Information Security & Risk Management Assessment
A safety standard, without which it will be increasingly difficult to work on projects in the most important branch of Czech industry. Automotive.
As we increasingly process sensitive data of our clients in the automotive industry, the risks and demands on their security increase.
TISAX target group
TISAX is aimed at suppliers in the automotive industry in the entire spectrum of activities.
It is therefore possible to obtain certification for project offices, IT suppliers, production lines, trading companies, data centres, testing, research and development workplaces.
Benefits:
Saves time and money on IT Security
No more duplicate security audits
Increases trust within supply chains
Accelerates business ties thanks to international certification
Reduces and standardizes information security budgets
Nowadays, the certificate is the standard contractual requirement for automotive
Why get TISAX certified?
Increasing demands for information interconnection and sharing push the security and protection of information beyond society. On the one hand, this model increases efficiency and brings new opportunities, on the other hand, it makes organizations more vulnerable than ever before.
Therefore, compliance with the same safety criteria is required in order to eliminate risks from all involved.
The protection of business processes and information is a key requirement for manufacturers, suppliers and customers in the automotive industry. This is due to a sophisticated supplier network, information sharing requirements, logistics requirements, sharing and service delivery. Thanks to these ambitions, it is often very difficult.
TISAX is a necessary standard that defines complex requirements for information security in the automotive industry according to the ISO 27000 series standards.
TISAX certification process in 3 steps
At TAYLLORCOX we have developed a unique three-phase certification process that allows us to proceed with unrivalled speed and efficiency.
Předáme vašim zaměstnancům znalosti nezbytné pro udělení certifikace.
Základem pro získání TISAX jsou proškolení zaměstnanci, kteří se přesně orientují v dané problematice. Všechny potřebné kurzy u nás vedou mezinárodně akreditovaní auditoři s rozsáhlou praxí. Seznámí vás s principy VDA ISA, jeho implementací, běžnými úskalími a vhodnými opatřeními.
Připravili jsme pro vás balíček podpůrných materiálů, které vám usnadní cestu k úspěšné certifikaci.
Propracovaný systém dokumentů TISAX a VDA ISA zahrnuje kompletní šablony, vzory a formuláře, které vás provedou sestavením klíčové příručky pro celou firmu, a to včetně kontrolních listů.
S nimi budete mít jistotu, že jste optimalizovali všechny procesy ve firmě, jak vyžaduje legislativa i certifikace. Autory toolkitu jsou naši akreditovaní auditoři, přední odborníci na TISAX, kteří garantují věcnou správnost a kvalitu všech obsažených materiálů.
Získejte potvrzení, že vaše firemní procesy důsledně směřují k vysoké kvalitě produktů i služeb.
Certifikaci osobně provede náš vedoucí auditor. První stupeň interního auditu – desktop review – se zaměří na popis aktuálního stavu dokumentace z hlediska její komplexnosti i kompletnosti. Na něj naváže process review, kde vyhodnotíme shodu dokumentace s realitou a sestavíme seznam potřebných opatření.
Úspěšná certifikace má tříletou platnost, poté následuje recertifikační audit.
What are the rating levels of TISAX?
There is a total of 3 levels, usually most new vendors start with Level 1.
Level 1: Passing the ISA Assessment and its publication in the TISAX network
Level 2: For more complex ranges or processes, security verification will be performed in more detail
Level 3: Suppliers who work with highly sensitive information undergo a more extensive security audit
VDA ISA
What about information security requirements?
In most cases, the requirement to ensure information security at suppliers was implemented using a catalogue of security criteria: Information Security Assessment.
This document is regularly updated and its publication is covered by the German Automobile Industry Association (VDA). It was based on the ISO 27000 standard and it is called VDA Information Security Assessment (VDA ISA)
Because individual manufacturers reviewed their suppliers separately, for many suppliers this meant repeatedly passing the same assessment.
To eliminate more costs, unnecessary expenses and resources, the VDA has introduced a new mechanism for exchanging and sharing information: TISAX.
Trusted Information Security Assessment Exchange, managed by the ENX organization
Sharing ISA Assessment within TISAX
This platform allows suppliers to share information as part of risk and security analysis. By sharing your VDA ISA audit results among OEMs, you can accelerate business collaboration.
In addition, it aims to reduce the overall cost of information and cyber security for all stakeholders. This is through a unified framework for personal data protection, which is based on ISO 27001 and is called VDA Recommendation Data Protection.
This eliminates risks for manufacturers, reduces security costs and enhances the transparency of trusted suppliers. Most multinational companies have already signed up to the TISAX model and accepted it as a qualification criterion in tenders. TISAX is thus increasingly becoming a binding contractual condition with suppliers.
