SCHUTZWERK renews TISAX certification

We are very pleased that SCHUTZWERK has successfully renewed its TISAX certification (Trusted Information Security Assessment Exchange). After a multi-day, intensive assessment by an accredited auditor, we have once again met all relevant security criteria of the German Association of the Automotive Industry (VDA). The certification is now valid for another three years and confirms our high level of information security in the automotive context.

What is TISAX?

TISAX is an assessment and exchange mechanism for information security that was introduced in 2017 by the German Association of the Automotive Industry (VDA) with the ENX Association. Many automotive manufacturers and suppliers require their business partners to have TISAX certification to ensure the protection of sensitive information such as processes, trade secrets, and prototypes. The TISAX standard is based on ISO/IEC 27001 and has been specifically adapted to the requirements of the automotive industry.

Assessment Level 3 achieved

We are particularly proud to have once again achieved the highest security level, Assessment Level 3. At this assessment level, all our descriptions and evidence for each individual control criterion were examined in detail and verified through on-site inspections. Our auditors were particularly impressed by:

• Our comprehensive Information Security Management System (ISMS)
• The carefully documented IT infrastructure with precise processes
• Our access protection measures and authorization concepts
• Regular security training for all employees

Successful certification for two demanding TISAX labels

During the recertification, we also carried out the assessment for two particularly demanding TISAX labels:

Protection of Prototype Parts and Components

This label certifies our ability to protect classified components and parts according to the highest automotive standards. According to the TISAX participant manual, this label applies to “all companies that manufacture, store, or are entrusted with components or parts classified as requiring protection at their own locations”.

To meet this requirement, at SCHUTZWERK we implement a multi-layered protection approach:

Physical Protection Measures

• Secured access control systems with multifactor authentication
• Separate protection zones per customer project and project team
• Special storage locations with defined access restrictions

Organizational Protection Measures

• Strict confidentiality agreements with clear sanction mechanisms
• Regular awareness and security training for all employees
• Clearly defined responsibilities and transparent processes

Specific Measures for Prototypes

• Documented procedures for handling, transport, and disposal
• Special labeling and inventory processes
• Tenant separation and compliance with customer-specific requirements

Strictly Confidential

The “Strictly Confidential” label certifies our ability to process and protect information with very high confidentiality requirements. According to the TISAX participant manual, this label is relevant for “all companies that receive and process information that has a very high need for protection regarding confidentiality or is classified as strictly confidential or secret according to their own classification scheme”.

To meet the strictest confidentiality requirements, we have implemented the following measures, among others:

• Encryption of sensitive data both at rest and during transmission
• Strict access controls according to the principle of least privilege
• Automated audit trails and logging for all access to confidential information
• Secure remote access solutions with multifactor authentication
• Regular review and updating of security measures

Both labels require the highest Assessment Level 3 with comprehensive verification measures and evidence.

Continuous improvement of our security measures

The TISAX assessment is not just a snapshot for us, but part of a continuous improvement process. We regularly review and optimize our security measures to always be at the state of the art and to meet the constantly growing requirements of the automotive industry.

Benefits for our customers

The successful renewal of our TISAX certification with the demanding labels offers our customers numerous benefits:

• Integration into automotive industry supply chains by meeting industry-specific requirements
• Legal certainty through compliance with strict information security and data protection standards
• Protection of confidential information and prototypes at the highest security level
• Trust through proven competence in handling sensitive data and materials
• Knowledge transfer through our own experiences with the TISAX assessment

With our many years of expertise in the automotive field and our own TISAX certification, we are well-equipped to support our customers through our Automotive Security Assessment and to guide them in achieving their own TISAX certification.

In addition to TISAX, SCHUTZWERK also holds ISO/IEC 27001 and ISO 9001 certification. More details about our certificates can be found on our certification page .