SC140: Successfully & Efficiently Implement TISAX® and VDA ISA Requirements

Training: Governance, Risk & Compliance - Security - Certification

Participants receive a practical introduction to the TISAX® standard based on the VDA ISA. The course covers requirements and implementation options for suppliers, service providers, and dealers in the automotive industry. It addresses assessment, information security, and data protection in the industry-specific context, as well as the advantages of TISAX® as a trust anchor.

Unfortunately there are currently no available appointments.
Would you like to request an appointment? Then click on 'No matching appointment?'

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • TISAX®, VDA-ISA 6 and ISMS – An overview

  • Introduction to information security management system (ISMS)

  • Risk management
    • Methodology for risk assessment and treatment
    • The relationship between assets and risks
    • Execution of the process (BIA) and creation of a risk matrix (risk treatment plan)

  • Interfaces in the supply chain / Automotive Industry Terminology

  • The maturity level model of VDA ISA 6
    • Significance of maturity levels
    • What is a target maturity level?
    • Consequences of maturity levels (CIP, document control, audits)

  • Organizational processes I
    • Understanding and identifying organizational processes
    • Representation of processes and interfaces

  • Organizational processes II
    • Assignment of organizational processes to the ISA catalog and consideration of interfaces

  • The requirement levels & best practices
    • Which requirement levels exist
    • Relationship: Process – requirement level - maturity level
    • Security zones
    • Perspectives and protection classes

  • VDA-ISA 6 information security requirements part I
    • Do I need an ISO 27001 certification?
    • Management responsibility
    • Incident management
    • Effectiveness verification

  • VDA-ISA 6 information security requirements part II
    • Policies
    • Roles and responsibilities
    • Personnel
    • Inventory
    • Additional measures

  • Data protection
    • GDPR – a legal requirement
    • What about companies outside the EU?
    • Best practices

  • Prototype protection
    • Physical security
    • Contracts and specifications, identification of requirements (TL)
    • Handling of vehicles and parts
    • Best practices

  • TISAX® Assessments according to ENX, part 1
    • The structure of ENX, participants (registration) and the participant handbook
    • Terminology and origin
    • Scope and its definition (systems and interfaces)
    • Types and elements of assessment / significance of labels and their usage

  • TISAX® Assessments according to ENX, part 2
    • Exchange of assessment results (platform) – published information
    • Internal project management and top management responsibility
    • Competence of internal auditors, role/function of ISB and resources
    • Procedure for selecting an assessment service provider

Objectives:

The objectives of the TISAX® Workshop and VDA ISA requirements are:

  • Learn about the requirements of the TISAX® industry standard and practically implement the specifications of the VDA-ISA 6 catalog.
  • Gain an understanding of the organizational processes in the automotive industry and their alignment with the VDA-ISA catalog.
  • Obtain an overview of the necessary assessment and its regulations.

Target audience:

The training Successfully & Efficiently Implementing TISAX® and VDA ISA Requirements is aimed at:

  • CIOs
  • CISOs
  • Information Security Officers
  • Quality Managers
  • as well as specialists within the company who need to better understand and implement the automotive industry's information security requirements.

Prerequisites:

There are no prerequisites for participating in the TISAX® training.

Description:

TISAX VDA ISA Standard The protection of information and processes is one of the central tasks of corporate management. The challenges for the automotive industry in view of increasing threats from cybercrime and industrial espionage are enormous.
Autonomous driving, digitalization, industrial security, AI have been added as further requirements for information security and data protection in the automotive industry. Thus, the topic of information security is gaining increasing importance when it comes to collaboration with suppliers, service providers and dealers.

You will learn to implement the fundamentals of the TISAX® standard and prepare for the assessment in a targeted manner. You can apply the requirements of the VDA-ISA 6 catalog using practical examples and meet the required maturity level of your IT security.

Other Info:

What is TISAX®?
TISAX (= Trusted Information Security Assessment Exchange) was developed by the German Association of the Automotive Industry (VDA) and the European Network Exchange (ENX) based on the ISO27001 standard and the VDA-ISA requirements catalog for assessing information security. At the same time, TISAX is a model for the mutual recognition of information security assessments of various suppliers and service providers in the automotive industry. Today and in the future, it is intended to serve as a standard for mutual trust in the assessment of information security and data exchange for automotive OEMs in Europe, China, and beyond.

TISAX® simply explained - The most important information about the standard Watch the video

TISAX® is a registered trademark of the ENX Association based in France and Germany.
check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

1.850,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.