What is TISAX?
The automotive industry’s information-security assessment and exchange mechanism, based on the VDA ISA catalogue.
Definition
TISAX (Trusted Information Security Assessment Exchange) is an assessment and exchange mechanism for the automotive industry, governed by the ENX Association and based on the VDA ISA (Information Security Assessment) catalogue. It lets suppliers undergo a standardised information-security assessment once and share the results with multiple partners.
TISAX addresses the automotive supply chain’s need for consistent, trusted security assurance — covering information security, prototype protection and data protection at defined assessment levels.
Key aspects
VDA ISA catalogue
The underlying information-security control questionnaire.
Assessment levels (AL 1–3)
Depth of assessment scaled to data sensitivity.
Assessment objectives
Information security, prototype protection and data protection.
Shared results
Exchange labels with partners via the ENX platform.
Validity
Labels are typically valid for three years.
Who needs to comply?
Automotive OEMs and their suppliers — anyone in the automotive supply chain handling sensitive information, prototypes or personal data — are commonly required to hold a TISAX label.
How ISpectra helps
ISpectra prepares you for TISAX — assessing against the VDA ISA catalogue at the right assessment level, remediating gaps, and readying you for the accredited audit and label exchange.
Talk to an advisor