Professional Documents
Culture Documents
ENX Association
Webinar
1. What is Tisax
2. The TISAX process
3. Evaluation time
4. Terms / roles
5. Tisax scope
6. Objectives / levels of assessment and protection TISAX
7. Sharing / dissemination of results
8. Approved connection tools
9. Connection types
10.Cost types
11.Reference links
4th
3rd To fulfill this request, your
organization must complete the
TISAX process in 4 steps.
2nd
Active participant
Supplier/ Audited: organization that must demonstrate the effectiveness of its
information security management system (SGSI) with the TISAX brand at the
request of one of its "passive participant" customers.
Passive participant
Customer/Automaker: organization that asks its relevant business partners
("active participants") to demonstrate the effectiveness of its SGSI with the
corresponding TISAX brand.
Audit provider
Accredited providers by TISAX, approved by ENX to carry out the evaluations.
4. Data protection with special categories of personal data Special date 4. Data protection with special categories of personal data AL 2
According to article 28 ("Processor") with special categories of personal data as According to article 28 ("Processor") with special categories of personal data as
specified in article 9 of the European General Data Protection Regulation (GDPR) specified in article 9 of the European General Data Protection Regulation (GDPR)
5. Protection of prototype parts and components Proto parts 5. Protection of prototype parts and components AL 2
6. Protection of prototype vehicles Proto vehicles 6. Protection of prototype vehicles AL 2
7. Handling of test vehicles Test vehicles 7. Handling of test vehicles AL 2
8. Protection of prototypes during events and film or photo shootings Events + 8. Protection of prototypes during events and film or photo shootings AL 2
Shootings
If you are driving test drives on public roads, the No. 7 "Handling of Test Vehicle" The greater the protection needs, more the supplier should ensure that information
assessment objective is one of your assessment objectives. security is treated as if it were his. Therefore, TISAX differs at the three evaluation levels
(AL).
The assessment level defines the depth with which TISAX-accredited Certifies will use
to perform the audit process.
confidential Secret
Connection
with SimplX OFTP2 KVS ECA Connect KVS Connect
Suppliers
Fill out the CSN Shortlist and send - (Supplier and VW Area)
Contracting the connection with Operational services (Supplier)
User Request and Token (VW area IT key user should contact IT)
www.operational-services.de
E-MAIL: csn.service@o-s.de
Consultancy
(accredited providers)
• Cost of • Contracting
registering • Cost to carry the
on the out the audit connection
platform service
Connection
ENX
Operational Services
TISAX Handbook
https://portal.enx.com/tphen.pdf
Accredited providers
https://portal.enx.com/en-US/TISAX/xap/?country=BR
VDA requirements
https://www.vda.de/en/topics/safety-and-standards/information-security/information-security-
requirements
Operational services
www.operational-services.de