SBS - The Best Value in QMS software

Automotive News TISAX - VDA ISA (information security assessment)

Richard Regalado

Trusted Information Resource
#1
To help secure the ever-increasing connectivity in the automotive industry, the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) developed a catalogue of criteria for assessing information security. The VDA Information Security Assessment (German and English) is based on the fundamentals of the international ISO/IEC 27001 and 27002 standards adapted to the automotive industry. In 2017, it was updated to cover controls for the use of cloud services.

VDA member companies used this instrument both for internal security assessments and for assessments of suppliers, service providers, and other partners that process sensitive information on their behalf. However, because these evaluations were handled individually by each company, it created a burden on partners and duplicated effort on the part of VDA members.

To help streamline evaluations, the VDA set up a common assessment and exchange mechanism, the Trusted Information Security Assessment Exchange (TISAX). The catalogue of underlying TISAX requirements, Questionnaire for Checking Information Security Assessment and Information Security Management, Vers. 4 (German and English), provides common standards for IT security measures, and enables companies registered in TISAX to share assessment results. The VDA entrusted a neutral third party, the ENX Association, with TISAX implementation. In that capacity, it accredits audit providers (auditors), maintains the accreditation criteria and assessment requirements, and monitors the quality of implementation and assessment results.

This link contains information from the VDA site including the VDA ISA assessment tool.
VDA
 
Elsmar Forum Sponsor

Richard Regalado

Trusted Information Resource
#3
Is Tisax assessment conducted by certified auditors similar to ISO/IEC 27001 audit?
There is a TISAX checklist that is used and a maturity level is used instead of the usual binary - conformity or nonconformity for ISO/IEC 27001 audits. Auditors also need to show competency in IATF 16949.
 
#4
Thank you for your support.
Could you provide me information how to build good list of assets? Should every piece of information (documents), software and hardware should be included in the list? I'm struggling with very big amount of data.
 

Richard Regalado

Trusted Information Resource
#5
Thank you for your support.
Could you provide me information how to build good list of assets? Should every piece of information (documents), software and hardware should be included in the list? I'm struggling with very big amount of data.
Sorry for the late reply Akinom.

Before I answer, may I know why you are building a list of assets?
It's not a requirement of ISMS.

Richard
 
#6
Sorry for the late reply Akinom.

Before I answer, may I know why you are building a list of assets?
It's not a requirement of ISMS.

Richard
It is required by VDA ISA in control 8.1 (To what extent are inventories existent for objects (assets) that contain information in different versions?).
Isn't it?
 
Thread starter Similar threads Forum Replies Date
M VDA 6.3 – Workshop for Certified Process Auditor VDA Standards - Germany's Automotive Standards 1
OpExPro AIAG VDA FMEA Rating Tables FMEA and Control Plans 5
OpExPro The note at the bottom of DFMEA occurrence tables in AIAG VDA FMEA FMEA and Control Plans 0
OpExPro AIAG VDA DFMEA Template Required FMEA and Control Plans 2
John C. Abnet VDA 6.3 - Question 7.3 - "blocking of parts" VDA Standards - Germany's Automotive Standards 6
John C. Abnet VDA 6.3 questionnaire form VDA Standards - Germany's Automotive Standards 1
M "Issue & continuous improvement" columns in AIAG-VDA PFMEA form FMEA and Control Plans 4
C AIAG-VDA PFMEA - 1st special Characteristics? [5step vs. 6step] FMEA and Control Plans 3
B VDA Manufacturing and Related Processes 0
B EMPB (Erstmusterprufbericht) VDA form confusion + PSW VDA Standards - Germany's Automotive Standards 4
J Which OEM or customers are now requiring the new AIAG/VDA FMEA format? FMEA and Control Plans 6
M Any way to execute VDA 6.3 audit remotely? VDA Standards - Germany's Automotive Standards 3
sutie How to understand VDA 6.3 2016 P4.1 VDA Standards - Germany's Automotive Standards 6
C AIAG/VDA FMEA - Is the new better? FMEA and Control Plans 0
P VDA AIAG FMEA - Slides for Quality Audience FMEA and Control Plans 4
M Is there any pre-defined Control plan format/template acc. VDA? VDA Standards - Germany's Automotive Standards 1
B AIAG/VDA’s FMEA Manual Is a Major Advance (my take on this subject) FMEA and Control Plans 2
B AIAG-VDA FMEA - When the new format will be required FMEA and Control Plans 5
Q VDA 6.3 questions vs IATF 16949 clauses VDA Standards - Germany's Automotive Standards 0
M How to complete structure Analysis and Function analysis sections' columns of AIAG-VDA DFMEA form FMEA and Control Plans 0
B VDA 6.3 Qualification as Process Auditor training course and exam VDA Standards - Germany's Automotive Standards 0
C FMEA Process assessment In the Draft for the AIAG/VDA FMEA Manual is gone FMEA and Control Plans 0
M MANUAL FMEA VDA VDA Standards - Germany's Automotive Standards 1
S Yellow print VDA 4 VDA Standards - Germany's Automotive Standards 0
D Where (in US) can I get the VDA Auditor Edition book? VDA Standards - Germany's Automotive Standards 3
K AIAG/VDA FMEA & Process Control Plans FMEA and Control Plans 0
D FMEA-MSR in the AIAG-VDA Aligned Handbook - What is it? FMEA and Control Plans 5
J Customer VDA Audit - We must provide refresher training? VDA Standards - Germany's Automotive Standards 4
bobdoering AIAG VDA FMEA Handbook - 2019 - something familiar about this.... FMEA and Control Plans 37
J Supplier choice limitation - Many of them dont have PSCR, VDA or even ISO 9001 VDA Standards - Germany's Automotive Standards 0
L VDA 1 Documented Information and Retention (new revision 4, August 2018) VDA Standards - Germany's Automotive Standards 0
S New to the automotive business and VDA VDA Standards - Germany's Automotive Standards 5
Q VDA 6.3 Process Auditor Card VDA Standards - Germany's Automotive Standards 1
Q GAP Analysis between IATF 16949 and VDA 6.3 wanted VDA Standards - Germany's Automotive Standards 4
C VDA Vol.4 - Evaluation of an FMEA FMEA and Control Plans 0
D VDA 6.4 Audit checklist - Production tool suppliers VDA Standards - Germany's Automotive Standards 1
J VDA audit, control plan - My hair is almost gone now VDA Standards - Germany's Automotive Standards 5
R Information on the roll out of the new harmonized DRAFT FMEA AIAG/VDA manual IATF 16949 - Automotive Quality Systems Standard 4
G Options for failing a VDA POTENTIAL audit VDA Standards - Germany's Automotive Standards 2
S VDA 5 Variables Data GR&R Spreadsheet wanted Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 3
P VDA 6.3 - How can I build the process NTF? VDA Standards - Germany's Automotive Standards 2
D VDA Trigger Matrix in the VDA 6.2 Manual - Interpretation and Use VDA Standards - Germany's Automotive Standards 3
T PPAP differences between TS16949 and VDA APQP and PPAP 1
Q VDA 6.3 Certified Auditor Training in the United States VDA Standards - Germany's Automotive Standards 1
K VDA 2 Requirements of Tests for PPA VDA Standards - Germany's Automotive Standards 2
xfngrs What are the VDA equivalents to AIAG manuals? VDA Standards - Germany's Automotive Standards 1
O VDA 6.3 Process Audit Template wanted VDA Standards - Germany's Automotive Standards 5
Moncia Tall Manufacturer - VDA Audit - Which parts of the audit apply to us? IATF 16949 - Automotive Quality Systems Standard 4
P New Yellow Print VDA 6.3 (2016) VDA Standards - Germany's Automotive Standards 10
A VDA 4 and PFMEA - What's main difference? VDA Standards - Germany's Automotive Standards 0

Similar threads

Top Bottom