We are happy to report that our client, a community platform Open Social, has recently gained ISO 27001 certification. Over
TISAX ® (Trusted Information Security Assessment Exchange) is an automotive information security exchange platform. It is a platform where vehicle manufacturers, automotive suppliers, IT service providers, consultants and third-party software vendors can request and exchange information security requirements. TISAX has become mandatory by many German automotive manufacturers requiring it from their suppliers, even the smallest ones.
Under the hood, security requirements behind TISAX are based on VDA (Verband der Automobilindustrie) – an Information Security Assessment tool very similar to ISO 27001 and the Annex A controls. It adds specific automotive-focused controls, such as prototype protection and data protection.
TISAX implementation milestones
1. Building ISMS
A baseline for TISAX activities is to have efficient and functioning ISMS. It can be based, for example, on ISO 27001 or other similar standards.
At this point, it’s also important to understand TISAX requirement: objectives and assessment level since it may significantly impact your ISMS.
2. TISAX assessment
- Registration on the ENX portal
- Finding an auditor
- Assessment based on the scope
- Official TISAX label and exchange
Contact us to get a free TISAX consultation
Our experts will gladly consult you on the specifics of your compliance requst and advise you on the optimal implementation steps.
Relation between TISAX and ISO 27001
The VDA and ISO 27001 are very much alike, especially in the Information Security objective. Hence, we recommend first certifying ISO 27001 and then “upgrading” it to TISAX. Such an approach has proven to be more efficient for our clients and gives them more strategic benefits towards their clients.
Check out how we already helped clients:
Please tell us what you are looking for, and we will happily support you in that. Feel free to use our contact form or contact us directly.