.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334){kind=spacer}
Who needs TISAX?
Automotive suppliers
Tier 1, 2, and 3 suppliers to major automotive manufacturers who require TISAX certification for supplier onboarding.
Service providers
IT, engineering, and consulting firms working with automotive OEMs that handle sensitive technical data or prototypes.
Assessment levels
| Level | Description |
|---|---|
| AL 1 | Self-assessment (not commonly accepted) |
| AL 2 | Remote assessment by accredited auditor |
| AL 3 | On-site assessment by accredited auditor (most common) |
Key assessment areas
- Information security — based on ISO 27001 with automotive-specific additions
- Prototype protection — physical and digital protection of pre-release vehicles and components
- Data protection — GDPR compliance for personal data handling
How DSALTA helps
- TISAX-specific controls mapped to the VDA ISA catalog
- ISO 27001 foundation — TISAX builds on ISO 27001, so existing controls carry over
- Evidence collection automated through integrations
- Cross-framework mapping — significant overlap with ISO 27001 and GDPR
Frequently asked questions
How does TISAX relate to ISO 27001?
How does TISAX relate to ISO 27001?
TISAX is based on the VDA ISA (Information Security Assessment) catalog, which builds on ISO 27001 with automotive-specific requirements. ISO 27001 certified organizations have a strong head start.
How long is a TISAX label valid?
How long is a TISAX label valid?
TISAX labels are valid for 3 years. After expiration, a new assessment is required.