TISAX

TISAX

TISAX (Trusted Information Security Assessment Exchange) is an information security standard created specifically for the automotive industry, managed by the ENX Association. This standard aims to ensure that all participants in the automotive supply chain meet uniform information security requirements. The TISAX standard, as part of security governance, addresses the protection of prototypes, the management of sensitive data, as well as the security of IT processes.

Secure&IT has a team of CISA certified information security experts, ISO 27001 Lead Auditor, ISO 20000 Lead Auditor, ISO 9001 Lead Auditor, C|CISO, ITIL or Lean IT, among others, who can accompany your organization in the implementation and maintenance of this standard. This includes:

• Advice to the Safety, Quality, Change, Crisis, Coordination or Management Committees established in the company. The best way to add value to our clients’ management systems is to belong to their safety committee as an agent of the various governing bodies of the management systems.
• Determination and review of indicators. Having and managing good indicators is key, since they are the measurement tool of the management system. They will indicate the state of health and the level of maturity and improvement.
• Conducting, reviewing and updating the risk analysis. The risk analysis should be updated and reviewed periodically to ensure that it responds to the behavior and evolution of the company and its environment.
• Implementation and review of information security procedures and controls. Business processes are the driving force of organizations. Our process experts will ensure the optimization of these procedures, as well as the implementation of the controls required by TISAX.
• Internal audit. Every management system must be reviewed and evaluated periodically. At Secure&IT we perform an audit, as part of your service, which, in addition to covering all the requirements of the reference standard to establish the level of compliance, will indicate the state of health of the management system. In this way, it will be possible to establish the corrective and preventive action plan necessary for the continuous improvement process to be “alive”.
• Support in the management and treatment of non-conformities. Support will be provided for the correction of possible deviations or non-conformities detected in audits or in the management of the system.
• Periodic consulting sessions. In order for our management system to be in continuous movement, it is necessary to establish periodic sessions where maintenance tasks are reviewed, improvement proposals are established, issues are resolved, etc.
• Certification audit support. The TISAX standard is certifiable. Our experts will support the organization during the certification audit of the standard against an independent third party.