//TISAX 汽車業信息安全評估交流機制
TISAX 汽車業信息安全評估交流機制2018-10-05T14:53:44+00:00

Project Description

Trusted Information Security Assessment Exchange (TISAX) for Automotive Industry
汽車業信息安全評估交流機制

Are you a supplier or service provider for the automotive industry? Do you need to assure customers that you are keeping their information secure – Participation in the TISAX Exchange.

On the request of some of the largest automotive manufactures, a common assessment and exchange mechanism, based on VDA Information Security Assessment (ISA) criteria, has been developed:  Trusted Information Security Assessment Exchange (TISAX).

Entrusted by VDA, ENX Association is operating the TISAX. ENX is a Managed Security Service for secure and reliable communication, being used by more than 1,000 automotive companies in over 30 countries.

You undergo a VDA Information Security Assessment (ISA) administered by an accredited audit provider, such as DQS. As a registered TISAX participant, your assessment result will be accepted by all other participants in the scheme.

您是汽車行業的供應商或服務提供商嗎? 您需要向客戶保證您的信息安全嗎? – 參與TISAX 交換機制。

在几家全球知名汽車主機廠的推動下,基於VDA 信息安全評估標準的一個共同認可評估和交換機制已經建立:TISAX汽車行業信息安全評估交流機制。

在VDA的信任下,TISAX由ENX協會運營。ENX是一個安全服務相關的信息交流機制,目前在30多個國家有1,000多家汽車行業的公司在使用此服務。

您接受由經認可的審核提供商管理的VDA ISA信息安全評估, 例如DQS。作為註冊的TISAX參與者,您的評估結果將被機制中其他的參與者接受。

Assessment Standard 評估标准

The VDA’s Information Security working group recently developed an information security assessment (ISA) based on essential aspects of ISO/IEC 27001 and 27002, but with the addition of a maturity level model. Version 4.0 of the VDA ISA was published in early 2018.

VDA的信息安全工作組最近在ISO/IEC 27001 和 27002 的基礎上開發了信息安全評估基準(ISA),但增加了成熟度級別模型。 VDA ISA的4.0版本於2018年初發布。

Harmonizatio of Security Levles 安全等级协调

A comparison within the automotive industry revealed differences between the companies regarding the number and the designation of information classification levels. The VDA’s Information Security working group has developed a standard scheme for classifying information which has been published now as a White Paper. In conjunction with the requirements of the VDA’s Information Security Assessment (VDA ISA), it helps to prevent misunderstandings and risks during the exchange of information and thus fosters appropriate information handling.

The VDA recommends its members to use this White Paper for orientation and to implement the described scheme for information classification in the companies.

汽車行業內的比較揭示了不同公司在信息分類水平的數量和名稱方面的差異。 最近幾個月,VDA的信息安全工作組制定了一個標準的信息分類方案,現已作為白皮書發布。 結合VDA信息安全評估基準的要求,它有助於防止信息交換過程中的誤解和風險,從而促進適當的信息處理。

VDA建議其成員使用本白皮書,並實施所述的公司信息分類方案。

How it works? 服務流程

  • You receive access to TISAX by registering online on the TISAX portal.
    您在TISAX門戶網站進行在線註冊後就可以訪問TISAX;
  • Then you can place order to DQS to perform the assessment against VDA ISA.
    然後您可以向DQS要求提供基於VDA 信息安全評估基準的評審;
  • After assessment, the results will be uploaded to the TISAX Database.
    評估完成後,結果將上傳到TISAX的數據庫;
  • Assessment every 3 years
    每3年進行一次評估
  • You decide which TISAX participant can access which information by expressly granting access on a case-by-case basis.
    你可以通過清晰的授權決定哪些TISAX參與者可以查看哪些信息;
  • The ENX Association monitors assessment quality and accredits audit providers based on a rigorous process. ENX協會根據嚴格的流程監控評估質量並對審核提供商進行認可。

Related News 相關新聞:

Michelin Guide 米其林指南 – 2019

December 12th, 2018|Comments Off on Michelin Guide 米其林指南 – 2019

Michelin Guide - 2019 has been released for some cities, such as Hong Kong, Macau, and Shanghai. Michelin has been a giant [...]

error: Alert: Content protected !!