logo peltatech
Menu
Login
Have a Question?

+91 7972428949

tisax compliance

Overview

Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for information security in the automotive industry. The TISAX certification confirms that a company’s information security management system complies with defined security levels and allows sharing of assessment results across a designated platform.

Benefits of TISAX Compliance

The Original Equipment Manufacturer (OEM) collaborates with multiple companies across the value chain for the design, manufacturing, and distribution of their vehicles. To facilitate collaboration, the OEM frequently shares confidential information, such as a prototype design, with the supplier base. If valuable data is not effectively protected, the exchanges along the supply chain may cause losses, manipulations or even theft of trade secrets. Consequently, OEMs will want to ensure that their suppliers and partners, including marketing and sales organisations, have a solid information security management system in place before they are contracted.

  • Reduced costs, effort and complexity
  • Increased security and transparency
  • A competitive edge through TISAX compliance
  • Listing as a TISAX approved company and worldwide recognition by all OEMs
  • No duplication or multiplication of assessments
  • Major time and cost savings based on cross-company recognition of assessments and information 
  • Trust in assessed companies

TISAX Assessment Levels

There are three TISAX assessment levels:

 

Level 1: Standard suppliers only need to complete the ISA questionnaire and publish this self-assessment in TISAX.

 

Level 2: In case of more complex suppliers, the self-assessment will be followed by random plausibility checks by telephone by an approved audit provider.

 

Level 3: Suppliers who handle highly sensitive external data undergo on-site inspection by an approved audit provider based on their self-assessment.

Our Approach of TISAX Implementation

  1. GAP analysis
    A GAP analysis imitates a full assessment and allows us to determine the status quo so you know exactly where you stand and what is in store. If no deviations are detected, nothing stands in the way of the TISAX® Assessment. Typically, however, minor and major deviations are revealed and form the basis for your Corrective Action Plan, which we develop and assist you in implementing. Together with you we determine the need for consulting.
  2. Implementation
    Definition of project scope and content with different phases, consulting and training, and the creation of a reliable Information Security Management System (ISMS).
  3. Advisory support
    We answer questions that arise and offer advice regarding the ISMS measures.