Consulting on TISAX®

Why should you implement an ISMS according to TISAX®?

To ensure that data, prototypes, and subcontractors are handled with care and that a high level of security is maintained when information is exchanged across company boundaries, the German Association of the Automotive Industry (VDA) developed a question catalog based on ISO 27001. It focuses on information security but specifies special requirements of the automotive industry in many places. This question catalog serves as the basis for the self-assessment and must be completed by the service provider or supplier before the audit.
For assessments of this type, a common testing and exchange mechanism has been established since 2017 with TISAX®,

the Trusted Information Security Assessment Exchange. Through assessments and the achievement of a TISAX® label, service providers and suppliers demonstrate to their customers that they meet the high security requirements for information provided. OEMs already frequently require the TISAX® label for information security "high" or "very high" as a condition for cooperation.
To safeguard our business operations, we ourselves operate an integrated and certified management system in accordance with ISO 9001, ISO 27001 and TISAX. You can view our TISAX® audit result via the ENX platform for Participant ID PZX0VF.

TISAX® is a registered trademark of the ENX Association. The mention of the TISAX® trademark does not imply any statement by the trademark owner regarding the suitability of the services advertised here. The exclusive responsibility for the content of the website and the services presented here lies with abat.

How does abat support you during the implementation?

We support you by asking relevant questions about the requirements, assisting you in filling out the questionnaire, and assigning a correct maturity level (Level 1-5). In addition, we accompany you during the introduction of an information security management system according to TISAX® or, if desired, assist you only in partial areas, for example, in checking the requirements for access, entry and access, handling data backup and patch management, conducting risk analyses, employee training for security awareness or prototype protection. Basically, we help you establish processes, define roles (e.g. IT Security Officer or Information Security Officer) and create the necessary documentation.

Why do you need an Information Security Officer?

Setting up an ISMS is not a one-off matter; after all, the system is operated as a process via a Plan-Do-Check-Act (PDCA) cycle. This task is the responsibility of the information security officer. In general, our advice on implementing an ISMS in accordance with TISAX® concludes with you being able to use your ISMS independently. If you are unable to handle the workload involved in operating an ISMS, you can also engage us as an external information security B representative.

Why should you choose abat?

Almost no company undertakes a assessment on TISAX® on its own initiative. To ensure that you are well equipped for the time before, during and after the certification or audit process, we offer you consulting services for this area. Our consultants have completed training as TISAX® VDA/ISA Lead Implementer & Lead Auditor. Years of experience and regular training in this area ensure that we follow the current standards. Our goal is to support you in setting up an ISMS in accordance with TISAX® and to optimally prepare you for an audit.

How to get a TISAX® label?

Please note that we can support you in the implementation of an information security management system as well as accompany you in the audit process. However, the final audit according to TISAX® may only be performed by an audit service provider recognized by the ENX Association. All recognized inspection service providers are listed on the ENX Association's exchange platform. Via this exchange platform, the results can be made available to the automotive manufacturers if required.

Our customers in the area protect

Saskia

ISMS Consultant
Bremen

For me, abat is: fun, exciting projects - great customers and colleagues packed into a respectful and trusting atmosphere with plenty of room for continuous development!

Melissa

ISMS Senior Consultant
Bremen

At abat, I have the freedom to shape my work as I see fit.

Hans

ISMS Senior Consultant
Bremen

For me, abat is synonymous with limitless opportunities and a sustainable corporate culture

Andreas

ISMS Senior Consultant
Bremen

I have never worked in such a self-determined and self-reliant way as in this team. Love it.

Our memberships

abat is a member of

Logo Allianz für Cyber-Sicherheit Teilnehmer
Logo iFIT, Freies Institut für IT-Sicherheit e. V. Mitglied

Our experts are committed to

Logo ISACA, Information Systems Audit and Control Association
Logo (ISC)2

Quick Link

You might also be interested in

Information material

on the topic Information security

download PDF now 

Contact our abat protect expert

Free initial consultation to analyze your needs

In the first meeting, you define your initial situation with us, and we clarify initial questions.

This appointment is free of charge and without obligation for you.