DQS Audit and Certification Regulations



1. Scope and Applicability

This “TISAX Annex to DQS Assessment and Certification Regulations” applies to all assessment and services offered and rendered to clients of the international DQS Group according to the TISAX standard of the ENX Association. These regulations are only valid in combination with the general DQS Assessment and Certification Regulation available in English language at the following link or upon request from every DQS office:


2. Program Requirements

For Clients applying for the TISAX assessment scheme, the following terms and conditions apply:

a)    DQS will not issue certificates for TISAX to its clients. Instead, the DQS will inform the TISAX platform about the result of the assessments. In case of positive results, the ENX will grant digital labels. The decision as to exactly which labels are awarded is the sole responsibility of ENX. These Labels are then visible for the client and selected members of the Trusted Information Security Assessment Exchange (TISAX) platform.

b)    Client agrees to support ENX witness audits of the DQS and the presence of ENX representatives or their delegates at client’s facilities. The client will agree to support DQS monitoring audits where the DQS audit team is monitored for internal quality assurance.

c)    TISAX assessors must fulfill specific requirements to receive and maintain their appointment. The assignment of an assessor to an assessment must take into account these requirements. Therefore, the client’s right to refuse an assigned assessor is restricted to justified cases of conflicts of interest or substantiated evidence of improper activity.

d)    Client agrees that DQS in performing its functions in accordance with TISAX assessment scheme, can provide full access to the scheme holder ENX, its member representatives, and regulatory and government authorities, as necessary or legally required, for the right for review of all records and information pertaining to activities associated with demonstrating compliance to assessment requirements. This includes information from all assessment types.

e)    Client agrees to allow TISAX assessment data to be entered into the digital TISAX platform by DQS for each assessment.

f)    Client is not authorized to use or create logos representative of TISAX, ENX and relevant TISAX Committees without direct authorization by said organization(s).

g)    Client agrees to adhere to all aspects and requirements of the TISAX assessment scheme. This includes, but is not limited to, the payment of fees and costs associated with participation, such as location registration and access fees for TISAX.

h)    Client agrees to notify DQS of significant changes within the organization (e.g., changes related to address, ownership, key management, number of employees or scope of operations).

i)    Client’s TISAX platform administrator is responsible for managing the organization’s contact information within the database, registered locations, users associated with the organization and external access to assessment results in the TISAX database.

j)    Prior to or while conducting the TISAX assessment, Clients must disclose any material relevant for the assessment process to the audit team.