WEBINAR: Introduction to TISAX

During this one-hour webinar replay, you will be able to get a basic understanding of TISAX (Trusted Information Security Assessment Exchange) standard, its main concepts, and approach. Watch now.

Global Product presentation
TISAX, Trusted Information Security Assessment eXchange has been developed by ENX organization based on the VDA-ISA Information Security Assessment questionnaire and covers the automotive industry’s widely accepted information security requirements. Initiated in 2016 by VDA, it is currently supported by all German automotive OEM ‘s as well as Renault. More OEM ‘s are following to ensure compliance with these requirements in their supply chain. TISAX becomes a license to operate for suppliers working with one of these stakeholders.

More than a standard based on ISO 27001 requirements with automotive focus, it’s an exchange program where any supplier can share and demonstrate its performance level in managing sensitive information and data. It addresses the entire automotive value chain, including parts suppliers as well as service suppliers.  Any player dealing with sensitive information such as design and dimensional information, performance data, validation files, homologation data, contractual data, client data, scheduling, delivery, etc ….  may be required to demonstrate their level of performance through TISAX. 

Our webinar replay gives a possibility to get the first knowledge of TISAX Standard and approach. If you are not familiar with it  and do not have much time in your agenda or enough budget to attend classroom training, this webinar is for you. Bureau Veritas Certification ‘s information security expert and auditor Luc Villedieu introduces the TISAX approach and features. He shares detailed information on TISAX, what is this exchange program approach as well as what TISAX implies in terms of activities for preparation, self-assessment, audit, and labeling based on assessment objectives Information Security, Prototype protection and Data Protection.   At the time of the webinar the assessment objective “connection to third parties” was a separate assessment objective. In the meantime these requirements have been embedded under the other assessment objectives.

  Main Concepts:
      - Origin and TISAX overview
      - Advantages
      - Participation level and assessment scopes
      - TISAX requirements and comparison with ISO 27001 ones
      - Evaluation process, assessment objectives and results

  Designed for:
      - Project Manager for new parts development (Suppliers Tier 1/2/3)
      - Information Security Manager (Suppliers Tier 1/2/3)
      - Data Protection officer  
      - Quality Managers for Management System  (Suppliers Tier 1/2/3)



Your personal data are collected by Bureau Veritas Services, simplified joint-stock company, having its registered office at 8 Cours du Triangle, 92800 PUTEAUX, France, and are subject to computer processing in order to respond to questions from the media about the Group or its subsidiaries on the basis of your consent, and to respond to customer complaints, on the basis of the service contract that you have entered into with a subsidiary of Bureau Veritas.

Your personal data are intended for the Certification service line or the Quality, Health & Safety and Environment department of the Bureau Veritas Group, depending on the nature of your request, and for their service providers, providing consulting and technical services as well as for the Bureau Veritas IT department. They will be retained for a period of one year for media requests and ten years for customer complaints from your request.

Your personal data can be transferred outside the European Union, in countries where Bureau Veritas subsidiaries operate, on the basis of standard contractual clauses established by the European Commission, available on request, by writing to: https://personaldataprotection.bureauveritas.com.

Fields marked with an asterisk must be filled in. Otherwise, Bureau Veritas Services would not be able to answer your questions and/or complaints.

In accordance with the French Data Protection Act of 6 January 1978 as amended and the General Data Protection Regulation of 27 April 2016, you have the right to access, rectify and erase any personal data concerning you, as well as the right to limit the processing, the right to oppose to the processing or the right to portability of your personal data. You have the right to withdraw your consent at any time by connecting to the site https://personaldataprotection.bureauveritas.com and unchecking the box dedicated to the collection of your consent. You also have the right to set out general and specific guidelines that define how you intend these rights to be exercised after your death. You can exercise your rights online to lodge a complaint to the Commission Nationale Informatique et Libertés (CNIL) in France or the relevant authorities in your country.