Your customer wants you to prove that you have your TISAX® label? What does that mean, why is it necessary, and how do you tackle this in your company?
What is TISAX®?
Information security is an important factor when it comes down to customer supplier relationships. Threats to digital infrastructure such as hacker attacks have increased strongly. TISAX® (»Trusted Information Security Assessment Exchange«) is an assessment and exchange mechanism, and it serves as evidence guaranteeing IT security standards. The ENX Association, an organization in the context of which European automotive manufacturers, subsuppliers, and associations have been partnering, is behind TISAX®.
TISAX® for the Automotive Sector
If you are working as a supplier in the automotive sector, your customers may request since 2017 that you account for having your TISAX® label pursuant to VDA-ISA (an information security assessment). VDA-ISA is a standard for supply chains in the automotive sector and was developed by the VDA, the (German) Automotive Industry Association in order to protect customer and supplier data and information.
Why is TISAX® Important?
TISAX® is aimed at ensuring a certain shared level and consistent requirements on information security and at being considered significant evidence thereof. Why is TISAX® so important? Subsupplier companies within the automotive sector need to establish an information security management system (ISMS) in order to meet the requirements of their customers. The role of TISAX® as evidence thereof is becoming more and more important here in order to obtain further orders and to prevent getting delisted.
How to get TISAX® Certification
First you register online as a TISAX® participant on the ENX platform. The actual assessment will come after that, and finally you will obtain the TISAX® label after passing the examination. The audit process is based on audit objectives, scopes, areas of application, and locations. As a rule, your customer company which wants you to have a TISAX® label will determine the audit objective. For instance, the protection of prototype parts and components might constitute an audit objective.
How can PeRoBa help you achieve TISAX® Certification?
PeRoBa supported a medium-sized company successfully in introducing TISAX®. We gave advice and support to this machine manufacturer from the automotive subsupplier industry for approximately one year. Our motto was about establishing »as many additional regulatory measures as necessary and as few additional regulatory measures as possible« for this process, and our approach paid off. Our customer passed the assessment at the very first attempt without any deviations. The certification auditor confirmed that only very few companies managed to succeed in this manner and especially so the first time around. Our client was delighted about that and especially about obtaining their TISAX® label.
We will be very happy to support you in introducing TISAX®, and we look forward to hearing from you.
Contact Roland Scherb on his profile here.