VDA ISA

Any company looking to establish business relationships in today’s automotive industry must introduce an ISMS based on VDA ISA and obtain TISAX®* certification. Get your business ready for the future today.

*TISAX® is a registered trademark of ENX Association.
**apsec and the Swiss IT-Security Group are not affiliated with
ENX Association.

Which businesses and organisations would benefit from VDA ISA?

TISAX®* is an information security standard for the automotive industry.

Contact

    *Mandatory

    Contact us

    Benefits of VDA ISA

    Recognised standard

    TISAX® is a recognised standard for the automotive industry and is operated by ENX Association (ENX Association acts as the governance organisation, and in addition to accreditation is also responsible for monitoring the quality of the implementation and the assessment results)

    Clearly defined requirements

    The underlying VDA ISA contains detailed, industry-accepted requirements and serves as a basis for the audit

    Proof of information security

    By participating, you provide your partners with an official confirmation that your business guarantees the secure processing of confidential information

    VDA information security requirements

    The term TISAX®* stands for ‘Trusted Information Security Assessment eXchange’. TISAX® describes a mechanism that allows companies to share the results of an information security assessment with legitimate interested parties via a secure online platform. The operator ENX Association acts as the governance organisation, accredits the audit providers and monitors the quality of the implementation and the assessment results.

    The assessment is based on the VDA Information Security Assessment. The defined requirements can be roughly divided into the following categories:

    Information security

    The information security requirements describe the structure and operation of an information security management system and strongly resemble the Control Objectives and Controls in ISO27001:2017 (however, compliance can also be achieved using other ISMS methodologies).

    Management of third parties

    This module defines specific requirements that apply where spaces are sub-let to a supplier or service provider, and a connection to the third party’s business network is to be established on the premises.

    Prototype protection

    Prototype protection covers aspects of physical security, organisational requirements and the handling of prototypes.

    Future-proofing

    In future, VDA ISA compliance will be a mandatory requirement for collaboration within the automotive industry

    swiss it security

    Send a request

    Leave us your e-mail address and we will gladly get in contact with you

    Are you interested in our solution?

    Services

    • Self-assessment based on VDA ISA to determine starting point
    • Definition of tasks and measures required to close identified gaps
    • Support towards ensuring overall maturity compliance and achieving the required Level 3
    • Integration of areas of VDA ISA you have already met

    We help you prepare for TISAX® certification by advising on technical aspects, providing project management and drawing up policies

    Our experienced advisers conduct regular, external assessments of information security required by VDA ISA

    Disclaimer

    *TISAX® is a registered trademark of ENX Association.

    **apsec and the Swiss IT Security Group are not affiliated with ENX Association.

    Download

    Thank you for your interest!

    You can download the product sheet by clicking the button below.