On the fast track to TISAX® assessment
- Innovative
- Automated
- Flexible
- Qualified
Why is TISAX® important for my business?
Original Equipment Manufacturers (OEM) and other industry players expect potential business partners to provide the TISAX® label as proof of their information security. TISAX® is
therefore indispensable for your company in order to continue to operate successfully in the automotive industry and to maintain / gain new business relationships.
Why is NORM X the appropriate solution?
NORM X is our solution specially developed for TISAX®. NORM X guides your company through the TISAX® assessment with the help of our user-friendly IX Certification Engine (ICE) and our in-house experts.
IX CERTIFICATION ENGINE
With ICE, we define, implement, operate, and optimize your Information Security Management System (ISMS).
We prioritize user-friendliness and data security:
with ICE, you have everything on one platform
(“Single Source of Truth”), hosted in Switzerland.
- Information Management
- Document Management
- Customized Project Management
The dashboard always informs you about the exact status of your project and open to-dos. Of course, you can also manage several projects / certifications at the same time.
Our self-hosted, industry-specific AI “Lupa” answers all your questions about TISAXÆ and the assessment process.
We offer you a direct connection to German and international auditors via ICE.
ICE can be used by all your team members – regardless of location and language.
INTERESTED?
Would you like to find out more about ICE or our NORM X solution? Book a 30-minute online appointment free of charge. Click on the buttons below to switch to the online calendar tool.
Would you like us to provide you with an initial assessment of your current situation and your opportunities for implementing TISAX®? Book a free initial strategic consultation and find out how we can support you.
Advantages through innovation
For companies it is
- Expensive
- Complex
- Tedious
- Unpredictable
to achieve audit readiness and certifications the traditional way.
With our innovative NORM X solution and the IX Certification Engine, the preparation for the TISAX® assessment is
- Time and cost-optimised (streamlined processes)
- Scaled to your requirements
- User-friendly (even without prior knowledge)
- Transparent & comprehensive
OUR OFFER
NORM X
FOR TISAX®
- Certification-as-a-Service: Professional preparation for the TISAX® audit
- Starting at $2,990 per month
- Available Packages: Standard, Superior, Ultimate
- Evaluation of your current situation. Helps to decide whether, how, and when to start with TISAX®.
- Fixed price of $4,990
- If NORM X service is subsequently requested, the price will be reduced accordingly.
- Creation in just 4 weeks
Quick & easy route to the TISAX® label
Request offer now
"*" indicates required fields
FREE DOWNLOAD
INFO-FLYER
We summarized key facts about our solution for you in a document. You can easily request this document by e-mail.
"*" indicates required fields
TISAX® FAQ
TISAX® stands for Trusted Information Security Assessment Exchange and is a registered trademark of the ENX Association. It is a security standard for the automotive industry – originally initiated by the German Association of the Automotive Industry (VDA) – which is intended to help increase information security in the industry. TISAX® thus serves to review and certify the information security of companies. After successfully passing the audit, companies receive a TISAX® label, which strengthens the trust of customers and partners and can serve as a competitive advantage.
Currently, there is no legal requirement for TISAX® certification. However, there is an unofficial obligation to obtain the label in order to be / remain competitive in the industry. Many OEMs now require a TISAX® label for cooperation with suppliers or partners. If you are a supplier, partner or manufacturer in the automotive industry, it is therefore advisable to obtain certification in order to increase your business opportunities.
The more complex the requirements (assessment level 1 to 3 possible), the higher the costs tend to be. Various factors must be taken into account in order to determine the specific costs: Which assessment level according to TISAX® are you aiming for? Do you already have an ISMS established and is it already ISO 27001 certified? Etc.
The level 1 assessment is a self-assessment that is not audited by a service provider. It is therefore mostly only used for internal purposes. These assessment results are only of limited validity and do not constitute a valid TISAX® label. Most manufacturers therefore require at least Assessment Level 2.
In this case, the self-assessment is audited by an accredited auditor. These assessments are often carried out by telephone. An on-site test is only conducted if you have the “prototype protection” module tested or explicitly request an on-site test.
At Level 3, a comprehensive on-site audit of your self-assessment is carried out by an auditor. This takes 2-3 days on average.
Once you have successfully completed the Level 2 or 3 assessment, you will receive a label summarizing your exam results. The label, together with the information about your assessment, can then be viewed in the ENX portal for authorized participants. In return, you can of course also view the TISAX® labels and results of other participants.
Once you have received your label, it is valid for 3 years. It must then be renewed. The costs for renewal are usually lower than for initial certification because you already have experience and certain established information security processes.
The duration of the assessments can vary significantly and depends on various factors, such as the size of your company and the number of company locations. If the company is of average size, 2-3 days on site are sufficient for the assessment procedure itself. What may take more time, however, is the preparation for the assessment. The assessment or audit should only be carried out if you fulfill the TISAX® requirements from the VDA-ISA questionnaire. Otherwise, you will not pass the audit and will not receive a label. There is a risk that you will have to undergo a follow-up audit, which in turn involves additional costs.
The preparation and examination process can take up to 8 – 12 months. The examination process itself must not take longer than 9 months from registration, otherwise you will not receive a label. Therefore, sufficient preparation for the assessment is crucial!
An already implemented and certified ISMS (information security management system) in compliance with the ISO 27001 standard is not a prerequisite for the TISAX® assessment. For the assessment, you only need to prove that you work with an information security management system and that the corresponding processes and procedures are implemented in the company. However, an existing ISO 27001 certification will provide you with a solid groundwork for the TISAX® certification.
Our scalable NORM X solution guides your company to the TISAX® assessment with the help of an information security officer from our company, automated processes, checklists and instructions. We tailor the service specifically to the needs of your company. In doing so, we enable up to 50% TCO and time savings.
TISAX® is a registered trademark of the ENX ASSOCIATION. ISEGRIM X has no economic relationship with ENX. Mentioning the TISAX® trademark does not imply any statement by the ENX Association as to the suitability of the services advertised herein.