TISAX®, the cybersecurity assessment specific to the automotive sector

Facebook
Email
Twitter
LinkedIn
Agri-food expertise

When it comes to automotive cybersecurity, we're moving up a gear. In a fiercely competitive environment at the cutting edge of innovation, the automotive giants are becoming increasingly aware of the risks of hacking and leaks resulting from the digitalization of processes and exchanges. How do you protect the plans for a prototype when it is ready to be manufactured by a subcontractor? How can we ensure the security of confidential plans stored on a server abroad? What protection is there against ransomware threatening to spread the secrets of a future revolutionary engine on the darkweb? How to ensure business continuity in the event of a major crisis?

Inspired byISO/IEC 27001, the TISAX® standard provides answers to these new concerns that are weighing on the entire automotive sector. The AFNOR group is now recognized by ENX, the association that owns the standard, to assess the practices and information systems of players in the sector.

Tisax®, the cybersecurity assessment specific to the automotive sector

TISAX® evaluation: a sector-specific version ofISO/IEC 27001

Initiated by the German automotive industry, including the well-known VDA(Verband der Automobilindustrie), work on TISAX® (for "Trusted Information Security Assessment Exchange") began in 2017. This private standard aims to adapt the requirements set by ISO/IEC 27001, a voluntary international standard for information systems security management, to the automotive sector. This sector is characterized by strong competition and the race for innovation, with a real risk of espionage, multiplied tenfold by the large chain of subcontractors," points out Thomas Sanjullian, Digital Confidence Product Manager at AFNOR Certification. The aim of the TISAX® assessment is to impose strict cybersecurity rules on all the players involved."

Data registry, governance, business continuity plan, employee awareness and training... TISAX® requirements vary according to the level of assessment carried out, of which there are three: a self-assessment, a remote audit by a third-party assessor, and finally an in-depth audit lasting several days on site.

TISAX® is no longer an option," says Thomas Sanjullian. Manufacturers are already including this requirement in their invitations to tender. To be able to respond and receive data from the manufacturer, they must provide proof of their level." Since September 2023, the AFNOR group has been recognized to carry out this assessment. Auditors are currently undergoing training to be able to conduct their first audits from early 2024.

> Interested in finding out more about TISAX® ?
Watch a replay of the information webinar (webinar)

Protecting and respecting privacy

The processing of personal data is necessary for the examination of your request, made in your capacity as a professional, to AFNOR Group. Where applicable, this data may also be used to send you commercial information.

In accordance with current European regulations, you have rights of access, rectification, erasure, withdrawal of consent, limitation of processing, opposition to processing and portability concerning your data.

These rights may be exercised by sending a message to the AFNOR DPO.

French speakers: Click here.

English speakers: Click here.

Detailed information on the use of your data and the exercise of your rights can be found in the AFNOR Group's charter on the protection of personal data and privacy.

Click here to find out more.

=

At the same timeISO/IEC 27001the flagship standard providing guidelines for deploying a solid, efficient information management system, is experiencing unprecedented popularity. With almost twice as many people certified in two years, the rise of ISO/IEC 27001 is confirmed at global level, with almost 100,000 sites certified worldwide. In terms of countries, the top three are China, Japan and the UK. The main reason for this strong growth is the central importance of data protection issues. ISO 27001 deals with the security of information systems, and covers both digital and paper data," explains Brice Gilbert, head of ISO 27001 at AFNOR Certification. A few years ago, 62% of companies adopting this standard did so voluntarily. But with the tightening of the regulatory context, most of them are now committing themselves to compliance, so that they can continue to respond to calls for tender. Unsurprisingly, in the ISO Survey, the business sector that makes most use of ISO/IEC 27001 certification is information technology.

"Manufacturers, particularly in the aeronautics sector, are well aware of the stakes. A hack, a data leak or a ransom demand, and the company's survival is at stake. AFNOR is proposing a multi-stage strategy, starting with a free self-assessment to initiate reflection, whatever your sector of activity," says Brice Gilbert. Five years after the first version in May 2017, the publication of the updated standard in 2022, with new aspects such as the cloud, is available as an accredited certification thanks to our international network.

Read more

latest news
from the international network

Agri-food expertise
Taiwan 50001
Taiwan

Fengyi Electronics and Jingfeng Electronics Pass ISO 50001 Energy Management System Certification

"Fabao International Certification" announced that "Fengyi Electronics Co., Ltd." and its subsidiary "Jinfeng Electronics Co., Ltd." have successfully passed the ISO 50001:2018 international energy management system certification and obtained the certificate. This certification confirms that both companies have met international standard requirements in the establishment, implementation, and maintenance of their energy management systems. FAB International Certification is an internationally recognized third-party certification body. This certification was conducted in accordance with the ISO 50001 standard and involved a comprehensive assessment of the energy baseline establishment, performance indicators, management plans, and internal audit systems of Fengyi Electronics and Jingfeng Electronics. The certification process confirmed that the group has institutionalized its energy management system, which operates effectively and demonstrates a commitment to continuous improvement. To strengthen energy governance, Fengyi Electronics Group effectively monitors and analyzes energy usage through cross-company resource integration and its own energy monitoring and management system. The simultaneous completion of this certification demonstrates the electronics industry's concrete actions in systematically managing energy efficiency and implementing energy conservation and carbon reduction. FAB International Certification points out that ISO 50001 energy management system certification helps companies systematically improve energy efficiency. Fengyi Electronics Group's certification demonstrates the ability of Taiwanese companies to meet international standards in the areas of sustainable development and energy management. SGS International Certification has long provided various management system certification services to help enterprises strengthen their operational efficiency and environmental performance. In the future, it will continue to promote the implementation of sustainable goals in Taiwan's industries through professional certification.  

Read more "
February 6, 2026
Taiwan

Taiyo Technology has obtained AS9100 and ISO 27001 management system certifications through international standard certification.

"FAB International Certification" recently announced that Taiyo Technology Co., Ltd. has successfully passed the international certification for the AS9100:2016 aerospace quality management system and the ISO/IEC 27001:2022 information security management system. These two certifications confirm that the company's management systems meet international standards in the fields of aerospace quality control and information security protection. "FAB International Certification" recently announced that "Taiyo Technology Co., Ltd." has successfully passed the international certification of AS9100:2016 Aerospace Quality Management System and ISO/IEC 27001:2022 Information Security Management System. These two certifications confirm that the company's management systems in the fields of aerospace quality control and information security protection meet international standard requirements. As a third-party certification body, "FAB International Certification" conducted a comprehensive assessment of Taiyo Technology's quality management processes, product reliability control, information asset protection, and risk management mechanisms based on the AS9100 and ISO/IEC 27001 standards. The certification results show that the company has established a complete and effective integrated management system, demonstrating its commitment to quality and information security in the high-end manufacturing field. Taiyo Technology is a professional copper foil substrate manufacturer whose products are used in communications, servers, automotive electronics, and other fields. Building on its existing multiple management systems, the company's successful AS9100 and ISO 27001 certification demonstrates its continuous pursuit of excellence and strengthens its professional capabilities as a qualified supplier in the aerospace and defense supply chain. FAB International Certification pointed out that the company's simultaneous AS9100 and ISO 27001 certification demonstrates that its management system can meet the aerospace industry's stringent quality requirements and its high emphasis on supply chain information security. Taiyo Technology's establishment of an international standard management system showcases the competitiveness of Taiwan's manufacturing industry in the high-end market. "FAB International Certification" has long provided certification services in professional fields such as aerospace and information security, assisting enterprises in aligning with international industry standards. In the future, it will continue to promote the upgrading of Taiwan's industry and its integration into the international market through rigorous certification procedures.  

Read more "
February 3, 2026
Taiwan

Taiwan Railways Administration obtains carbon footprint label for passenger transport through international certification, marking a new milestone in green transportation

Driven by the goal of net-zero carbon emissions, Taiwan Railway Administration actively promotes carbon footprint assessment and information disclosure as an important step in sustainable transformation. After review and approval by the Ministry of the Environment, TRA officially obtained the right to use the passenger transport service carbon footprint label, becoming the first traditional railway transport service provider in Taiwan to obtain the carbon footprint label and setting a benchmark for green transport services in Taiwan. The Taiwan Railway Administration (TRA), formerly known as the Taiwan Railway Bureau under the Ministry of Transportation, was established in 1887 and has a history of more than 137 years. On January 1, 2024, it was restructured into the Taiwan Railway Administration.TRC shoulders the core mission of passenger and freight transportation for the entire Taiwan railway system, covering vehicle operation, infrastructure maintenance, station management, and customer service. It also cooperates with the government in continuously promoting railway modernization projects, making it a crucial transportation infrastructure in Taiwan. Faced with the global trend of net-zero emissions by 2050, the entire social environment and industrial development are undergoing structural changes. Driven by net-zero carbon emissions, Taiwan Railways is actively promoting carbon footprint assessment and information disclosure as an important step in sustainable transformation.Through the promotion of the "2025-2026 Carbon Footprint Assessment and Carbon Reduction Plan for Stations and Passenger Transport Vehicles," and with the completion of carbon footprint verification for the "Tze-Chiang," "Chu-Kuang," and"Local/Local Express" train types. After review and approval by the Ministry of the Environment, Taiwan Railways officially obtained the right to use the passenger transport service carbon footprint label, becoming the first traditional railway transport service operator in Taiwan to obtain the carbon footprint label and setting a benchmark for green transport services in Taiwan. At the carbon footprint label disclosure ceremony, the head of operations for the Asia-Pacific region of Bureau Veritas,During this process, AFNOR Certification followed international standards to conduct carbon footprint audits and data verification for TRA's Tze-Chiang, Ju-Guang, and local/express passenger transport services to ensure data accuracy and compliance. According to the audit results,the Tze-Chiang Express generates 36 grams of carbon dioxide equivalent (CO2e) per passenger-kilometer, the Chu-Kuang Express generates 50 grams of CO2e, and the Local/Local Express trains generate 55 grams of CO2e. Taiwan Railways Administration stated that it will continue to promote system-wide carbon management based on this verification data and combine it with measures such as vehicle replacement, energy efficiency improvements, and smart railways to move towards the goal of net-zero carbon emissions by 2050.The successful collaboration between Taiwan Railway and FSC not only demonstrates Taiwan Railway's firm commitment to sustainable operations, but also highlights FSC's professional capabilities in the field of carbon management verification. Both parties will continue to work together to realize the vision of a low-carbon society and sustainable development in Taiwan.

Read more "
January 30, 2026
See all news
Back to top