Andrew Buldyzhov, CIO
TISAX Implementation and Certification
Scope definition is crucial for VDA ISA and TISAX. Any mistakes at this stage can lead to excessive implementation and maintenance works or to problems with the certification. In addition, we perform the initial prioritization of tasks, to allow you to get the most important security measures as soon as possible. We perform this stage for you free of charge. When you are sure that you are interested in working with us further, we will send you a commercial offer and sign a service agreement.
This stage usually takes 3 to 4 weeks, depending on the scope. We interview your employees, verify documents, assess physical security and the perimeter, etc. This stage includes an analysis of the current state of the processes and information security management controls, business processes and technological processes; analysis of the physical security of the premises, personnel, IT infrastructure, etc. The outcome of this stage is an initial audit report, gap analysis and a detailed schedule for the implementation of the VDA ISA controls.
This stage is usually performed within 4 to 9 months, depending on the scope, initial state, requirements and the results of the previous stage. We perform: building and automation of the ISMS using the appropriate GRC tools; implementation of basic security management processes (incident, change management, etc.); implementation of the necessary basic security measures and controls; implementation of the basic SDLC elements; training for employees in security policies and rules; development and calculation of KPI. The result of this phase is not just a set of documents and records that correspond to your actual processes, but also a new security culture within your organization and the highest degree of readiness for official certification.
The certification process usually lasts 1-3 months, depending on the approved scope. During this stage, we will select the certification body, perform a pre-audit, make the necessary corrections and conduct the certification audit. During the audit, we represent you and show what we have built for you. After that, the auditor analyzes the results, collects the evidence and produces the final report. Finally, you get the TISAX certificate, become officially compliant and can proudly share the assessment results with your clients through the ENX portal.Details.
Support and Managed Compliance
Learn more about us.
News and recommendations
- Read our case study on the implementation of TISAX in a company that develops automotive systems. We are proud that we have completed one of the first TISAX certification projects in Eastern Europe. After that, we used our experience to deliver other TISAX projects. We were the first and remain the best!
- We recommend VDA ISA and TISAX Compliance Assessment Online Wizard for you. Check within 30 minutes to what extent your company complies with VDA ISA and TISAX, and also how much time you need to achieve full compliance and certification.
- Consider our assistance in the implementation of ISO/IEC 27001, ISO/IEC 27002, ISO/TS 16949, ASPICE (Automotive Software Performance Improvement and Capability dEtermination) and GDPR (General Data Privacy Regulation) compliance. Fill in the form below to get a free consultation.