TISAX Overview, Origin, Components
Derived from ISO/IEC 27001 and modified for the automotive world, this standard for information security was defined by the Association of the Automotive Industry (VDA). This resulted in a catalogue of requirements for the companies.
TISAX stands for Trusted Information Security Assessment Exchange, in simple words this means assessment of the trusted information security exchange. Since 2017, many car manufacturers and their suppliers have been demanding TISAX certification from their business partners, and the trend is still growing.
The examination according to VDA ISA (current version 5.0) is carried out by accredited certification service providers. The ENX Association plays an important role as a governance organisation. This means that you monitor the testing service providers, their quality of execution and their evaluation results. This is to ensure the desired quality and objectivity as well as the obligations and rights of the participants (participants are everyone who has registered at the ENX Association portal and has received a TISAX certification). Furthermore, the ENX Association accredits all TISAX test service providers.
The starting point is usually that you get a requested from your business partner that your information security management should fulfill the requirements of the VDA ISA.
The special thing about the ENX Association portal is that your test result can be shared with all other participants but at least with your partner who has requested the certificate from you.