The automotive industry produces a great deal of data across the design, testing and production lifecycles. This includes security data generated during all phases of the lifecycle.
To help streamline security evaluations of manufacturers, service providers and suppliers to the Automotive sector, the Association of the Automotive Industry in Germany (VDA) set up TISAX. These security requirement classifications, on international information security management system (ISMS) standards like ISO/IEC 27001 are now used by European automotive companies. Since 2017 it has become mandatory for automotive suppliers to comply.
TISAX establishes a common assessment and exchange mechanism for evaluating supplier’s security capabilities.
For organisations who process sensitive information on behalf of Automotive customers, such as while providing parts, components or services, they must implement and maintain an Information Security Management System (ISMS). After which your organisation will need to pass the corresponding level of TISAX audit to continue to contract with the (German) automotive market.