Update to TISAX Assessment Scheme

TISAX Assessment Scheme Updates

With the release of ACAR_TISAX Specification of Assessments_Version 2.1, there are some changes to the TISAX assessment scheme.

a) For Assessment Level 2 (AL2), an alternative assessment approach is offered as a full remote assessment, which is referred to as AL 2.5.

For TISAX audits by authorized Audit Service Providers, the assessment levels include:

• AL2 with plausibility check,
•  AL2.5 with full remote assessment, and
• AL3 with on-site audit (even at time of CoViD-19 pandemic)

b) For Simplified Group Assessment (SGA), on the basis of the original Sample Based SGA, another option of Rotating-Schedule SGA is offered.

• For the option of Sample Based SGA, the sampled locations will be audited in the 1st year.
• For the option of Rotating-Schedule SGA, all locations will be covered in 3 years.

What is TISAX?

On the request of some of the largest automotive manufactures, a common assessment and exchange mechanism, based on VDA Information Security Assessment (ISA) criteria, has been developed:  Trusted Information Security Assessment Exchange (TISAX).

VDA ISA is a catalogue of assessment criteria on information security, based on key aspects of the international ISO 27001 and 27002 standards, for automotive industry.

Entrusted by VDA, ENX Association is operating the TISAX. ENX is a Managed Security Service for secure and reliable communication, being used by more than 1,000 automotive companies in over 30 countries.

Click here to learn more about TISAX.

Technical Support by DQS:

• DQS has been listed as one of few worldwide TISAX audit service providers, which is already in demand by automotive customers around the globe.
  Some automotive customers have completed TISAX audits by DQS.
• DQS Academy will deliver public training courses to help customers understand the standard.