ESCRYPT passes TISAX certification with flying colors
ESCRYPT has achieved TISAX certification for all its sites in Germany. In the audits to verify that quality assurance for information security meets the standard laid down by the German Association of the Automotive Industry (VDA), the ESCRYPT branches passed with flying colors.
The connection and globalization of the digital future in the automotive industry has numerous advantages, but the internal and external risks for companies are also increasing. To counter these, suitable protective measures must be established. The digitization of business processes across company boundaries therefore requires a comparable level of information security for all those involved, which is guaranteed across the entire value chain.
Experts from the German automotive industry work together in the “Verband der Automobilindus-trie” (VDA) Information Security Working Group to develop common standards and appropriate protective measures. A major result of this cooperation is an industry standard for information se-curity assessments – the VDA Information Security Assessment (ISA) Catalog. It follows very closely, with some industry-typical characteristics, the requirements of an Information Security Management System (ISMS) according to ISO 2700x. The VDA recommends that companies involved in the value-added chain of the automotive industry establish information security on the basis of the VDA ISA.
Since 2017, the TISAX certification is required in the automotive business by many automobile manufactures. TISAX, short for Trusted Information Security Assessment Exchange, is a standard for information security defined by the VDA. It accredits the audit service providers and monitors the quality of the implementation and the assessment results. This is to ensure that the results corre-spond to the desired quality and objectivity and that the rights and obligations of the company registered in TISAX are protected. Audits according to VDA ISA, especially for service providers and suppliers, are carried out by ENX Association accredited testing services providers.
The certification is location-bound, so every single branch must go under audit to receive the certi-fication. This year’s audition was performed in the beginning of November and ESCRYPT received a very positive feedback from TISAX’s auditor stating that “it is very rare to issue a certification with such an exemplary status as ESCRYPTs”.
ESCRYPT’s TISAX status is as follows:
- Information security level high for all ESCRYPT locations (Bochum, Berlin, Stuttgart-Feuerbach & Munich)
- Implementation of requirements for prototype protection for the ESCRYPT locations Berlin & Munich
You can find more information about TISAX here.