TISAX®

TISAX®

Trusted Information Security Assessment Exchange

Trusted Information Security Assessment Exchange
Red Overlay
TISAX®
Red Overlay

Information security in the automotive supply chain

Information security is absolutely critical to the automotive supply chain and the broader industry as a whole. In this sector where the highest levels of quality and safety are demanded, information security plays a crucial role in helping ensure the integrity and resilience of global supply chains.

What is TISAX®?

TISAX® stands for Trusted Information Security Assessment Exchange. TISAX® enables mutual acceptance of information security assessments in the automotive industry and provides a common assessment and exchange mechanism that ensures the secure sharing of sensitive information to partner companies, to inspire trust throughout the automotive supply chain.

TISAX® was established by VDA (the German association of the automotive industry) and is operated by ENX Association, who have assessed and confirmed BSI’s status as a TISAX® approved audit provider.

Developed by automotive industry security experts and based on international information security management system (ISMS) standards like ISO/IEC 27001, TISAX® provides a catalogue of requirements, covering virtual, physical and social aspects of information security, specific to the automotive supply chain. This catalogue is referred to as the Information Security Assessment (ISA) and forms the basis of the assessment conducted by BSI as an approved TISAX® audit provider.

Who does it apply to?

Original Equipment Manufacturers (OEMs) are increasingly recognizing, and in some cases mandating, that a TISAX® label is a demonstration of an organization’s compliance with information security requirements, therefore helping assure information security across the automotive supply chain.

There are currently more than 3,000 TISAX® participants (OEMs and TISAX® certified suppliers) across almost 6,000 registered locations worldwide. This includes a range of organizations working with OEMs, from vehicle component suppliers to technology service providers and beyond.

What are the benefits?

  • Avoids duplication of assessments and allows common recognition of assessment results
  • Facilitates renewal of existing supplier contracts
  • Provides business development opportunities/ connections thanks to industry-wide recognition
  • Addresses automotive-specific requirements and establishes a common level of information security in the industry
  • Inspires confidence and trust across the entire automotive supply chain
  • Provides efficiencies for both manufacturers and suppliers

Brochure

Your guide to TISAX Assessment

This guide clearly explains the assessment process, key terminology, and essential resources you’ll need to successfully obtain a TISAX® label.

View & Download

ขอใบเสนอราคา

เพื่อประเมินค่าใช้จ่ายในการขอรับการรับรองมาตรฐานและการฝึกอบรมสำหรับธุรกิจของคุณ

ขอใบเสนอราคา

Introducing TISAX: Information Security for the automotive sector | on-demand webinar

In this webinar, BSI’s Global Head of Automotive, Rob Brown, and TISAX Scheme Manager, Dennis Krieger, discuss the benefits of the TISAX assessment scheme, how TISAX enhances information security and complements other infosec standards, the steps to achieving a TISAX label and much more.

View on-demand webinar

What’s the relationship with ISO/IEC 27001?

It’s vital that organizations prove to customers, at regular intervals, that they comply with standardized and specific requirements relating to information security. Both TISAX® and ISO/IEC 27001 support this objective.

TISAX® closely aligns with ISO/IEC 27001 but has some additional automotive industry specific requirements, particularly focused on the supply chain. For example, the exchange of design data in development processes, and automated data exchange between networked production systems. In addition, the availability and reliability of production are more specifically addressed through TISAX® assessments. 

ISO/IEC 27001 clauses are referenced throughout the ISA so businesses can easily align managing security in the supply chain with any ISO/IEC 27001 information security management system used within their organization.

Download our guide on the relationship between ISO/IEC 27001 and TISAX®

What's the process?

  1. TISAX® registration: the client registers in the ENX portal, indicating the scope of the assessment.
  2. TISAX® assessment: the client goes through the assessment(s), conducted by a TISAX® assessment provider, i.e. BSI.
  3. TISAX® label: upon successful completion of the assessment, ENX provides the TISAX® label, enabling the assessed organization to share this with all TISAX® participants, or selected business partners.

TISAX® assessment levels

There are 3 TISAX® assessment levels, as described below. You will select the appropriate level at the registration stage.

  • AL 1: Self-assessment by the auditee. Assessment of existing self-declaration of the auditee
  • AL 2: Plausibility check of self-assessment restricted to evaluation of evidences and an expert interview
  • AL 3: Full assessment including evaluation of evidence, on-site inspection and expert interviews

Why BSI?

  • BSI is a global leader in standards and assurance solutions for the automotive sector and leads the way in information and cybersecurity standards, assurance and consulting.
  • We offer a powerful blend of automotive sector and information security expertise.
  • We have directly employed sector-experienced teams who receive ongoing training, meaning that we offer our clients a first-class service.
  • We have 84,000 clients operating in 193 countries and 90 offices in 31 countries, meaning we can consistently support clients in their international operations and global expansion plans.

ติดต่อเรา

ไม่ว่าในตอนนี้คุณกำลังเริ่มวางแผนที่จะทำการขอรับรองระบบ หรือต้องการพัฒนาระบบให้ดียิ่งขึ้น ติดต่อเรา เพื่อที่ทีมผู้เชี่ยวชาญของเราจะแนะนำให้คุณผ่านทุกกระบวนการ การขอรับรองระบบ

โทร 02-294-4889-92

อีเมลหาเรา: infothai@bsigroup.com
เยี่ยมชม Facebook ของเรา