VDA-ISA is a catalog of information security requirements based on the main aspects of the international standard ISO/IEC 27001. It is used by companies both for internal purposes and for evaluations of suppliers and service providers who process confidential information.

 

Since 2017, TISAX (Trusted Information Security Assessment Exchange) has established a common mechanism for evaluating and exchanging information security audits, in accordance with the VDA ISA, which is already used by more than 2,500 companies in more than 40 countries.

The ENX Association is the operator of TISAX, appointed by VDA, as responsible for assessing the assessment and maturity of the VDA-ISA benchmark.

 

 

What supports the VDA-ISA implementation:

• Selft-assessment: from TISAX, a self-assessment tool is provided to establish the maturity level.

• Compliance: with three control blocks

  • Information security - 41 controls

  • Prototype protection - 22 controls

  • Protection of personal data - 4 controls

 

Benefits of the VDA-ISA implementation:

• Contractual requirements covered

• Proactive approach to threats and risks

• Enhanced image with customers, shareholders and suppliers

• Competitive advantage with the competition

• Prevention of economic losses in emergency situations