header image

Solutions

TISAX® Assessments

In the modern world, the question of information security is one of the most important factors of competition. TISAX acceptance in the individual sectors has been addressed in the automotive industry, where massive amounts of data are created and exchanged across the automotive industry throughout the entire lifecycle. Suppliers and/or service providers for the automotive industry need to ensure customers that they keep their information secure.

The solution to this problem for the automotive industry is TISAX label. ENX TISAX® (Trusted Information Security Assessment Exchange, a registered trademark owned by ENX) is a framework for the VDA ISA that comprises the key aspects and criteria of the internationally recognized standard ISO 27001 and additional lists of criteria, which specifically apply to the automotive sector.TISAX brings standardisation, quality assurance and mutual recognition of information security audits in accordance with ISO 27001 standards.

We apply our vast experience within the automotive sector to our TISAX advisory to address your key challenges and uncover valuable insights. We also use our industry-specific experience from various other project orders within the automotive sector in the certification process.

TISAX® Assessment Deloitte Risk Advisory

What is TISAX® and why do you need it?

Are you a supplier or service provider for the automotive industry? If so, you need only one thing - to assure customers that you are keeping their information secure.

Companies in the automotive industry are required to demonstrate they meet the safety criteria in their sector regularly every three years.

The VDA ISA catalog includes key requirements and criteria of the internationally recognized ISO 27001 standard published by the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) and additional lists of criteria that are directly relevant to the automotive sector, such as third party involvement and prototype protection.

Confirmation of compliance with the VDA-catalogue of requirements can be proven by obtaining TISAX label.

In addition, there is a fully developed and global comprehensive audit and exchange mechanism. The audit and reporting processes provide a high degree of comparability and transparency and thus build confidence for the relevant customers, who therefore increasingly require to demonstrate the TISAX label.

TISAX certification is mandatory and is recognized by all VDA members and OEM companies (Original Equipment Manufacturer).

Benefits of TISAX

Key benefits at a glance:

image

TISAX assessment approach/TISAX roadmap

With our expertise, we are happy to carry out your TISAX assessment. So how does a TISAX assessment go with us?

The five steps of the standardised test process:

image

How to prepare for TISAX certification

How can Deloitte help you

Our TISAX certification team can support you in all aspects of the TISAX certification process. Based on our broad experience we help our clients walkthrough each step of TISAX assessment process, such as:

  • The gap analysis of the current situation against TISAX requirements
  • Assist in the design and implementation of missing or insufficient measures
  • Assist in the preparation of internal policies and guidelines.

The certification assessment itself is carried out by our local team in cooperation with Deloitte TISAX team and centre of excellence in Germany.

Why Deloitte?

Deloitte is a global provider of know-how and a strong partner with extensive expertise, including information security and TISAX risk. Currently Deloitte is one of a few official TISAX certification services providers approved by ENX.

We also use our industry-specific experience from various other engagements within the automotive sector in the TISAX certification process. Our experts also perform integrated audits, e.g. according to ISO 27001.

Contact us

Jakub Höll

Jakub Höll

Director

Jakub leads the Operational Risk Team at the Risk Advisory department, Deloitte Czech Republic. He focuses on project management, agile and digital transformations of companies, data privacy and gover... More