Our prominent experience and market presence in the field of information security and privacy security management, TECHNOCRAT CONSULTANTS is extending the consulting services to automotive sector for TISAX certification to our esteemed customers.
What is TiSAX?
Information security is one of the key elements in the automotive industry. A service provider or a supplier working in the automotive industry must provide an evidence to its customers, at regular intervals, confirming its compliance towards the standards and regulations pertaining to information security. In the past, this evidence was provided through the Information Security Assessment (ISA) developed by Verband der Automobilindustrie (VDA) aka the German Association of the Automotive Industry. However, individual suppliers and service providers had to undergo multiple audits for their clients through ISA. This prompted VDA to introduce Trusted Information Security Assessment Exchange (TISAX). TISAX is a common assessment and exchange mechanism in the automotive industry that brings-in standardization and quality assurance and helps to avoid redundant audits.
To support organisations in fulfilling TISAX requirements and improve their understanding with regards to the assessment requirements, TECHNOCRAT CONSULTANTS offers TISAX consulting services and a foundation training course.
TISAX Assessment Levels:
- Assessment level 1 is the self-assessment of the auditee. It is further used in some special cases of simplified group assessments
- Assessment level 2 assesses the plausibility of the audits self-assessment and is based on documents and provided evidence. The auditor will need sufficient documentations to verify plausibility. AL2 is usually performed remotely.
- Assessment Level 3 is a full on-site-assessment including all methods known from management system audits like ISO 27001
NO. | Assessment Objective | Abbreivation | AL |
1 | Information requiring a high level of protection | Info high | AL 2 |
2 | Information requiring a very high level of protection | Info very high | AL 3 |
3 | Connection with a third party requiring a high level of protection | Con high | AL 2 |
4 | Connection with a third party requiring a very high level of protection | Con very high | AL 3 |
5 | Data Protection in accordance with Art. 28 GDPR (Processor) | Data | AL 2 |
6 | Data protection in accordance with Art. 28 GDPR (Processor) for specific categories of personal data | Special data | AL 3 |
7 | Protection of prototype parts and components | Proto parts | AL 3 |
8 | Protection of prototype vehicles | Proto Vehicles | AL 3 |
9 | Handling test runs | Test Vehicles | AL 3 |
10 | Protection of prototypes during events and film/photo shoots | Event + Shootings | AL 3 |
- Our Advantage
- Applicability
- Consulting Methodology
- More than 10 years of experience in the field of information security with large client base with all possible certification and assessment services
- Technically equipped consulting team with benchmarked qualification and experience
- Global presence with loyal client base
This standard is applicable to all businesses in today’s day and age. Contrary to popular perception this is not a certification specific for automotive & its supply chain industries. This includes all industrial and service sectors. Considering the sheer amount of data that these sectors are dealing with, having a TISAX certification is crucial.