The Trusted Information Security Assessment Exchange (TISAX) is a cybersecurity assessment framework developed by the German Association of the Automotive Industry (VDA). It is used by organisations in the automotive industry to assess and improve their cybersecurity posture.
Organisation can identify themselves as “Supplier” as active participant, or customer “Passive Participant”. The active participant undergoes the TISAX assessment and submits the report to the Passive Participant.
The key to TISAX is the baseline of the Information Security Management System – ISMS implemented.
The IARM Information Security team can help organisations to arrive at the scope and assessment objectives. Out of the 8 assessment objectives, IARM shall study the organisation and its service deliveries to arrive at the assessment objective more suitable and as per the requirements of the customer “Passive Participant”
IARM has the team, knowledge, and capabilities to perform two levels of assessment on information security as per TISAX.
Assessment Level 1 (AL1): Assessments at level 1 are mainly for internal purposes and are similar to a self-assessment. The auditor checks for the existence of a completed self-assessment. No evidence is required for Assessment Level 1. The results of the AL1 have a low trust level, but may be accepted by the customer if not TISAX.
Assessment Level 2 (AL2): In assessment level 2, the auditor performs a plausibility check on the organization’s self-assessment (for all locations within the assessment scope). Evidence is checked along with an interview session with a member of the stakeholder to validate the process and maturity level within the organization.
Assessment Level 3 (AL3): IARM has empaneled third-party certification bodies who can liaise with IARM auditors and the customer or supplier to perform a comprehensive compliance verification with the applicable requirements. The audit will involve an onsite assessment, interview session, verification of documents and artifacts, and testing of metrics.
By achieving TISAX Certification Readiness, businesses demonstrate to their customers and partners that they take information security seriously and have implemented best practices to protect against cyber threats.
Ensure that your business is prepared to meet the security standards of the automotive industry with TISAX (Trusted Information Security Assessment Exchange) certification readiness. Our team has the knowledge and capabilities to guide you through the TISAX assessment process and help you achieve certification. Contact us now to learn more about becoming TISAX certification ready and protecting your business from cyber threats.