Skip to main content

Documentation Index

Fetch the complete documentation index at: https://help.dsalta.com/llms.txt

Use this file to discover all available pages before exploring further.

TISAX (Trusted Information Security Assessment Exchange) is an information security assessment standard specifically designed for the automotive industry. Managed by the ENX Association, it enables automotive companies and their suppliers to share assessment results through a mutual recognition system.

Who needs TISAX?

Automotive suppliers

Tier 1, 2, and 3 suppliers to major automotive manufacturers who require TISAX certification for supplier onboarding.

Service providers

IT, engineering, and consulting firms working with automotive OEMs that handle sensitive technical data or prototypes.

Assessment levels

LevelDescription
AL 1Self-assessment (not commonly accepted)
AL 2Remote assessment by accredited auditor
AL 3On-site assessment by accredited auditor (most common)

Key assessment areas

  • Information security — based on ISO 27001 with automotive-specific additions
  • Prototype protection — physical and digital protection of pre-release vehicles and components
  • Data protection — GDPR compliance for personal data handling

How DSALTA helps

  • TISAX-specific controls mapped to the VDA ISA catalog
  • ISO 27001 foundation — TISAX builds on ISO 27001, so existing controls carry over
  • Evidence collection automated through integrations
  • Cross-framework mapping — significant overlap with ISO 27001 and GDPR

Frequently asked questions

TISAX is based on the VDA ISA (Information Security Assessment) catalog, which builds on ISO 27001 with automotive-specific requirements. ISO 27001 certified organizations have a strong head start.
TISAX labels are valid for 3 years. After expiration, a new assessment is required.