TISAX
What is TISAX?
Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry.
Why should I carry this Standard ?
To protect trade secrets, prototype information, customer information and other confidential data within the automotive industry, a TISAX certification is required by most major German OEMs from their partners in the automobile production and distribution chain.
Who needs TISAX?
- Automotive suppliers (providing parts, components, services etc.) must implement and maintain an Information Security Management System (ISMS) and, afterwards pass the corresponding level of TISAX audit to further be contracted by an OEM and/or enter the German automotive market.
- Any company that is a member of the VDA requires their suppliers to register for the TISAX. That includes German car companies like Audi, Volkswagon, and BMW.
How long does it take to get this implemented ?
After the initial document audit, the final TISAX assessment must be completed within 9 months. Both the official audit and any follow-up fixes must be finished in this timeframe. If a company passes TISAX certification, it remains valid for three years. Unlike ISO 27001, there are no yearly surveillance audits.
Advantage of TISAX?
- Assessment results were recognized by all TISAX participants.
- A commonly accepted assessment standard that enables the exchange of assessment results.
- Accepted by suppliers and original equipment manufacturers (OEMs)
- Saves time and money.
- Creates confidence in your company.
