Skip to content

Automotive

TISAX®

In today's digital age, the automotive industry relies heavily on secure information exchange to drive innovation and maintain a competitive edge. TISAX® (Trusted Information Security Assessment Exchange) offers a robust framework for ensuring information security across the automotive supply chain.

TÜV UK is a trusted partner in delivering TISAX® certification services, helping organisations demonstrate their commitment to data protection and compliance with industry standards. Our experienced team guides you through the certification process, ensuring your Information Security Management System (ISMS) meets the rigorous requirements set by the automotive sector. Whether you're a supplier or service provider, achieving TISAX® certification can enhance your reputation, facilitate partnerships and open doors to new business opportunities within the automotive industry.

Contact us with your enquiry today!

Contact Us

What is TISAX®

TISAX® is a programme designed to assess and certify the information security systems of companies in the automotive sector. It targets data protection, integrity and availability throughout the automotive lifecycle, from design and testing to production. Based on ISO 27001, TISAX® was developed by the German Association of the Automotive Industry (VDA) and is managed by the ENX Association.

TISAX® is recognised by all VDA members and major vehicle manufacturers such as Audi, BMW, Mercedes Benz, and Volkswagen, making it easier for companies to participate in future tenders. Participants in the TISAX® programme, whether active or passive, exchange information on their information security status through the online portal. This exchange fosters confidence and trust throughout the supply chain. Registration on the TISAX® portal is essential for those wishing to participate.

Passive participants (e.g. vehicle manufactures), request another company (e.g. suppliers), to demonstrate that they hold certain TISAX® labels and to undertake a corresponding assessment. They also request access to the assessment results.

They benefit from the exchange of information security status without actively undergoing assessments themselves.

Active participants, often suppliers, engage directly in the TISAX® assessment process. They may be required by another company, such as a vehicle manufacturer, to undergo assessment based on the criteria catalogue, or they may choose to undertake the assessment independently. After completing the assessment, active participants have the discretion to decide which members of the TISAX® network can access their assessment results.

Your route to the TISAX® label in 7 steps

1

Register on the ENX Platform

Begin your TISAX® journey by registering on the ENX platform. This step is crucial for accessing the assessment portal and initiating the certification process.

2

Choose an Auditing Provider

Select TÜV UK as your authorised auditing provider. Commissioning a trusted partner ensures a smooth and efficient assessment process.

3

Schedule Audits & Submit Docs

Arrange audit appointments and provide necessary documentation. This preparation is key to ensuring a thorough and accurate assessment.

4

Audit Stage 1: Document Review

The first audit stage focuses on reviewing your documentation. Auditors assess the completeness and compliance of your ISMS documentation.

5

Audit Stage 2: Processes & Interviews

The second audit stage examines your processes and includes interviews with key stakeholders to evaluate the effectiveness of your ISMS.

6

Address Non-Conformities

Manage any identified non-conformities by developing corrective actions. This step is essential for achieving compliance and certification.

7

Receive TISAX® Label

Upon successful completion, your TISAX® label is provided on the ENX platform, signifying your compliance with industry standards.

The TISAX® process is comprised of three key stages: registration, assessment, and exchange. Interested in learning more about navigating these phases? Our guide, 'How TISAX® Assessments Work', provides a comprehensive overview to help you understand the entire process.

Download Our Guide

How do TISAX® Assessments Work?

The ENX Association, which operates the TISAX® programme, has established clear guidelines for assessment levels and scopes. TISAX® differentiates between three data protection classes, each with specific requirements:

Suitable for standard security needs, this level is achieved through self-assessment.

Designed for entities with higher data protection requirements, this level involves a thorough review by a TISAX® Assessment Provider (AP). It includes a kick-off meeting, a completeness and plausibility check and a telephone interview or on-site inspection.

For the most stringent data protection needs, Level 3 requires an on-site audit by a TISAX® AP. Building on the level 2 process, this level also involves evaluating the ISMS's effectiveness and maturity through expert interviews and inspections.

After the assessment, results and necessary corrective actions are summarised in a preliminary report. To achieve the TISAX® label, the auditee must develop a corrective action plan and implement it, with effectiveness evaluated by the TISAX® AP.

Benefits of TISAX® Certification

  • Saves time and costs by eliminating duplicate assessments.
  • Enhances competitive edge and builds customer trust.
  • Protects critical data and reduces liabilities.
  • Facilitates long-term partnerships and market access.

Why Choose TÜV UK?

TÜV UK is a leader in TISAX® certification, offering:

  • Expertise: TÜV NORD have many years of experience in TISAX® certification.
  • Global Recognition: TÜV UK is part of the TÜV NORD Group, a globally respected certification body.

  • Impartial Certification: Benefit from an independent, third-party assessment.

     

    *Notice: TÜV UK Ltd offers TISAX certification services through TÜV NORD CERT GmbH. TÜV NORD CERT GmbH is authorised by ENX to offer TISAX® assessment services. The Intellectual Property associated with TISAX® program and the related trademarks are held by ENX.

Get Started Today!

Embark on your journey to excellence in automotive information security with TÜV UK. Contact us today to learn more about our TISAX certification services and how we can support your organisation in achieving its security goals.

Contact Us

FAQs

Frequently Asked Questions

TISAX® stands for Trusted Information Security Assessment Exchange, a key programme for ensuring automotive information security.

TISAX® is specific to automotive industry needs, while ISO 27001 is a general standard for information security management across all sectors.

TISAX® requirements include secure data handling, restricted access and enhanced monitoring, tailored for automotive data protection.

Automotive companies handling sensitive data should pursue TISAX® certification to meet industry standards and customer expectations.

While not legally required, TISAX® compliance is crucial for partnering with major automotive manufacturers who mandate it.

TISAX® participation helps meet customer requirements, reduces duplicate assessments and builds trust in the automotive supply chain.

Register on the ENX portal and choose an authorised provider like TÜV NORD to start the TISAX® certification process.

Only ENX-approved providers, such as TÜV NORD, are authorised to conduct TISAX® assessments.

The TISAX® process typically takes up to nine months, depending on ISMS complexity and site numbers.

Visit the ENX Association's website for detailed manuals and guides on TISAX®.

Media

See More
06/10/2025
Navigating ISO 27001 Annex A: Control A.5.1
Media
Blogs
ISO 27001
Read the full article
12/08/2025
ISO 27001 Audit Pitfalls & ISO 27006:2024 Webinar
Media
Webinars
ISO 27001
Read the full article
30/07/2025
Introduction to TISAX®: Understanding the Basics
Media
Blogs
TISAX
Read the full article
18/07/2025
Integrating ISO 9001 with Other Management Systems
Media
Blogs
ISO 9001
Read the full article
02/07/2025
What is the CO₂ Performance Ladder and Why It Matters
Media
Blogs
CO₂ Performance Ladder
Read the full article
29/05/2025
Common Challenges in Implementing ISO 27001 and How to Overcome Them
Media
Blogs
ISO 27001
Read the full article
29/05/2025
Operation Clean Sweep Webinar
Media
Webinars
Operation Clean Sweep
Read the full article
01/04/2025
Steps to Achieving ISO 27001 Certification
Media
Blogs
ISO 27001
Read the full article
19/03/2025
Navigating ESOS Phase 4: How ISO 50001 Could Be a Smart Alternative
Media
Blogs
ESOS
ISO 50001
Read the full article
04/03/2025
Sustainability and Environmental Management: How Certification Can Help
Media
Blogs
CO₂ Performance Ladder
ESOS
ISO 14001
ISO 20121
ISO 50001
Operation Clean Sweep
Read the full article

We are looking forward to your enquiry!

TÜV UK Ltd
AMP House
Suites 27 - 29, Fifth Floor, Dingwall Road
Croydon, CR0 2LX

Tel.: +44 20 8680-7711
Enquiries.UK@tuv-nord.com

Contact Us