Who does what?
Responsibilities TISAX®
Consultants, audit firms & the ENX
Responsibilities in the project
OPTIQUM
ENX
as authoriy to codify standards
Audit firms
listed with the ENX
OPTIQUM
- Advising companies on the implementation and improvement of their information security management systems (ISMS) in accordance with TISAX® requirements.
- GAP analysis with document review and internal on-site/remote audit. The result is a VDA-ISA self-assessment, which is also required for the actual TISAX® audit, as well as a report detailing the points that still need to be addressed.
- Support in preparing for the TISAX® assessment.
- Identification of weaknesses in the ISMS and providing recommendations for improvement.
- Workshops & trainings
ENX
as authoriy to codify standards
- ENX (European Network Exchange) acts as the umbrella organization that develops and maintains the TISAX® standard.
- Defining and updating the requirements and criteria for information security in the automotive industry.
- Providing resources and support for companies to achieve TISAX® compliance.
- ENX authorizes and lists audit firms that perform TISAX® assessments to ensure that companies meet the required security standards.
Audit firms
listed with the ENX
- Conducting TISAX® assessments at companies to ensure compliance with security requirements.
- Review of the implementation of security measures and processes in the ISMS.
- Creation of TISAX® reports and certificates for the audited companies.
- The audit firms are authorized by ENX and listed on its platform to carry out TISAX® assessments.
