TISAX - ISMS for the automotive industry
The Trusted Information Security Assessment Exchange (TISAX®) requirements define the automotive industry’s „Information Security Management System“ (ISMS), information security guidelines. Since 2017, TISAX® certification is a prerequisite for many German automotive groups to cooperate with suppliers. If you want to participate in contract proposals with the automotive industry, you need a TISAX® certification.
These requirements are in line with the „VDA ISA“, and the ISO 27001. Regarding those issues, our experts are always up to date, and are able to properly advise you.
For a fixed monthly fee, we are available as an external ISB/ CISO, to manage all of your tasks, in line with VDA ISA (TISAX®).
In order for you to understanding the issue of guidelines, our consultants will provide you with basic knowledge about information security. Furthermore, you will be familiarized with the TISAX® conditions, as our TISAX® ISMS experts will thoroughly explain the TISAX® asset directory. To prepare you for the TISAX® assessment, our consultants will implement new IT systems, thus significantly improving your company’s information security risk management. Our experts have many years of experience in building, planning, long-term maintenance, and ISMS improvement. When sharing knowledge, they always focus on practical examples, thus bringing your company to acquiring the certification, so that the implementation of the TISAX® requirements should be of no obstacle. This way, in the future, you will be able to operate as a supplier to the automotive industry.
This TISAX Project Process - ISMS for the automotive industry
(status quo analysis/audit on information security), in accordance with the current VDA ISA (TISAX®); system and process auditing Compliance with standard-compliant information security and data protection specifications from the current VDA ISA (TISAX®)
Creation of a comprehensive project plan for the efficient and effective implementation of all requirements
- as prerequisites, an in-depth asset and risk management, for all future measures in conjunction with emergency management
- IT security as an essential component of current information security
- infrastructural security, including the creation and definition of security zones and organized visitor management
- creation of organization-specific technical and organizational guidelines, e.g. on passwords, encryption
Internal review audit, before the final certification audit
by designation as external Information Security Officer (ISB)/ Chief Information Security Officer (CISO)