TRUSTED INFORMATION SECURITY ASSESSMENT – TISAX
(Security TISAX Label)
Our prominent experience and market presence in the field of information security and privacy security management, TECHNOCRAT CONSULTANTS is extending the consulting services to automotive sector for TISAX certification to our esteemed customers.
WHAT IS TISAX?
Information security is one of the key elements in the automotive industry. A service provider or a supplier working in the automotive industry must provide an evidence to its customers, at regular intervals, confirming its compliance towards the standards and regulations pertaining to information security. In the past, this evidence was provided through the Information Security Assessment (ISA) developed by Verband der Automobilindustrie (VDA) aka the German Association of the Automotive Industry. However, individual suppliers and service providers had to undergo multiple audits for their clients through ISA. This prompted VDA to introduce Trusted Information Security Assessment Exchange (TISAX). TISAX is a common assessment and exchange mechanism in the automotive industry that brings-in standardization and quality assurance and helps to avoid redundant audits.
To support organisations in fulfilling TISAX requirements and improve their understanding with regards to the assessment requirements, TECHNOCRAT CONSULTANTS offers TISAX consulting services and a foundation training course.
TISAX Assessment Levels:
- Assessment level 1 is the self-assessment of the auditee. It is further used in some special cases of simplified group assessments
- Assessment level 2 assesses the plausibility of the audits self-assessment and is based on documents and provided evidence. The auditor will need sufficient documentations to verify plausibility. AL2 is usually performed remotely.
- Assessment Level 3 is a full on-site-assessment including all methods known from management system audits like ISO 27001
| Sr. No | Assessment Objective | Abbreviation | AL |
| 1 | Information requiring a high level of protection | Info high | AL 2 |
| 2 | Information requiring a very high level of protection | Info very high | AL 3 |
| 3 | Connection with a third party requiring a high level of protection | Con high | AL 2 |
| 4 | Connection with a third party requiring a very high level of protection | Con very high | AL 3 |
| 5 | Data Protection in accordance with Art. 28 GDPR (Processor) | Data | AL 2 |
| 6 | Data protection in accordance with Art. 28 GDPR (Processor) for specific categories of personal data | Special data | AL 3 |
| 7 | Protection of prototype parts and components | Proto parts | AL 3 |
| 8 | Protection of prototype vehicles | Proto Vehicles | AL 3 |
| 9 | Handling test runs | Test Vehicles | AL 3 |
| 10 | Protection of prototypes during events and film/photo shoots | Event + Shootings | AL 3 |
Our Advantage:
- More than 10 years of experience in the field of information security with large client base with all possible certification and assessment services
- Technically equipped qualified and experienced consulting team
- Global presence with loyal clientele base
One comment
Renjith P S
May 19, 2021 at 12:04 pm
Hi Bhavin,
Is there any training available in India for TISAX? I am an ISO 27001:2013 Lead Auditor.