TISAX® - VDA ISA
The dedicated certification procedure TISAX® (Trusted Information Security Assessment Exchange) was introduced under the leadership of the VDA (German Automotive Industry Association) to ensure conformity between the information security management systems (ISMS) used by OEMs, service providers and suppliers in the automotive industry.
This certification builds on ISO/IEC 27001 to deliver binding proof of information security. It includes the entire value chain within the automotive industry, irrespective of the company size.
Our consultancy services for you added value
Preparing for TISAX® certification requires an approach that is just as strict as implementing an ISMS according to ISO 27001.
The details and methods are explained in the ISMS section.
But there are a few noteworthy differences between certification according to TISAX®/ VDA ISA and one according to ISO/IEC 27001.
Broadly speaking, the requirements for TISAX® certification are based on the demands of ISO/IEC 27001. However, they are defined in more detail by the assessment standards set out in the VDA ISA catalogue.
They address specific protection issues within the automotive industry in particular.
Included in this are requirements in regard to:
- Prototype protection
- Data protection
Another difference is that the VDA ISA catalogue describes specific measures that are either mandatory or optional, depending on the envisaged TISAX® level (or TISAX® audit target) - the level of protection the company’s information needs.
ARCA-Consult accompanies and supports your company from the preparatory phase to successful certification.