TISAX Certificate

1
TISAX Certification
As the automotive industry continues to digitize,
the need for secure and robust information
security management grows larger and larger.
TISAX (Trusted Information Security Assessment
Exchange) enables automotive suppliers to meet a
set of requirements that signal to their
customers that they follow the highest standards
of data protection. TISAX certification is
required to do business with all major German
automotive manufacturers. https//enhancequality.c
om/standards/tisax-certification-for-automotive-in
formation-security-management/
2
As technology becomes increasingly integral to
vehicle operation, incredible amounts of data
area created, transferred, and store by
automotive manufacturers and suppliers during all
steps of the vehicles life cycle. From design to
prototyping to testing to production and
operation. In 2017, VDA (German Association of
the Automotive Industry Verband der
Automobilindustrie) developed TISAX a platform
that functions as an assessment and exchange
mechanism manufacturers and suppliers. The
platform includes an onlien component which
allows companies to share their ISA results
online, verify their assessments, and share
information. https//enhancequality.com/standards/
tisax-certification-for-automotive-information-sec
urity-management/
3

• The Benefits of TISAX
• Prevent Cyber Attacks and IT Breaches through
  implementation of a TISAX-compliant system
• Gain Customer Confidence Through Comprehensive
  Data Management Protection
• Identify Risks Through Value-Added Assessments
  that Test Your Information Technology Security
  Systems
• Receive
• Time and cost savings due to a standardization
  of assessment criteria
• Re-assurance in assessed companies
• https//enhancequality.com/standards/tisax-certifi
  cation-for-automotive-information-security-managem
  ent/

4

• Assessment Levels
• Companies applying for TISAX compliance can
  choose between three different levels of
  assessment.
• Level 1 Suppliers must fill out the ISA
  self-assessment and post it to the TISAX system.
• Level 2 For complex suppliers. Includes
  self-assessment followed by random checks from an
  approved auditor.
• Level 3 For suppliers handling high-sensitive
  data. Includes on-site inspection from an
  approved auditor based on self-assessment.
• https//enhancequality.com/standards/tisax-certifi
  cation-for-automotive-information-security-managem
  ent/

5

• The TISAX Assessment Process
• Step 1 Assessment Level Classification
  Clients assign an assessment level to suppliers
  based on the amount and sensitivity of data that
  they will be processing.
• Step 2 Registering with ENX The supplier
  will register with ENX.
• Step 3 Assessment An approved auditor
  performs an assessment based on the assessment
  level.
• Step 4 Reporting The supplier receives a
  report from the approved auditor regarding the
  assessment.
• Step 5 Deficiency Correction The supplier
  corrects any deficiencies found by the auditor.
• Step 6 Submitting Reporting The completed
  report is uploaded to the TISAX exchange platform
  where registered companies can access the results
  submitted by the supplier.
• https//enhancequality.com/standards/tisax-certifi
  cation-for-automotive-information-security-managem
  ent/