Successful implementation of TISAX® for the automotive industry

TISAX® consulting

Information security according to VDA ISA

TISAX® (Trusted Information Security Assessment Exchange) is the recognized assessment and exchange standard for information security in the automotive industry. It is based on the VDA ISA catalog and is a prerequisite for cooperation for many OEMs and suppliers.

Our TISAX® consulting supports you in systematically meeting all requirements - from setting up a suitable information security management system (ISMS) to successful TISAX® certification. In doing so, we take into account the reality of your company as well as industry-specific features.

Our services for your TISAX® certification
- GAP analysis in accordance with VDA ISA & maturity level assessment
- Measure planning and document creation (incl. security guidelines, risk analysis, catalog of measures)
- Assistance throughout the entire certification process - including during the assessment by the inspection body
- Awareness training & training for employees and managers
- Building a resilient ISMS structure - compliant with ISO/IEC 27001 and VDA ISA
- Support with re-certification or reworking of existing audits
Your advantages
- recognized proof of information security in the automotive industry
- structured preparation for TISAX® certification
- legally compliant implementation of VDA ISA requirements
- individual consulting for location, scope & audit level
- experienced consultants with automotive and audit expertise
- sustainable strengthening of the security culture in your company

Prepare for TISAX® certification now

Rely on experienced support for your TISAX® project - targeted, efficient and at eye level.

What is TISAX®?

TISAX® stands for "Trusted Information Security Assessment Exchange" and is a test procedure for information security that was specially developed for the automotive industry. It is based on the VDA ISA catalog and serves as standardized proof of security measures between business partners.

What is the difference between TISAX® and ISO 27001?

ISO 27001 is an international standard for ISMS - TISAX® uses this as a basis, but supplements it with industry-specific requirements from the VDA ISA catalog. For many companies, an existing ISO 27001 ISMS is a good basis, but must be adapted accordingly for TISAX®.

Who needs TISAX®?

TISAX® is mandatory or strongly recommended for:

Automotive suppliers and service providers
IT and development service providers with access to sensitive OEM data
Companies with physical access to OEM infrastructure
Partners involved in security-related projects

How does the TISAX® certification process work?

Preparation & GAP analysis (e.g. by us)
Implementation of the required measures
Selection and registration with an accredited TISAX® assessment provider
Conducting the assessment (depending on the scope also on site)
Publication of the result on the TISAX® platform

How long does it take to prepare for TISAX®?

Depending on the initial situation and target test level, the typical time frame is 3-9 months. With a clear project structure and targeted advice, preparation can be designed efficiently - even for smaller teams or parallel project workloads.

What assessment levels are there with TISAX® and what do they mean?

Level 1: simple self-assessment
Level 2: remote assessment by audit service provider
Level 3: full on-site audit (for particularly sensitive data)

Which level is required depends on customer specifications and data classification - we will advise you individually.