ID Europe
Contact
Services Top
IT Project Management
IT Support
System Development
Cyber Security Audit support
ISO27001 Certificate
G-MDR(Global-Managed Detection and Response Services)
Vulnerability Assessment
Web Tampering Detection
TISAX

TISAX

TISAX

TISAX (Trusted Information Security Assessment eXchange) is an information security standard for the automotive industry, which is developed and operated by the German Association of the Automotive Industry (VDA) in cooperation with ENX (European Network eXchange).

TISAX is designed based on ISO/IEC 27001 and followed by a self-assessment and an audit by an assessment body based on the VDA-ISA (Information Security Assessment Sheet developed by the German Association of the Automotive Industry). Audit and certification results are registered and published on the ENX Portal, allowing efficient sharing of audit results between OEM and business partners in the supply chain.

The automotive industry has an extensive supply chain and handles a variety of information systems and data. In the unlikely event of an information leak or other security incident at a supplier, dealer, or vendor, the entire supply chain could be severely impacted.
Under these circumstances, it is an important issue for automakers to ensure that their business partners are taking appropriate security measures against security risks, which are becoming more sophisticated every day.

In recent years, European automobile manufacturers are increasingly requiring their domestic and overseas suppliers to obtain TISAX certification.

Process to obtain TISAX certification

The TISAX certification process consists of the following four steps:
(1) Advance preparation
(2) ENX Portal registration (determination of audit scope and selection of audit organization)
(3) Audit by audit organization
(4) Registration and release of audit results

The audit begins upon registration on the ENX Portal, but the entire process (from initial audit to improvement measures) must be completed within 9 months. Therefore, if you suspect that your current security posture does not meet the requirements, you need to plan carefully by conducting a self-assessment before registering with the ENX Portal to identify problem areas and take corrective actions before going through the full audit.

Standard process and support services for TISAX certification