Any company looking to establish business relationships in today’s automotive industry must introduce an ISMS based on VDA ISA and obtain TISAX®* certification. Get your business ready for the future today.

*TISAX® is a registered trademark of ENX Association.
**apsec and the Swiss IT-Security Group are not affiliated with
ENX Association.

Which businesses and organisations would benefit from VDA ISA?

TISAX®* is an information security standard for the automotive industry.


Benefits of VDA ISA

Recognised standard

TISAX® is a recognised standard for the automotive industry and is operated by ENX Association (ENX Association acts as the governance organisation, and in addition to accreditation is also responsible for monitoring the quality of the implementation and the assessment results)

Clearly defined requirements

The underlying VDA ISA contains detailed, industry-accepted requirements and serves as a basis for the audit

Proof of information security

By participating, you provide your partners with an official confirmation that your business guarantees the secure processing of confidential information

VDA information security requirements

The term TISAX®* stands for ‘Trusted Information Security Assessment eXchange’. TISAX® describes a mechanism that allows companies to share the results of an information security assessment with legitimate interested parties via a secure online platform. The operator ENX Association acts as the governance organisation, accredits the audit providers and monitors the quality of the implementation and the assessment results.

The assessment is based on the VDA Information Security Assessment. The defined requirements can be roughly divided into the following categories:

Information security

The information security requirements describe the structure and operation of an information security management system and strongly resemble the Control Objectives and Controls in ISO27001:2017 (however, compliance can also be achieved using other ISMS methodologies).

Management of third parties

This module defines specific requirements that apply where spaces are sub-let to a supplier or service provider, and a connection to the third party’s business network is to be established on the premises.

Prototype protection

Prototype protection covers aspects of physical security, organisational requirements and the handling of prototypes.


In future, VDA ISA compliance will be a mandatory requirement for collaboration within the automotive industry

swiss it security

Send a request

Leave us your e-mail address and we will gladly get in contact with you

Are you interested in our solution?



  • Self-assessment based on VDA ISA to determine starting point
  • Definition of tasks and measures required to close identified gaps
  • Support towards ensuring overall maturity compliance and achieving the required Level 3
  • Integration of areas of VDA ISA you have already met

We help you prepare for TISAX® certification by advising on technical aspects, providing project management and drawing up policies

Our experienced advisers conduct regular, external assessments of information security required by VDA ISA


*TISAX® is a registered trademark of ENX Association.

**apsec and the Swiss IT Security Group are not affiliated with ENX Association.


*Mandatory field


Thank you for your interest!

You can download the product sheet by clicking the button below.


*Mandatory field


*Mandatory field