Trusted Information Security Assessment Exchange (TISAX) for Automotive Industry
Are you a supplier or service provider for the automotive industry? Do you need to assure customers that you are keeping their information secure – Participation in the TISAX Exchange.
On the request of some of the largest automotive manufactures, a common assessment and exchange mechanism, based on VDA Information Security Assessment (ISA) criteria, has been developed: Trusted Information Security Assessment Exchange (TISAX).
Entrusted by VDA, ENX Association is operating the TISAX. ENX is a Managed Security Service for secure and reliable communication, being used by more than 1,000 automotive companies in over 30 countries.
You undergo a VDA Information Security Assessment (ISA) administered by an accredited audit provider, such as DQS. As a registered TISAX participant, your assessment result will be accepted by all other participants in the scheme.
您是汽車行業的供應商或服務提供商嗎？ 您需要向客戶保證您的信息安全嗎？ – 參與TISAX 交換機制。
您接受由經認可的審核提供商管理的VDA ISA信息安全評估, 例如DQS。作為註冊的TISAX參與者，您的評估結果將被機制中其他的參與者接受。
Assessment Standard 評估标准
The VDA’s Information Security working group recently developed an information security assessment (ISA) based on essential aspects of ISO/IEC 27001 and 27002, but with the addition of a maturity level model. Version 4.1 of the VDA ISA was published in late-2018.
VDA的信息安全工作組最近在ISO/IEC 27001 和 27002 的基礎上開發了信息安全評估基準（ISA），但增加了成熟度級別模型。 VDA ISA的4.1版本於2018年末發布。
Harmonizatio of Security Levles 安全等级协调
A comparison within the automotive industry revealed differences between the companies regarding the number and the designation of information classification levels.
The VDA’s Information Security working group has developed a standard scheme for classifying information, which has been published as a White Paper.
In conjunction with the requirements of the VDA’s Information Security Assessment (VDA ISA), it helps to prevent misunderstandings and risks during the exchange of information and thus fosters appropriate information handling.
The VDA recommends its members to use this White Paper for orientation and to implement the described scheme for information classification in the companies.
Related News 相關新聞：
IATF revised Sanctioned Interpretation No. 10 to IATF 16949:2016 standard in recent days, with clarified conditions for the use of a non-accredited [...]
IATF issued Sanctioned Interpretations to IATF Rules in recent days. One of them is No 26 with important information to certified clients [...]