TISAX®

ATTENTION! TISAX® is introducing a new version of the VDA ISA 6 self-assessment from 1.4.2024:

The new feature of VDA ISA 6 is the focus on IT availability of the respective suppliers in addition to confidentiality. Due to the consistently high number of ransomware attacks, the availability of information and IT - including OT - has taken center stage. This is vital for tightly integrated manufacturing and just-in-time processes.

The Trusted Information Security Assessment Exchange (TISAX)® is an assessment and exchange mechanism for enterprise information security developed by ENX and published by the Verband der Automobilindustrie (German Automotive Industry Association or VDA). TISAX® concerns the secure processing of information from business partners, prototype protection and data protection in accordance with the General Data Protection Regulation (GDPR) for potential business transactions between automotive manufacturers and their service providers or suppliers. VDA founded TISAX® in 2017 together with the ENX association.

Testing under TISAX, in particular for service providers and suppliers, is carried out by "TISAX® test service providers". The ENX Association acts as the governing organisation in the system. It approves the test service providers and monitors the quality of execution and the results of the evaluation. This is to ensure that both the results at the end are of the required quality and objectivity, and that the rights and obligations of the participants are ensured. This enables the company to decide whether the final maturity level of the supplier(s) and service providers meets the buyer's requirements.

The testing requirements have been revised several times. In October 2022, Status 5.1 was published. The scope, application areas, implementation processes and testing requirements are summarized in the TISAX® Participant Handbook 2.6 dated August 28, 2023.