Many automobile manufacturers often develop their products in cooperation with supplier companies. In 2017, the Association of the Automotive Industry (VDA) developed the TISAX ® test and exchange mechanism to ensure secure processing and a trustworthy exchange of information between these companies. With TISAX®, a certification for information security in the company is created for automotive suppliers, which is specifically aimed at the needs of the automotive industry. The implementation of a TISAX® project is a complex challenge. With TÜV-certified TISAX® consultants from aigner business solutions GmbH, however, we support you efficiently and effectively in order to obtain the desired certification as quickly as possible. Find out more in our blog article and our first video in the TISAX ® series – simply explained.
Who is obliged to strive for certification according to TISAX®?
The topic of TISAX® (Trusted Information Security Assessment Exchange) has become more and more present in recent months. There is still no general obligation to introduce TISAX®. More and more automotive suppliers have been asked by their customers to introduce an information security management system according to TISAX®. As soon as one of your business partners asks you to do so, you should comply with the request in order to be able to continue to guarantee a confidential and secure partnership between you and your customers. Because the legal obligation to TISAX® in the automotive industry is probably only a matter of time in the age of digitization.
How does the introduction of TISAX® work?
A TISAX® project is basically divided into three larger process steps:
As soon as you receive the request to implement TISAX®, you have to register in the portal provided for this. This gives the VDA information that your company is dealing with the topic and that the project is being initiated.
As soon as you are registered for the TISAX® program, the implementation of the project in your company begins. Depending on the defined test objective, a large number of technical and organizational IT security measures must be implemented. The exact requirements for this result from the required assessment level and from the result of the pre-filled VDA-ISA questionnaire.
Examination and exchange:
As soon as all relevant measures have been implemented and documented, the previously selected audit service provider can audit the management system as an independent third party and, if the approval is successful, also award you the corresponding TISAX® label. You then exchange this with your business partners via the TISAX® platform and thus demonstrate the proper compliance with information and IT security in your company.
Would you like to find out more about TISAX ®?
In this video we answer further questions about TISAX® certification:
- What is TISAX® anyway?
- How does the certification process work?
- What are the certification requirements?
- How does TISAX® differ from the ISO 27001 certification?
- How long does the certification process take?
- Where does most of the effort go?
TÜV-certified TISAX ® consultants at aigner business solutions GmbH
Regardless of the test objective or the requirements of your business partner, the implementation phase of TISAX® is always a complex and challenging project. So that you can achieve certification, we are happy to support you with the preparation.
With TÜV-certified TISAX® consultants, we can now help you even more efficiently and better, so that you too can achieve your goal as quickly as possible. This means that you can continue to concentrate on your core business. Please do not hesitate to contact us.
Do you have any questions on this subject? Find out more on our TISAX® service page. We are also available for you personally: Call us on 08505 919 27-0 or fill out our contact form. We are happy to help!
TISAX is a trademark of the ENX Association.
Thomas Greiner ist Informationssicherheitsmanager & Auditor nach ISO 27001 (TÜV Austria) und absolvierte sein Studium für „Sichere Informationssysteme“. Thomas Greiner bringt mehrere Jahre IT-Erfahrung aus national und international agierenden Unternehmen und Konzernen mit.
Nun unterstützt er unsere Kunden in allen Themen aus dem Bereich der IT-Sicherheit, Cyber-Angriffe oder IT-Risk Management sowie in allen technischen und organisatorischen Angelegenheiten der Informations- und IT-Sicherheit. Als TÜV-zertifizierter TISAX®-Berater führt er unsere Kunden aus der Automobilbranche als Consultant im Vorfeld zum erfolgreichen TISAX®-Audit.
This post is also available in: German