Skip to main content
Glossary

TISAX

The Trusted Information Security Assessment Exchange, an automotive industry standard for information security assessments. TISAX provides a mutual recognition framework so that suppliers only need to be assessed once to satisfy multiple OEM requirements.

Why it matters

The automotive supply chain is deeply interconnected, and OEMs like BMW, Volkswagen, and Mercedes require their suppliers to demonstrate information security maturity. Before TISAX, every OEM ran its own assessment, creating redundant effort across the supply chain. TISAX standardizes the process through the VDA ISA catalog (based on ISO 27001 with automotive-specific extensions) and allows results to be shared via a central exchange. For suppliers, TISAX certification is increasingly non-negotiable for maintaining automotive contracts.

In practice

TISAX assessment covers information security, prototype protection, and data protection based on the VDA ISA questionnaire. Organizations self-assess, then undergo an audit by an accredited provider (like TUV or Dekra). Results are published on the ENX portal at defined assessment levels. In vucavoid, TISAX can be implemented as a blueprint that materializes VDA ISA requirements into a working baseline, with controls mapped to each catalog item and evidence collection integrated into the workflow.

Related terms

ISO 27001

The international standard for information security management systems. The most recognized security certification globally.

Compliance Framework

A structured set of guidelines and controls to meet regulatory or industry security requirements.

Cookie Use on Our Site

To ensure the smooth functioning of our website, we use a limited number of cookies. These cookies are essential for providing you with the services available on our website and to use some of its features. Here is a brief overview:
  • vucavoid_session: This cookie is essential for user authentication. It ensures that your session is secure and recognizes you as you navigate through our site.
  • XSRF-TOKEN: This cookie is critical for website security. It helps protect against cross-site request forgery attacks.
  • latest_marketing_banner_visible_{MARKETING_BANNER_ID}: This cookie simply remembers if you have seen our latest site banner, enhancing your browsing experience without tracking your personal data.

These cookies are strictly necessary to deliver the website, and therefore, we do not require your consent to place these cookies. For more information, please visit our Privacy Policy.