A common foundation for Information Security is a lofty goal, but it is nevertheless what the automotive industry has been pursuing with TISAX since 2017. And with good reason:
The importance of Information Security is growing as digitalization advances. It is for this reason that the automotive industry has decided to establish its own catalogue of criteria for information security, amongst others. This catalogue is used for the so-called Trusted Information Security Exchange (TISAX).
TISAX assessments are increasingly requested by OEMs as part of contractual obligations, via general terms and conditions or supplier scoring cards. Every company that successfully completes the TISAX assessment is entered into a platform where registered parties (e.g. OEMs or suppliers) can share assessment results, so-called Labels, with each other.
A catalogue of common criteria for TISAX ensures comparability and transparency between engaged parties. The essential features of this catalogue are based on ISO 27001, but have been tailored to the specific needs and requirements of the automotive industry and are thus additionally amended by requirements targeting the protection of prototypes.
As of recent years, TISAX is recognized, used, and in demand worldwide.
TISAX has a distinctive feature: the assessment does not apply to companies in their entirety, but to individual sites. Kaiserslautern is the second Freudenberg Filtration Technologies site in Germany after Weinheim (see previous article) to meet the TISAX requirements without a single deviation from the catalogue. By achieving the TISAX label, the company has strengthened its position as a supplier to the automotive industry.
That’s not the last Kaiserslautern and Weinheim will get in touch with TISAX. The sites will need to re-engage with the assessment process as the TISAX label is valid for only three years before the assessment needs to be repeated. Either way, the level of Information Security at Freudenberg Filtration Technologies’ sites will be kept high.