TISAX® Assessment: local service – global reach

Welcome to the Trusted Information Security Assessment eXchange (TISAX^®), your gateway to ensuring the security of sensitive information within the automotive industry. TISAX^® is a comprehensive assessment and exchange procedure developed by the VDA working group "Information Security" to uphold the highest standards of information security across all industry players.

In today's digital age, the automotive industry relies heavily on the exchange of confidential data. TISAX^® plays a crucial role in maintaining a uniform level of information security among car manufacturers, service providers, and suppliers. By participating in the TISAX^® procedure, organizations can:

• Ensure Compliance: TISAX^® assessment helps prove compliance with information security requirements to customers.
• Trust and Confidence: Achieve greater trust and confidence among stakeholders, enhancing your company’s reputation in the industry.
• Save Time and Costs: With assessments conducted every three years, TISAX^® streamlines the process, saving significant time and costs.
• Facilitate Collaboration: Mutual recognition among TISAX^® participants based on defined sharing level(s) promotes a commonly accepted assessment standard, facilitating the exchange of assessment results.

TISAX^®, an assessment and exchange mechanism, was launched at the beginning of 2017 and is based on the ISA (Information Security Assessment) of the German Association of the Automotive Industry (VDA), which is closely aligned with the international standard ISO/IEC 27001. The ENX Association is responsible for defining the assessment levels and scopes within the TISAX^® program. In addition, a specially developed online platform enables the industry-wide exchange of assessment results for information security in the automotive sector. The ENX Association is responsible for both the governance of TISAX^® and the operation of this platform. When companies release their assessment results on this platform, they signal to their direct business partners and all participating companies that their information security standards meet the requirements of TISAX^®.

Ensure the security of your sensitive information in the automotive industry by participating in the TISAX^® process. Register today to join a network committed to upholding the highest standards of information security, supported by our global network of auditors who are ready to serve you locally.

The ENX Association published the latest edition of the VDA Information Security Assessment (ISA) catalog, version 6, in October 2023. This updated catalog serves as the authoritative basis for the assessment of information security and cybersecurity within the framework of TISAX^®.

For TISAX^® contracts signed from April 1, 2024, the TISAX^® assessments must be conducted in accordance with the updated ISA version 6.0. For TISAX^® contracts signed before April 1, 2024, ongoing assessments to the original ISA version 5.1 remains applicable.

The ISA catalog 6.0 represents an important step forward for TISAX^® and reflects the global orientation and the efforts to continuously develop the standard.

Choosing TÜV Rheinland as your partner means opting for a globally recognized leader in safety and quality. Our audits are not only thorough but also carry the weight of international recognition, making them a valuable asset for manufacturers, suppliers, and service providers throughout the automotive value chain. Our experienced and independent experts are at the forefront of providing comprehensive TISAX^® assessment services. With a wealth of long-standing experience and extensive expertise, we are equipped to offer unparalleled support. Trust in us as your internationally recognized and neutral testing service provider. Choose TÜV Rheinland, and take a significant step towards excellence, safety, and sustainability in your automotive endeavors.

Contact us today and strengthen your company's cyber security!

Disclaimer: At TÜV Rheinland, the neutrality, objectivity, independency and impartiality of our activities are of utmost importance. Our assessment and audit activities follow these values in compliance with the applicable accreditation requirements. All the necessary structural, organizational and processual measures are in place in all levels of the organization in order to avoid conflicts of interest (e.g. rigorous separation of consultancy and certification) and to ensure impartiality. We do not offer or provide management system consultancy by an accredited certification body for management systems. Within the TR Group, we ensure a minimum 2-year interval between management system consultancy and certification activity for the same costumer.