In an increasingly digitized business environment, information security has become a critical prerequisite for the entire automotive supply chain. The Trusted Information Security Assessment Exchange (TISAX®) provides its members with a standardized system for monitoring information security in the automotive industry.
BENEFITS OF TISAX® EVALUATION
-
- Strengthen, validate and perpetuate the resilience of your information system through a repository adapted to the automotive sector.
- You will join the TISAX® partner network, recognized worldwide for its expertise.
- As a standard designed specifically for the automotive industry, TISAX® represents recognition and a pledge of trust between the various stakeholders in the automotive sector.
- Valid for three years, the TISAX® evaluation aims to establish an assessment based on criteria common to the automotive sector.
WHY TISAX®?
TISAX® evaluation is an automotive evaluation standard developed at the joint initiative of ENX (European Network Exchange) and the VDA (Union of the German Automotive Industry). The automotive sector is a very high value-added economy, based on the sharing of confidential information between several partners. Protecting information systems is therefore imperative.
Based on an information security management system similar to ISO 27001, TISAX® is tailored to the requirements of the automotive industry. This multi-level assessment provides a level of granularity and specialization that ISO 27001 cannot guarantee.
WHAT ARE THE DIFFERENCES BETWEEN TISAX® AND ISO 27001:2022?
TISAX®...
- Specialized in the automotive industry, including industrial information systems
- Valid for 3 years
- Annual review of the standard
- Applied to an entire site
- Private certificate that can be shared with partners
- System maturity level taken into account
- Evaluation on several possible levels :
- Assessment level 1
Assessment level 1 involves an internal self-assessment, which is imperative for any assessment subject to evaluation. - Assessment level 2
Assessment level 2 corresponds to a plausibility test on your self-assessment. The auditor confirms this test by verifying the evidence through remote interviews. - Assessment level 3
Assessment level 3 requires on-site attendance to verify your self-assessment. Face-to-face interviews will provide a more complete and in-depth verification.
- Assessment level 1
... and ISO 27001
-
- Generalist
- Valid for 3 years with annual follow-up audit
- Review every 5 years
- Full audit
- Applied to a defined perimeter
- Broader information security process
- Public certificate.
INSTRUCTIONS FOR EVALUATION
- Registration on the TISAX® platform: Registration of all participants on the TISAX® platform
- Self-assessment: Pre-diagnosis to understand the challenges of the audit and maximize your chances of maturity (AL1)
- Audit : Review of your information system (off-site for AL2, on-site for AL3) to determine its compliance with the requirements of the certification standard.
- Assessment and exchange: Validate your maturity level and share this information with your partners
- Monitoring and renewal: Renewal audit every three years;
WHY CHOOSE THE AFNOR GROUP?
- The expertise of a leader in management system certification
- Our proximity and our presence in more than 100 countries facilitate the deployment of your international initiatives.
- The strength of a network of certified auditors and evaluators
- The provision of a personalised customer area to facilitate the management of your certification, the preparation of your audits and to monitor the progress of your approach.
USEFUL LINKS :