TISAX

TISAX is the leading automotive industry information security initiative. It is based on the Information Security Assessment (ISA) developed by the German Association of the Automotive Industry (VDA) and Volkswagen. It is administered by the ENX Association on behalf (VDA).

VDA member companies used the ISA both for internal security assessments and for assessments of suppliers, service providers, and other partners that process sensitive information on their behalf. However, because these evaluations were handled individually by each company, they created a burden on partners and duplicated efforts on the part of VDA members.

To help streamline security evaluations, VDA set up TISAX, which is used by European automotive companies to provide a common information security assessment for internal analysis, evaluation of suppliers, and information exchange.

The ENX Association maintains the ISA, audit provider criteria and assessment requirements (TISAX ACAR). It also approves audit providers and monitors the quality of implementation and assessment results. ENX is supported by the TISAX Committee, comprising manufacturers, suppliers and associations.

QMGC Role in TISAX

QMGC provides comprehensive TISAX consulting services, with a team of experienced consultants who guide you through the process step-by-step. Our methodologies ensure a fast consulting and certification process for TISAX self certification, Assurance Level 1 or Assurance Level 2 certification. It goes through the following set of processes.

Gap Analysis and Risk Assessment

• Based on the organization scope,a detailed gap analysis to assess current controls.
• QMGC consultants will provide detailed recommendations for each identified gap.

 Training, Documentation and Closure of Gaps

• Depending upon the gaps and the organizational context, we implement all the gaps identified in the system in scope including providing training and orientation for all the associated roles.
• Each documentation is developed and tailored to ‘best-fit’ solution for the organization.

Periodic Internal Progress Audit

• Internal Audit are conducted periodically to ensure the effectiveness of the implemented controls. This includes progress review with management to ensure that the TISAX program goals are achieved.

Final Certification Audit

• QMGC facilities choosing external body to performfinal certification audit as per assurance requirements. QMGC consultants support the execution up to completion of the final audit.