The New TISAX Standard ISA 6.0 is Published

Key Features and Updates

• IT and OT Availability: Recognizing the critical role of IT and OT systems in automotive manufacturing, ISA 6.0 places increased emphasis on ensuring their availability. The new standard provides comprehensive guidelines and requirements to ensure the robustness and reliability of these systems, reducing the risk of disruptions in production processes.
• Leading Language and Translations: In an effort to foster better global collaboration and understanding, ISA 6.0 now adopts English as the leading language. This standardization aims to facilitate communication and ensure clarity across different regions. Additionally, plans are underway to provide translations of the standard to accommodate diverse linguistic needs.
• Implementation Guidance: To assist organizations in effectively adhering to the standard's requirements, ISA 6.0 includes additional implementation guidance. This guidance offers practical insights, best practices, and recommendations for auditors, auditees, and employees, enabling them to implement necessary controls and measures more effectively.
• Revised Data Protection Catalogue: ISA 6.0 introduces a complete revision of the data protection catalogue. This comprehensive catalogue addresses various aspects of data protection, including data privacy, confidentiality, integrity, and availability. By aligning with current data protection regulations and industry best practices, the revised catalogue sets a high standard for safeguarding sensitive information.
• Alignment with International Standards: In a bid to harmonize practices and strengthen overall security measures, ISA 6.0 incorporates references to international standards such as ISO/IEC 27001:2022 and NIST Cyber Security Framework Version 1.1. This alignment ensures that organizations implementing TISAX® adhere to globally recognized practices and stay updated with the latest security protocols.
• Emphasis on Continuous Improvement: ISA 6.0 emphasizes the importance of continuous improvement and maintenance of information and data security measures. Organizations are encouraged to regularly assess and enhance their security practices to adapt to evolving threats and technological advancements, ensuring a proactive and robust security posture.

Transition and Effective Date

The effective date for ISA 6.0 in TISAX® is April 1, 2024. To ensure a smooth transition, the following rules apply:

• Assessments conducted according to older standards will remain valid.
• If TISAX® labels do not expire, no reassessment is necessary.
• New TISAX® Assessment Proceedings ordered until March 31, 2024, will be conducted using ISA version 5.1.
• New TISAX® Assessment Proceedings ordered from April 1, 2024, will be conducted using ISA version 6.0.
• Assessment activities related to an existing assessment, such as corrective action plan assessments, follow-ups, or scope extensions, will be conducted using the same version as the original assessment.

The release of ISA 6.0 marks a significant milestone in the TISAX® standard, reinforcing the commitment of the automotive industry to information security. By embracing the latest standards and practices, organizations can enhance their resilience against cyber threats and ensure the protection of sensitive information. With its focus on IT and OT availability, implementation guidance, revised data protection catalogue, alignment with international standards, and emphasis on continuous improvement, ISA 6.0 paves the way for a more secure automotive ecosystem.