TISAX: TRUSTED INFORMATION SECURITY ASSESSMENT EXCHANGE
This term refers to a standard that has been defined in the automotive industry for the flow of information. It serves the purpose of cross-company recognition of assessments and creates a joint testing and exchange mechanism for this purpose. The results always remain under the control of the companies that can be audited.
The German Association of the Automotive Industry (Verband der Automobilindustrie e.V.) (VDA) has been providing an Information Security Assessment (VDA ISA) for several years and thus offers all companies active in the automotive industry the opportunity to define a uniform information security status.
The requirements for the VDA ISA are defined by a working group “Information Security” of the VDA and are based on ISO/IEC 27001.
The earlier audits according to VDA ISA were always carried out by the requesting company (e.g. their customer or supplier). However, these results were not shared with others and so it could happen that three audits had to be carried out for three customers. This enormous effort has repeatedly caused problems in the fast moving industry.
TISAX is the approach to create a central standard that is accepted by each other and can be assigned by several accredited testing service providers.
TISAX and VDA ISA test technical and organizational information security. Many companies “live” a certain degree of information security, but have not documented it.
But for a successful TISAX certification a good documentation of the environment and security mechanisms is indispensable.
If you have any questions about TISAX including good documentation, please do not hesitate to contact us.
|Kontakt zu uns|
|Telefon: 0531 / 123 129 0|