Support in the implementation of information security in the automotive industry according to the TISAX® standard

As elsewhere, information security in the automotive industry is becoming increasingly important for business success. For instance, suppliers and OEMs along the supply chain are constantly exchanging sensitive data that is critical to their success. Data loss caused by inadequate information security can lead to legal problems as well as to a loss of customer trust, and ultimately this brings economic harm.

For these reasons, many OEMs require a successfully completed TISAX® assessment from their suppliers. Thus the standard of the ENX Association represents a necessary competitive requirement for companies in the automotive industry. TÜViT supports customers through all project phases when introducing the TISAX® standard: from assessing the current state of their ISMS to equipping them with means to handle all related issues within their own organization.


TISAX® is a registered trademark of the ENX Association (European NetworkExchange Association) and stands for Trusted Information Security Assessment Exchange. It is a testing and exchange mechanism that enables mutual recognition of information security assessments between TISAX® participants. As a neutral body, the ENX Association was entrusted with the implementation by the German Association of the Automotive Industry (VDA) and monitors the quality of the implementation and the test results.

The standard is based on the internationally recognized ISO 27001 standard, which is specific to the automotive industry in the context of TISAX® and thus additionally covers the criteria of prototype protection, third-party linkages, and data protection.

On the TISAX® platform of the ENX Association, which has been set up especially for this purpose, participants are able to exchange their assessment data. This creates a high degree of comparability and transparency.


Our services

TÜViT accompanies your business on its way to a successful TISAX® assessment. As an experienced partner, we support you regardless of the level of implementation of your information security management system (ISMS).

Using a gap analysis, our experienced experts determine the current level of maturity of your company’s information security and the measures you still need to implement in order to successfully complete the TISAX® assessment.

After completing the gap analysis, we support you with our supervising, which includes all aspects of the TISAX® standard from planning to successful implementation of the measures. You can also make use of this supervising independently of the gap analysis.

Additionally, we offer individual workshops to support you comprehensively in the area of information security.


Our consulting and support services for the TISAX® standard at a glance:

Gap analysis

  • Determine your current readiness for a TISAX® assessment
  • Document any vulnerabilities to be eliminated


  • Accompany you to the point of your successful TISAX® assessment
  • Support you in taking needed measures


  • Workshops on ISMS and the TISAX® standard of the ENX Association
  • Employee awareness training
  • Customized workshops according to level of implementation


Your benefits at a glance

  • Benefit from bundled industry and IT experience in industrial security and production security.
  • Objective analysis and assessment of technical and organizational security measures in in consideration of the TISAX® standard and ISO 27001
  • More than 700 successfully completed ISMS projects
  • Trust and compliance verification to clients and business partners
  • Comprehensive experience in the field of ISO 27001

Any questions? We are happy to help you!

Thomas Buch

Head of Sales Region North-East Germany

+49 30 2007700-65
Fax : +49 30 2007700-99

Further services

ISO 27001

As a certified IT security service provider by the German Federal Office of Information Security (BSI), TÜViT supports companies and public authorities with the planning, implementation, monitoring and continuous improvement of their information security management system.
Read more


With a certification under ISO 27001 based on the “BSI IT-Grundschutz” standard, you show your customers and business partners the importance you associate with IT security, since the level of your information security fulfills the requirements of the BSI.
Read more

ISMS for the Energy Industry

TÜViT supports grid operators with the rollout of their ISMS according to ISO 27001, taking into account ISO 27019.
Read more