TISAX Certification | Bureau Veritas
More information security in the automotive industry
With the constantly advancing digitalization, the demand for data protection is growing at the same time - this is especially true for the automotive industry. Companies that work with partners from the automotive industry as suppliers or service providers must meet industry-specific data protection requirements and also provide regular proof of this. The TISAX (Trusted Information Security Exchange) standard, which has been in force since 2018, standardizes the data protection requirements for suppliers and service providers in the automotive industry and supports companies in this area:
- Improved data protection & quality management
- Time and cost savings thanks to standardization: no more time-consuming multiple tests
- Industry-wide recognition
- Meeting customer requirements & improved market access
- Strengthening of trust in already established business relationships
CURRENT NOTE: REMOTE AUDITS DURING THE CORONA PANDEMIC
The corona crisis is currently causing great uncertainty among many companies. Especially now, it is essential to maintain business activities in the best possible way while prioritizing the safety and health of staff and customers. This makes it all the more essential to consistently adhere to rules, regulations and standards - these are often required not only by law from the government, but also from business partners by contract. Bureau Veritas audit solutions help you maintain your certification on time. You can find all relevant information here: Remote audits
INFORMATION PROTECTION ALONG THE ENTIRE SUPPLY CHAIN
Based on the standardized international industry standard ISO/IEC 27001 the association of the automotive Industry e. V. (short: VDA) and TISAX, under the sponsorship of the ENX Association, have drawn up a catalogue of requirements that is specially tailored to the value chain of the automotive industry. Because especially in the automotive industry, where sensitive data is exchanged between suppliers, vendors and OEMs, data protection must be guaranteed along the entire supply chain. TISAX certification enables companies to prove that they meet the high automotive-specific data protection requirements - thus ensuring a uniform mutual security level of sensitive information. As soon as a company has proven that it has implemented all information security standards, it receives the official TISAX certificate. Bureau Veritas guides you competently and reliably through the entire TISAX audit process - from preparation to the final report.
INTERNATIONAL SEAL OF APPROVAL: HOW YOU CAN BENEFIT FROM THE TISAX CERTIFICATE
Until very recently, companies had to carry out audits according to ISO/IEC 27001 on their own. As a result, service providers and suppliers in particular had to undergo several identical test processes at fairly short intervals, depending on customer requirements. This costly and time-consuming method is no longer necessary with TISAX: Thanks to the catalogue of requirements based on common testing and exchange mechanisms, all standards are covered optimally and in compliance with DSGVO
With a TISAX certificate you can show your customers that you are excellently positioned in terms of information security. You will receive an internationally recognized seal of approval for trustworthiness and reliability throughout the industry, giving you a competitive advantage. Many OEMs and also TIER 1 companies already require TISAX certification for cooperation.
FLEXIBLE TEST SCOPE & INDIVIDUAL REQUIREMENTS
The basic building block of the TISAX-Assessment is the subject area information security. This covers all data that a company has at its disposal - including technical, business or personal information. If special protection is required in one or more of these information categories, further optional modules from the VDA criteria catalogue can be added according to individual needs. These include
- Data protection (security of orders in terms of the DSGVO)
- Prototype protection (security of design and innovation)
- Connection of third parties (protection of connections in external company networks)
The test results always remain with the audited company: You decide yourself who may view your results and to what extent.
FREQUENTLY ASKED QUESTIONS
WHICH COMPANIES REQUIRE TISAX CERTIFICATION?
In principle, TISAX is aimed at all service providers and suppliers in the automotive industry who have to protect sensitive customer and internal data in the best possible way and regularly provide proof of this. The respective scope of testing can be adapted to the individual requirements. But a TISAX certificate can also add value for other companies: If, for example, there is a cooperation with external companies to share the use of the in-house data center, mutual information security is the highest priority for a trustful cooperation. Here, certification with the test module "Connection of third parties" is particularly suitable.
HOW DOES THE TISAX CERTIFICATION PROCESS WORK?
Based on the individual protection requirements of your company, you receive personally tailored assessments according to a predefined scope of services. Our auditors first obtain an overview of the initial situation and then prepare a detailed report. Once any findings have been corrected in accordance with TISAX, nothing stands in the way of final certification: you can now exchange your results with your partners to the extent of your choice.