TISAX ® (Trusted Information Security Assessment Exchange) is an automotive information security exchange platform. It is a platform where vehicle manufacturers, automotive suppliers, IT service providers, consultants and third-party software vendors can request and exchange information security requirements. TISAX has become mandatory by many German automotive manufacturers requiring it from their suppliers, even the smallest ones.

Under the hood, security requirements behind TISAX are based on VDA (Verband der Automobilindustrie) – an Information Security Assessment tool very similar to ISO 27001 and the Annex A controls. It adds specific automotive-focused controls, such as prototype protection and data protection.

TISAX guided implementation tisax-logo

TISAX implementation milestones

1. Building ISMS

A baseline for TISAX activities is to have efficient and functioning ISMS. It can be based, for example, on ISO 27001 or other similar standards.

At this point, it’s also important to understand TISAX requirement: objectives and assessment level since it may significantly impact your ISMS.

2. TISAX assessment

  • Registration on the ENX portal
  • Finding an auditor
  • Assessment based on the scope
  • Official TISAX label and exchange

Contact us to get a free TISAX consultation

Our experts will gladly consult you on the specifics of your compliance requst and advise you on the optimal implementation steps.

Relation between TISAX and ISO 27001

The VDA and ISO 27001 are very much alike, especially in the Information Security objective. Hence, we recommend first certifying ISO 27001 and then “upgrading” it to TISAX. Such an approach has proven to be more efficient for our clients and gives them more strategic benefits towards their clients.

Case studies

Check out how we already helped clients:


Please tell us what are you looking for and we will happily support you in that.

Feel free to use our contact form or contact us directly.