Suppliers to the automotive industry are routinely asked one question before a contract is signed: can you prove your information security is sound? TISAX — the Trusted Information Security Assessment Exchange, governed by the ENX Association — is the mechanism the sector uses to answer it, providing a standardised, shareable assessment of information security maturity based on the VDA ISA catalogue. If you supply parts, engineering, software or services to OEMs and Tier 1 manufacturers, TISAX readiness is often the price of doing business. This toolkit prepares you for assessment with a purpose-built documentation set.
Included documents
- Information security policy suite and ISMS scope statement
- Information security risk assessment methodology and risk register
- Asset management, access control and identity management procedures
- Supplier, third-party and prototype-protection procedures
- Physical security and data protection procedures aligned to the VDA ISA controls
- Incident management, business continuity and backup procedures
- Awareness training, HR security and acceptable-use records
- Internal audit, corrective action and management review templates
The pack includes a complete set of editable templates structured around the VDA ISA control catalogue that TISAX assessments are based on.
The advantages
- Assessment-ready: content maps to the information security, prototype protection and data protection objectives an assessor reviews.
- Substantial time saved: a ready-made ISMS foundation cuts out weeks of writing and control mapping.
- Edit freely: supplied as Microsoft Word and Excel files you can align to your scope and assessment level.
- No consultant premium: one download in place of a costly preparation engagement.
Download the TISAX toolkit, tailor it to your operations, and approach your assessment with the documentation an automotive-grade ISMS demands.























