Trusted Information Security Assessment Exchange


Together with the ENX Association, the German Association of the Automotive Industry (VDA) has developed and established a standard for an information security management system especially for the automotive industry based on ISO 27001. In order to strengthen the trust between business partners in secure data processing, these system boarders are focused. This standard defines itself as a specific development of the requirements of ISO 27001. SQS offers the review for this specific Product because, among other things, it consistently complements the Basic Standards.


TiSAX is a standard of the German Association of the Automotive Industry. It focuses the secure processing of information from business partners, the protection of prototypes and data protection in accordance with the Basic Data Protection Regulation for potential business between car manufacturers and their suppliers or service providers. The testing requirements include the risk assessment of suppliers, the optimised system for the exchange of standardised test results in the automotive industry and an assessment of the maturity level of the supplier or service provider.

Target groups

Supplier companies in the automotive industry (suppliers and service providers).


3 years - in the sense of continuous development, a maintenance audit can take place annually (voluntary). A recertification audit takes place after 3 years.


The TiSAX certification is internationally recognised.


TiSAX is a stand-alone certificate, which is based on ISO 27001 and ISO 27017 in terms of content.

Lead Auditor
Gerlinde Frera
Would you like
(*) are mandatory