TISAX® Certification: protect sensitive data in the automotive sector

In the automotive sector, suppliers and partners along the supply chain manage sensitive information daily about prototypes, customer data, and industrial processes.

To uniformly address the information security requirements demanded by OEMs (Original Equipment Manufacturers), the German association VDA promoted the creation of TISAX® (Trusted Information Security Assessment Exchange), a platform managed by ENX Association that allows the sharing of assessment results.

RINA, through collaboration with AFNOR via CISQ Automotive, can offer TISAX® audits to all automotive companies that need to demonstrate compliance with ISA (Information Security Assessment) standards.

Advantages

- Avoid repetition of assessments for each OEM customer.

- Reduce time and costs thanks to a single audit recognized by multiple manufacturers.

- Easily share results through the TISAX® platform.

- Obtain an internationally recognized assessment.

- Ensure compliance through audits conducted by accredited bodies.

- Strengthen reputation within the automotive supply chain.

 Certification process

The TISAX® assessment process is divided into three increasing levels, based on the type of data handled and the level of risk to information security. Each level corresponds to a different verification method, designed to suit the complexity and sensitivity of the supplier's activity:

- Level 1 – Self-assessment: Suitable for suppliers who only handle standard low-risk information. In this case, it is sufficient to fill out the ISA (Information Security Assessment) questionnaire and upload the self-assessment to the TISAX® platform. No external verification is required. It is the simplest and least invasive level, but also less recognized by OEMs.

- Level 2 – Remote verification: Suitable for suppliers with a more complex role in the supply chain, handling sensitive but not highly classified data. After the self-assessment, an approved audit provider conducts a remote plausibility check (typically by phone or video call) to verify consistency. This level represents a compromise between completeness and costs.

- Level 3 – On-site audit: Mandatory for suppliers handling critical information, such as data on prototypes, intellectual property, physical access to OEM factories or IT systems. The self-assessment is followed by a physical inspection at the supplier's premises by an approved audit provider. It is the most rigorous level and ensures the highest degree of reliability in the assessment.

After the audit, the result is uploaded to the TISAX® platform and can be shared with other authorized participants (OEMs, customers, partners). The assessment validity is three years, unless substantial changes occur in the organization's scope or updates to requirements.

Why choose RINA?

RINA can offer TISAX® audits thanks to a cooperation agreement with AFNOR, an entity recognized by ENX Association, signed through CISQ Automotive.

We can guide you throughout the assessment process, ensuring reliability, technical expertise, and an international network. With RINA, you can count on an audit compliant with TISAX® platform requirements, conducted by qualified professionals able to support your company in effectively meeting automotive manufacturers' demands.

Regulatory focus

TISAX® was developed by the German automotive association VDA to respond to the growing need to protect sensitive information along the entire automotive supply chain. The model is based on the ISA (Information Security Assessment) questionnaire developed by VDA, which represents the reference for evaluating information security requirements along the supply chain.

To ensure transparency, neutrality, and reliability, VDA entrusted the operational management of TISAX® to ENX Association, which manages the official platform and coordinates the recognition processes. TISAX® assessments are conducted exclusively by accredited audit providers, whose list is available on the official website.

Frequently Asked Questions