Understanding the requirements and objectives of the VDA ISA
The main objective of the VDA ISA is to prove to its partner or partners that their information security management system (ISMS) is up to the task and can demonstrate a certain level of quality. In addition, it will enable a common exchange of data and tests for the automotive industry.
Requirements are set out in the VDA information security assessment questionnaire. With the help of this catalog, an own evaluation is possible and with it you receive at the end a so-called maturity level of your ISMS.
The requirements of the VDA ISA Catalogue (5.0) include the following scope:
- 41 Controls for information security
- 22 Controls for prototype protection
- 4 Controls for data protection
Tip: You can download the VDA ISA catalogue (5.0) from the VDA website free of charge download.
Furthermore you can also download the TISAX manual (V 2.2) free of charge on the ENX Association page download where the complete process is described.
In general, the goals of TISAX certification can be listed as follows:
- A comparable and common safety level is thus created in the automotive industry
- The ENX Association portal offers the chance to establish new contacts and networks, which helps to win new customers
- In many cases this can reduce costs and effort for suppliers and car manufacturers
- The prices of testing service providers are transparent and competition among testing service providers is encouraged
- Agreed mutual recognition of audit results
- Evaluation of the ISMS using the maturity level