Guides

8 steps to the label for TISAX®: your roadmap for implementation

Approach the assessment on TISAX® in a pragmatic way

Find out how to organise your team, what the necessary deliverables are for each step, and the estimated timeframe to expect.

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

This guide includes:

  • A breakdown of the individual steps on the road to a successful assessment on TISAX®
  • The results and goals you should strive for in your assessment 
  • The deliverables to be produced at each step 
  • Estimated times per step, based on our experience working with companies like yours
Download guide
Look Inside TISAX Implementation Roadmap - UK 1 Look Inside TISAX Implementation Roadmap - UK 2-1 Look Inside TISAX Implementation Roadmap - UK 3-1

ROADMAP FOR CERTIFICATION ON TISAX®

As the digital landscape evolves, the need for robust information security measures has become increasingly paramount. TISAX® (Trusted Information Security Assessment Exchange) has emerged as a pivotal platform, particularly within the automotive industry, to ensure that organisations meet stringent information security requirements. Derived from ISO 27001, TISAX® serves as a comprehensive catalogue of criteria and questions for information security, encompassing general information security, prototype protection, and data protection.

Join us on this journey to fortify your organisation's information security posture and gain invaluable insights into the world of certification on TISAX®.

8-Tips-for-certification-on-ISo-27001-_-TISAX®_THUMB

In order to be able to play the desired video, you agree that a connection to the servers of YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA is established. This transmits personal data (device and browser information (in particular the IP address and operating system) to the operator of the portal for usage analysis. 

You can find more information about the handling of your personal data in our privacy policy. 

8 steps to certification

From initial education and assessment to the final certification audit, each phase plays a crucial role in successfully implementing an Information Security Management System (ISMS).

Step 1: Complete gap analysis questionnaire

To build your ISMS or review an existing one, we first need to understand what information assets your business is trying to protect and what documentation (policies, processes, procedures) exist today which can be repurposed and adapted to form part of your ISMS. We run this discovery process through our platform, where you can answer the comprehensive questionnaires which cover all chapters of the Information Security Management System (ISMS). Simply answer them at your own pace.

Deliverables: A report outlining your biggest process gaps & risks

 

Step 2: Project plan

Off the back of the gap analysis, you and your expert will create a set of tasks to work on in the coming days and weeks. Our platform also generates a set of recommendations based on the gaps in your information security, which will be automatically available as tasks for you. You prioritise the tasks and assign them to relevant owners. Your DataGuard expert is there to provide you with more clarity to recommendations and will also work on a joint action plan.

Deliverables: Clear next steps to prepare for TISAX®, plus a joint action plan

 

Step 3: Asset management

Our platform enables you to track and classify all information assets according to the level of protection needed and assess associated risk for each asset. Your assets can be imported from a CSV file and easily maintained by adding and deleting assets. If you can provide evidence of this centralised and standardised documentation for all of your company's databases, nothing stands in the way of your certification on TISAX®.

Deliverables: A living record of all company assets established

 

Step 4: Risk management

Using inputs from the gap analysis and asset inventory, our risk management feature will create a risk map which gives your team a complete overview of your risks and vulnerabilities. Our experts help you interpret these risks and define the appropriate response your business should take (e.g., not having a business continuity and disaster recovery plan in place).

Deliverables: A visual overview of your biggest risks and vulnerabilities so that your team can prioritise what to tackle next.

Express lane towards TISAX®


Get ready for your certification on TISAX® in as little as 3 months 

Book a demo
Dataguard TISAX Certificate

Step 5: ISMS documentation

The Documentation dashboard is the centralised location for all your ISMS documents and policies. Easily upload any existing documents and generate others via questionnaires or readymade templates. To generate policies, answer some questionnaires, and our platform will automatically generate the mandatory policies necessary for the audit. Your DataGuard infosec expert reviews all documentation to ensure they meet the requirements to comply with TISAX®.

Deliverables: Establishing all ISMS documentation & policies for your audit for TISAX®

 

Step 6: Internal audit

An internal audit of your ISMS is prepared and executed by our information security experts over two days of workshops. Our platform generates Internal Audit Protocols for every chapter of the ISMS. DataGuard will drive this step alongside the management review; your team will merely need to facilitate it.

Deliverables: Audit review protocols created, which is a prerequisite for the audit

newsletter-image-cta-700

Step 7: Management review

This is a meeting where you will discuss and review the most relevant ISMS topics with the leadership team and other ISMS stakeholders who can give important feedback and inputs. Our platform generates a Management Review Protocol, along with meeting notes and minutes.

Deliverables: Management review protocols created, which is a prerequisite for the audit

 

Step 8: External audit and certification

At this point, our platform is your living ISMS, providing proof of your processes, policies and risk management for the external auditor. Your DataGuard expert supports the process by guiding you on which auditing body to select. We are well-versed in the process, so we will be able to give you step-by-step assistance and guidance to avoid common pitfalls.

Deliverables: Certification Audit Preparation Plan, Corrective Action Plans for Non-Conformities

 

Do you have unanswered questions regarding the process for the certification on TISAX®? Don't hesitate to reach out to us for a free consultation.

Get in touch

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

All data provided is for information only, based on internal estimates. This information is not indicative of KPIs, and is not given with any warranties or guarantees, expressly stated or implied in relation to accuracy and reliability.

 

Don’t miss these topics:

Related Resources

Bringing complete peace of mind
to over customers

Canon-4
Hyatt-3
Holiday Inn Düsseldorf
Unicef UK-1

Contact Sales

See what DataGuard can do for you.

Find out how our Privacy, InfoSec and Compliance solutions can help you boost trust, reduce risks and drive revenue.

  • 100% success in ISO 27001 audits to date 
  • 40% total cost of ownership (TCO) reduction
  • A scalable easy-to-use web-based platform
  • Actionable business advice from in-house experts

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • External data protection officer
  • Audit of your privacy status-quo
  • Ongoing GDPR support from a industry experts
  • Automate repetitive privacy tasks
  • Priority support during breaches and emergencies
  • Get a defensible GDPR position - fast!

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Continuous support on your journey towards the certifications on ISO 27001 and TISAX®️, as well as NIS2 Compliance.
  • Benefit from 1:1 consulting
  • Set up an easy-to-use ISMS with our Info-Sec platform
  • Automatically generate mandatory policies
Certified-Icon

100% success in ISO 27001 audits to date

 

 

TISAX® is a registered trademark of the ENX Association. DataGuard is not affiliated with the ENX Association. We provide consultation and support for the assessment on TISAX® only. The ENX Association does not take any responsibility for any content shown on DataGuard's website.

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Transparent consent collection
  • Comply with GDPR, CCPA, LGPD, ePrivacy, and more
  • Consolidate consents across multiple touchpoints
  • Support from privacy experts
  • Integrates with your marketing tools and CRM

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Proactive support
  • Create essential documents and policies
  • Staff compliance training
  • Advice from industry experts

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Get to know DataGuard

Simplify compliance

  • Comply with the EU Whistleblowing Directive
  • Centralised digital whistleblowing system
  • Fast implementation
  • Guidance from compliance experts
  • Transparent reporting

Trusted by customers

Canon Logo Contact Hyatt Logo Contact Holiday Inn Logo Contact Unicef Logo Contact Veganz Logo Contact Burger King Logo Contact First Group Logo Contact TOCA Social Logo Contact Arri Logo Contact K Line Logo Contact

Let's talk