TiSAX

Managing information security in automotive sector

Our prominent experience and market presence in the field of information security and privacy security management, TECHNOCRAT CONSULTANTS is extending the consulting services to automotive sector for TISAX certification to our esteemed customers.

What is TiSAX?

Information security is one of the key elements in the automotive industry. A service provider or a supplier working in the automotive industry must provide an evidence to its customers, at regular intervals, confirming its compliance towards the standards and regulations pertaining to information security. In the past, this evidence was provided through the Information Security Assessment (ISA) developed by Verband der Automobilindustrie (VDA) aka the German Association of the Automotive Industry. However, individual suppliers and service providers had to undergo multiple audits for their clients through ISA. This prompted VDA to introduce Trusted Information Security Assessment Exchange (TISAX). TISAX is a common assessment and exchange mechanism in the automotive industry that brings-in standardization and quality assurance and helps to avoid redundant audits.

To support organisations in fulfilling TISAX requirements and improve their understanding with regards to the assessment requirements, TECHNOCRAT CONSULTANTS offers TISAX consulting services and a foundation training course.

TISAX Assessment Levels:

  • Assessment level 1 is the self-assessment of the auditee. It is further used in some special cases of simplified group assessments
  • Assessment level 2 assesses the plausibility of the audits self-assessment and is based on documents and provided evidence. The auditor will need sufficient documentations to verify plausibility. AL2 is usually performed remotely.
  • Assessment Level 3 is a full on-site-assessment including all methods known from management system audits like ISO 27001
NO. Assessment Objective Abbreivation AL
1 Information requiring a high level of protection Info high AL 2
2 Information requiring a very high level of protection Info very high AL 3
3 Connection with a third party requiring a high level of protection Con high AL 2
4 Connection with a third party requiring a very high level of protection Con very high AL 3
5 Data Protection in accordance with Art. 28 GDPR (Processor) Data AL 2
6 Data protection in accordance with Art. 28 GDPR (Processor) for specific categories of personal data Special data AL 3
7 Protection of prototype parts and components Proto parts AL 3
8 Protection of prototype vehicles Proto Vehicles AL 3
9 Handling test runs Test Vehicles AL 3
10 Protection of prototypes during events and film/photo shoots Event + Shootings AL 3
  • Our Advantage
  • Applicability
  • Consulting Methodology
  • More than 10 years of experience in the field of information security with large client base with all possible certification and assessment services
  • Technically equipped consulting team with benchmarked qualification and experience
  • Global presence with loyal client base

This standard is applicable to all businesses in today’s day and age. Contrary to popular perception this is not a certification specific for automotive & its supply chain industries. This includes all industrial and service sectors. Considering the sheer amount of data that these sectors are dealing with, having a TISAX certification is crucial.

Concept Building Training

Training to client team about conceptual understanding about the requirements and explaining key triggers for need of implementation

Gap Analysis Report of IT Infrastructure & Configuration

Our domain expert team shall assess the existing IT infrastructure with respect to networking and data security controls to manage information security, privacy and business continuity and provide detailed report of gaps and possible solutions

Articulating the Documented Management System

Development of customized management system including policy, system manuals, system procedures, risk assessment frameworks, security control SOPs / policies and templates

Conducting Risk / Privacy Assessment

Advisory and handholding support to client for completion of risk assessments, applying controls and publishing residual risk inventory to top management

Implementation Training

Imparting one to one session with key implementation team for the documented management system and its implementation tactics

Implementation Handloading

Extending consulting support to resolve routine queries and ensure effective implementation of the requirements

Internal Auditor Training

Detail understanding of clause requirements and audit techniques with case studies and exam

Conducting the Internal Audit

Consulting team and trained internal auditors of client team performs internal audit covering all requirements and issuance of audit report

Closer of Audit Findings

Assistance and handholding support to client to close the internal audit findings and get ready for certification assessment

Face the TISAX Assessment

International Certification Bodies / Regulatory Bodies shall conduct final assessment and issue an audit report & labels

Issuance of TISAX Label by Certification Body

Upon the final closure of audit findings, the client gets the TISAX Label

Related Service

Searching for an Expert Consultant?

GET SOLUTIONS FAST

Searching for an Expert Consultant?

HEAD OFFICE
306-307, Inceptum, Opp. Hotel Planet Landmark, Off Sarkhej - Gandhinagar Highway, Bopal Road, Ambli, Ahmedabad, Gujarat

Copyright © Technocrat