TISAX certification

Based on the ISO 27001 standard, the Association of the Automotive Industry Verband der Automobilindustrie (VDA) has developed recommendations and evaluation criteria for the implementation and certification of information security in the automotive industry. The aim is to connect OEM manufacturers with suppliers, manufacturers and set identical rules for the entire project life cycle. This assessment is referred to as the VDA Information Security Assessment and falls under the TISAX® assessment.

    TISAX certification

    How to get ready?

    First of all, we recommend the introduction and certification of ISO 27001

    This standard is proof for the entry evaluation criteria that the ISMS is implemented and certified in your country, ie it meets international requirements.

    As part of the TISAX Intro ™ training, we will acquaint you with the course and requirements of the TISAX assessment in the field of information security.

    Subsequently, we recommend a TISAX Foundation course that prepares you for the role of internal auditor or manager, who is a key person for the certification itself.

    You can also use a non-binding audit, where in a fraction of the money and time you will find out how far you are prepared for certification. We identify areas that are treated and provide recommendations / consultations in those areas that are not treated.

    How to get ready?

    Audit scope

    Assessment scope + labels

    The more sensitive the information on the projects, the higher the level of protection you should set. The evaluation results are valid for a maximum of 3 years and are accepted by all German OEMs.

    Recommended rules for process security levels:

    Level 1

    Standard protection

    Comparable to internal information

    Level 2

    High protection requirements

    Comparable to confidential information

    Level 3

    Very high protection requirements

    Comparable to classified information

    Certification process


    We will register your company in the TISAX platform. Subsequently, we will determine the state of readiness of the organization and take the necessary pre-certification measures.

    2 Contract

    We will verify with you the scope of the audit, the required level of certification you need to obtain and we will conclude a contract for the audit / assessment.

    3 Prep

    The auditor will go through the certification process with you, including all important points. We will go through the completion of the questionnaire and other checklists together.

    4 Assessment

    The auditor reviews the documentation, ie how the safety principles are defined. It will prepare an audit report from the conclusions.


    The action plan covers areas that are not treated to meet the requirements of TISAX and VDA. The auditor will propose a solution.

    6 Follow-Up

    Follow-up is nothing more than a review of "corrected areas" based on the auditor's instructions. You will receive feedback and confirmation of the repair.

    7 Conclusion

    You will receive a final report and an evaluation label, which is listed and registered on the TISAX® platform. You can decide for yourself who can see your results. You have obtained a prestigious certification in the field of Information Security for Automotive Sector.

    8 Congrats!

    Our auditors will advise you on how to integrate this information appropriately into offers, marketing, sales and towards OEMs for whom you become a trusted supplier.

    Would you like a gift for your birtday?