confidential information, such as a prototype design, with the supplier base. If valuable data is not effectively protected, the exchanges along the supply chain may cause losses, manipulations or even theft of trade secrets. Consequently, OEMs will want to ensure that their suppliers and partners, including marketing and sales organisations, have a solid information security management system in place before they are contracted.

 

Benefits of attaining the TISAX® label

To meet the information security needs of the automotive industry, the German Association of the Automotive Industry (VDA) established a set of widely accepted security requirements and outlined these in a catalogue known as the VDA Information Security Assessment (ISA). The TISAX label is based on the ISA requirements.

The TISAX label makes it easy for companies to share their information security status, which means:

  • Saving time and cost by avoiding duplication of assessments based on customer requirements
  • Gaining a competitive edge by fulfilling stringent requirements and creating customer trust
  • Protecting critical data and reducing liabilities

 

A step-by-step guide to achieve TISAX® LABEL

Companies often embark on the process to achieve TISAX label upon request of a potential customer. Others initiate the process to be well-positioned for future prospects. Your individual TISAX journey will depend on your objectives, as well as the status of your current information security system. Irrespective of the path chosen, TÜV SÜD offers training and certification services to support you through the process, step-by-step.

The TISAX process consists of two phases: preparation and assessment 

TISAX Journey to certification

 

Prepare for YOUR TISAX® assessment

As a first step, identify the requirements your company are facing and map them against your implemented information security management system (ISMS).

  • If your company does not yet have an effective information security management system (ISMS) in place, one option could be to implement an ISMS according to the leading management system standard for information security, ISO/IEC 27001. The implementation and certification according to ISO/IEC 27001 is not a requirement for TISAX but ensures effective information security management for your company overall. Furthermore, it's regarded a solid foundation for a subsequent TISAX assessment. TÜV SÜD offers public training to support implementation of ISMS, as well as auditing and certification services for companies interested in ISMS according to ISO/IEC 27001.
  • The process  to achieve TISAX label starts with a thorough self-assessment. A good understanding of the TISAX requirements and criteria is vital for the internal analysis and can help you take necessary steps to close critical gaps before the external audit. TÜV SÜD provides comprehensive training for professionals who would like to learn more about the TISAX requirements and structure, including the process to achieve TISAX label. 

THE TISAX® ASSESSMENT process

The initial and mandatory self-assessment is followed by a third-party assessment. The audit can either require a documentation-based plausibility check (Assessment Level 2), or a more comprehensive on-site-inspection (Assessment Level 3). Upon completion of the successful audit, the auditor uploads the final report to your TISAX platform, including your company’s TISAX-label. With your approval, OEMs and other partners can then access your TISAX status, thereby attaining a third-party confirmation of your security efforts.

TÜV SÜD is approved by ENX to perform TISAX assessments and to issue the respective report and label. Select TÜV SÜD as an auditor when you register as a participant on the TISAX platform.




 

Why choose TÜV SÜD?

TÜV SÜD is a leading provider of auditing and training services for management system standards. With an international network of auditors and a broad training portfolio, we help customers worldwide to achieve stable operations and improved performance.

 

Get familiar with the requirements of ISO/IEC 27001 and TISAX to prepare for a smooth assessment

TÜV SÜD provides public training for professionals and companies of all sizes and industries. More than 300 experts at over 80 locations provide state-of-the-art technical and management qualification programs using a hands-on and practice-focused approach. Our qualifications and personnel certificates satisfy the highest quality standards and enjoy an excellent global reputation.

Visit our training page for more information

 

Certify your management systems according to ISO/IEC 27001 and/or TISAX and create customer trust

TÜV SÜD’s experienced auditors possess the accreditation and expertise to conduct ISO/IEC 27001 audits across industries. Furthermore, TÜV SÜD conducts TISAX assessments for the automotive industry, as approved by ENX. Through our worldwide network of professionals, we can provide certification services no matter where your business is located. The TÜV SÜD certification mark is recognised throughout industries, instilling trust and transparency.

EXPLORE

TISAX Infosheet
อินโฟชีท

TISAX® Label

Initiate your journey to TISAX® label today.

Learn More

ISO IEC 27001
ไวท์ เปเปอร์

ISO/IEC 27001 Whitepaper

Implement an Information Security Management System according to ISO / IEC 27001

Learn More

IATF 16949
ไวท์ เปเปอร์

IATF 16949 – การบริหารจัดการคุณภาพยานยนต์

เสริมสถานะการแข่งขันของคุณให้แข็งแกร่งด้วยการแสดงความมุ่งมั่นในการพัฒนาคุณภาพ

อ่านเพิ่มเติม

Automotive Essentials
อี-เซ็นเชียล

E-ssentials เกี่ยวกับยานยนต์

เตรียมพร้อมเพื่อความปลอดภัยและมุ่งสู่ความสำเร็จด้านยานยนต์และการขนส่ง

อ่านเพิ่มเติม

VIEW ALL INDUSTRY RESOURCES

เรื่องที่เกี่ยวข้อง

เลือกที่ตั้งของคุณ