TISAX®, an information security mechanism in the automotive industry Based on the standard ISO 27001 and adapted to the requirements of the automotive field, the TISAX® (Trusted Information Security Assessment Exchange) mechanism was developed by the VDA (Verband der Automobilindustrie, the German automotive industry association) in partnership with an association of European automotive manufacturers, called the European Network Exchange (ENX). The TISAX® security audit mechanism allows the mutual acceptance of information security assessments (carried out by trusted and certified third parties) in the automotive industry and provides a common evaluation mechanism for professional exchanges. The TISAX® mechanism is deployed by manufacturers such as Volkswagen, BMW, Audi, Porsche, Mercedes, Daimler. It is also used by equipment suppliers such as Continental, Bertrand, Bosch, Magna Steyr, to check their IT security. The idea is to create added value to data exchanges between manufacturers and suppliers in order to reduce costs and save time. For instance, to what extent can a partner (a manufacturer) “trust” a supplier or another partner? And how will the confidential information be properly handled and protected? To answer these questions, the TISAX® assessment allows, based on objective criteria, to certify the implementation of security measures in relation to objectives. Thus, a “community” of TISAX®-certified users can work together in a network and most importantly with complete trust. The four main themes of the TISAX® assessment are information security, connections to third parties, prototype manipulation and data protection.In particular, the TISAX® assessment ensures that an ISMS (Information Security Management System) is deployed and controlled (without the need to be ISO 27001 certified). The implementation of a thoughtful and structured ISMS already provides a guarantee of trust and quality.As a software publisher, Systancia offers solutions that meet the security needs of any organization. Systancia provides the new generation of application delivery infrastructure, focused on security and users. It is a known European player in the virtualization, cybersecurity and digital trust markets, and its product portfolio includes : Systancia Workplace, formerly AppliDis Fusion, for application and desktop virtualization (VDI)An access window to a remote desktop or applications. The virtualization of desktops or applications consists of displaying applications or a desktop on the user's computer, which are installed or... More; Systancia Gate, formerly IPdiva Secure, for identification, authenticationPrimary or secondary authentication Authentication allows a user to guarantee his or her identity before accessing a resource or service. Primary authentication will give user access to the workstation (Windows... More and access control; Systancia Cleanroom, formerly IPdiva Safe, for the monitoring of privileged users (PAMPrivileged Access Management. PAM is a technology for managing access and authentication of authorized users, usually information system administrators, to administrative resources or applications. The main objective is to secure... More); Systancia Cleanroom, formerly IPdiva Cleanroom, for the separation between the administration environment and the usual environment; Systancia Access, formerly Avencis SSOX for unified authentication (SSO) and more secure connections to IS resources; Systancia Identity, formerly Avencis Hpliance, for identity and access management (IAM)A set of processes that manage a user's identity on the network. Identity and Access Management (IAM) is the set of processes that manage a user's identity on the network.... More to allow the organization modeling and the definition of automatic permission assignment rules. Since 2018, all companies wishing to work for customers in the German automotive industry need a TISAX® certificate. Systancia is able to provide the technological components to meet the technical needs required for the TISAX® certification process. Systancia is not a TISAX® certification organisation. Its solutions can only help you to obtain it. TISAX is a registered trade mark of ENX Association.