Perspectives

Are you prepared for TISAX compliance?

Deloitte’s TISAX compliance readiness services for OEM suppliers

German original equipment manufacturers (OEMs) require their automotive suppliers to meet certain cybersecurity requirements that must be certified through the Trusted Information Security Assessment Exchange (TISAX) framework. Once certified, suppliers can fast -track the procurement process, reduce duplicate assessments/audits, improve partner confidence, and facilitate information security exchange across the OEM ecosystem. Learn how Deloitte’s certification readiness team can help guide suppliers through this security program.

Meet OEM security requirements with TISAX

The TISAX framework was introduced by the Association of the Automotive Industry (Verband der Automobilindustrie , VDA) to help establish a standardized approach to information security programs among companies in the automotive sector. The VDA Information Security Assessment (ISA) catalogue includes key aspects and criteria of the internationally recognized ISO 27001 standard and additional lists of security criteria that are directly relevant to the automotive sector, such as third-party involvement and prototype protection.

German OEMs in the automotive industry, require TISAX certification from their suppliers to ensure that their suppliers meet specific cybersecurity requirements. This can help create a secure and resilient ecosystem, promoting trust and reliability in the automotive manufacturing process. TISAX will serve as the basis for establishing a cybersecurity exchange for the German OEMs to validate the security posture of their suppliers.

TISAX security program

TISAX key benefits for automotive suppliers

Three primary enterprise service delivery goals

${column1-large-text}

Fast- track customers’ procurement process.

TISAX- certified suppliers are able to bypass many of the third-party information security reviews and audits, as mandated by their customers, and fast-track through the procurement process.

Learn more

${column2-large-text}

Reduce duplicate assessments/audits.

TISAX- certified suppliers will save time and money by avoiding duplication/multiplication of assessments.

${column3-large-text}

Improve customer and business partner confidence.

TISAX is an international standard for effective management of information, prototype, and data assets in the auto industry. This compliance ensures maturity of your organization’s security program.

Download the report

${column4-large-text}

Facilitate information security exchange across the ecosystem.

TISAX facilitates proof of company-wide information security between manufacturers, suppliers, and service providers.

How can we help you?

Deloitte’s TISAX certification readiness team can support you in all aspects of the TISAX certification process. Based on our broad experience, we can help organizations walk through each step of the TISAX assessment process, such as:

Certification readiness gap analysis against TISAX requirements.
Assistance in the remediation of TISAX gaps and implementation of missing or insufficient controls.
Assistance in the preparation of internal policies and guidelines.

Why Deloitte?

Deloitte is a global provider of know-how and a strong partner with extensive expertise, including information security and TISAX. Currently Deloitte is one of a few official TISAX certification services providers approved by ENX Association, comprising European vehicle manufacturers, suppliers, and organizations. Deloitte can help clients design, build, and operate dynamic, business-aligned security programs wherever they may be in their cyber journey. We combine industry-leading strategic advisory services with deep technical capabilities and managed services to help organizations design, implement, and operate advanced cyber and strategic risk programs that build resiliency, deepen trust, and fuel performance.

No. 1 globally in security consulting in Gartner Market Share report since 2012

Leader in the IDC MarketScape Worldwide Managed Security Services 2020 Vendor Assessment

Global cyber automotive capabilities; 900+ certified cybersecurity specialists

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Contact us

Leon Nash

Principal | Deloitte Risk & Financial Advisory

leonnash@deloitte.com

+1 714 436 7879

Leon, a principal at Deloitte & Touche LLP, is the Automotive and Future of Mobility leader of the Cyber Risk Services practice of Deloitte Risk & Financial Advisory. He has over two decades of experi... More

Shima Mousavi

Automotive Cybersecurity Leader

shmousavi@deloitte.com

+1 424 448 9847

Shima is a senior manager in the Cyber and Strategic Risk practice in Deloitte & Touche LLP. Shima has more than 10 years of work experience in leading the development and integration of cybersecurity... More

Viewing offline content