Introducing TISAX® successfully in your company
Your customer wants you to prove that you have your TISAX® label? What does that mean, why is it necessary, and how do you tackle this in your company?
Information security is an important factor when it comes down to customer supplier relationships. Threats to digital infrastructure such as hacker attacks have increased strongly. TISAX® (»Trusted Information Security Assessment Exchange«) is an assessment and exchange mechanism, and it serves as evidence guaranteeing IT security standards. The ENX Association, an organization in the context of which European automotive manufacturers, subsuppliers, and associations have been partnering, is behind TISAX®.
If you are working as a supplier in the automotive sector, your customers may request since 2017 that you account for having your TISAX® label pursuant to VDA-ISA (an information security assessment). VDA-ISA is a standard for supply chains in the automotive sector and was developed by the VDA, the (German) Automotive Industry Association in order to protect customer and supplier data and information.
TISAX® is aimed at ensuring a certain shared level and consistent requirements on information security and at being considered significant evidence thereof. Why is TISAX® so important? Subsupplier companies within the automotive sector need to establish an information security management system (ISMS) in order to meet the requirements of their customers. The role of TISAX® as evidence thereof is becoming more and more important here in order to obtain further orders and to prevent getting delisted.
First you register online as a TISAX® participant on the ENX platform. The actual assessment will come after that, and finally you will obtain the TISAX® label after passing the examination. The audit process is based on audit objectives, scopes, areas of application, and locations. As a rule, your customer company which wants you to have a TISAX® label will determine the audit objective. For instance, the protection of prototype parts and components might constitute an audit objective.
PeRoBa supported a medium-sized company successfully in introducing TISAX®. We gave advice and support to this machine manufacturer from the automotive subsupplier industry for approximately one year. Our motto was about establishing »as many additional regulatory measures as necessary and as few additional regulatory measures as possible« for this process, and our approach paid off. Our customer passed the assessment at the very first attempt without any deviations. The certification auditor confirmed that only very few companies managed to succeed in this manner and especially so the first time around. Our client was delighted about that and especially about obtaining their TISAX® label.
We will be very happy to support you in introducing TISAX®, and we look forward to hearing from you.
PeRoBa Unternehmensberatung GmbH (PeRoBa Management Consultancy, LLC) is one of the leading impulse generators in the quality management department on a global scale. Its origins already date back to 1991. The company headquarters have been in Baldham since 2011, and there is also branch in Prinzregentenstraße, Munich. PeRoBa Unternehmensberatung (PeRoBa Management Consultancy) provides high-quality consultations, audits, and evaluations in order to support clients in introducing and implementing their management systems. On top of that, they also offer audits, QM training, seminars, and workshops.
Their innovative in-house software, the iVision® – Smart Remote Audit Solution had been on the market since January 2016 before it was replaced by an optimized version in December 2020.
The company’s founder and owner, Dr. Roland Scherb, PhD is an auditor, consultant, coach, and author. He is a member of the German Federal Auditors’ Association, the Bundesverband der Auditoren and an active member of the DIN e.V. working group as well as a lecturer with the TÜV-Academy.