Stay up to date

News, tips and hints from our TISAX® world

TISAX® – the different assessment levels and assessment objectives

Within TISAX® there are 3 assessment levels (AL1-3) and 10 assessment objectives, also known as TISAX® labels, depending on the grade protection requirements. You must select the appropriate ALs and test targets depending on your client’s requirements. To give you a better overview, we have compiled an overview here:

The assessment levels

Assessment level 1

Normal protection requirements
The lowest level: The AL1 is a pure self-disclosure and is hardly used in common practice. They are primarily used for internal purposes, have little informative value and are not used in TISAX®. The AL1 is identical to the VDA-ISA questionnaire with the difference that the results are shared simultaneously via the TISAX® platform.

Assessment level 2

High protection requirements
In addition to its own assessment of the security level, the AL2 undergoes a plausibility check by means of a telephone interview with an external testing service provider.
An on-site visit can take place in addition to this telephone call, for example at:

  • Ambiguities and deviations
  • Test objective “prototype protection” (independent of the protection requirement)
  • Test objective “Connection of third parties” (independent of protection requirements)

Assessment level 3

Very high protection requirements
With the AL3, a direct plausibility check of your self-assessment is always carried out on site by an accredited auditor.