TISAX stands for Trusted Information Security Assessment Exchange), it comprises an information security standard for the automotive industry.
It consists of requirements from VDA-ISA (Verband der Automobilindustrie Information Security Assessment). The latest version is 6.0, and can be downloaded here ↗️.
TISAX is relevant for all organizations (developing technology used) in the automotive industry
The VDA-ISA requirements can be divided into three categories:
- Information security (45 controls)
- Prototype protection (22 controls)
- Data protection (12 controls)
For each control, there are “must have” and “should have” requirements, in some cases extended with additional requirements for (very) high protection needs (as indicated by the client).
Relationship with ISO 27001
Rather than looking at it as a whole new set of requirements, it is recommended to utilize the synergy with ISO 27001, as both frameworks cover the same ground. And, depending on the auditing firm you are contracting, the audits could even be combined!
The TISAX add-on maps the chapters of TISAX requirements to ISO 27001 and Annex A controls, in a more extensive and effective way than provided in VDA-ISA 6.
- Contains 7 mapping tables for the information security controls
- Contains 1 mapping table for prototype protection
- Contains 1 mapping table for data protection
- Each mapping table contains active hyperlinks to the relevant pages in Instant 27001
All prices are excluding applicable taxes (read more)