TISAX® CONSULTANCY FOR SMEs

We have structured our TISAX® consulting specifically for medium-sized businesses. TISAX® helps your company maintain high safety standards. With our consulting, we increase your entire manufacturing process quality. We are there for you from GAP analysis to accompanying you during your audit.

TISAX® Consultancy: Our Experience

We help you accelerate your TISAX® certification by performing a GAP analysis, and preparing the relevant documents, and accompanying you during the audit.

We have more than 10 years of experience in preparing and supporting our clients to acquire the TISAX® label and recertification. We have helped more than 40 companies so far.

Our Advantages in Short

  • No hidden or additional costs, all-inclusive prices for your TISAX® label
  • Fair price structure depending on the company size
  • Templates for ISMS, TISAX® processes, TOMs and all necessary documents available as templates
  • Orientation of our TISAX® consulting according to your requirements, no one-size-fits-all approach

Why I will need TISAX® Consultancy?

Of course, not every company needs TISAX® consulting. Perhaps you are an IT system house, an IT or information security service provider who has experience with the topic and would like to assign a team to TISAX®. Then you might manage to get the label on your own, without consulting. If that is not the case, then with external help you can speed up your way to the TISAX® label, reduce costs and save a lot of time.

Below are some of the benefits of working with our TISAX® consultancy:

  • Shortened overall project duration
  • Avoidance of additional costs for re-audits
  • A deeper understanding of the concepts and motivation behind the TISAX® label
  • Avoidance of delays in the final label, missing bids, etc.

TISAX® Consultancy Costs

Of course, costs vary from company to company, both as an auditor and as a consultant. However, we have summarized the available options with the corresponding price ranges.
The costs can be broken down into 3 parts, which will be explained in detail:

  • GAP Analysis: A GAP analysis is like an X-ray of a doctor. The GAP analysis shows you the current situation and what needs to be done to get the TISAX® label. Hence the TISAX® roadmap. It can be conducted as a one-day workshop and, based on experience, costs between 3 and 10k €.
  • Preparation, self-assessment, technical and physical security analysis, ISMS structure: this is the most labor-intensive part of the TISAX® project. This part can be very expensive, so it starts from 8 to 20k €.
  • Setting up policies, processes, necessary documentation, and audit support: this is the last part of your TISAX® project. The price range is between 6 and 15k€ for this part.

Overall, the budget requirement is between 15k-30k€. If you calculate with a team of 2, the consulting pays off if you save 1 week of working time, which is the case in most cases.

If you need in-depth information about TISAX® costs, feel free to ask for a quote.

Are you ready to start your TISAX® Project?

Then our TISAX® Workshop is made for you.  At the end of this one-day workshop, you will receive your thorough GAP Analysis as well as your TISAX® Roadmap.

How much effort do I need to estimate to implement the TISAX® requirements?

Before we can answer this question, we need to clarify a few things. What level of TISAX® certification do you want? Do you need data protection? Prototype protection? Yes, TISAX® is a complex certification that requires policies, guidelines, and processes in various areas such as the IT department, HR, back-office, and management.

If your organization has an ISMS structure in place, has defined roles for ISO and ITSO, and already has processes in place for change management, patch management, etc., it could be relatively easy to pass the audit. However, since TISAX® is a specific certification for the automotive industry, the requirements are very detailed.

Long story short, even if you have an excellent IT team, implementing TISAX® requirements requires interdisciplinary work. For example, if your company already has ISO 27001, you’ll likely have to spend less time than a company starting from scratch. Nonetheless, if your company needs to protect data and/or prototypes, you will need to invest more time in this topic.

In general, a TISAX® project takes between 3 and 6 months, as mentioned, depending on the certification level, the readiness of your company, and availability of the auditing company.

Your Road to TISAX® Label

  • Preparation- GAP Analysis: We start with the GAP analysis so we can define exactly where your maturity level is.
  • ENX Registration
  • Auditor Selection: We can help you with the selection and engagement of the audit firm.
  • Audit Preparation
    • ISMS setup and implementation
    • Self-Assessment: Do you want to quickly perform a TISAX® assessment? Then click here.
  • Internal Audit
  • TISAX® Audit: Depending on the TISAX® level, this can be on-site or remote.

Do you want to run a free of charge Self-Assessment?

We have prepared a free of charge Self-Assessment to estimate your readiness level for your TISAX® certification.  Here is the step for step Guide!

What it TISAX®?

Let’s start with the acronym. TISAX® stands for Trusted Information Security Assessment Exchange. Or as it is known in the industry, ISO 27001 for automotive. In 2017, the German Association of the Automotive Industry (VDA) published its catalog of requirements for information security in the automotive industry.

Source: https://portal.enx.com/en-US/enxassociation/

Prior to TISAX® certification, VDA members conducted assessments for their suppliers, partners and service providers in addition to their internal assessments. However, this individual assessment per supplier required partners to spend time and money assessing each of their customers.

To reduce the duplication of effort required for similar assessments for different companies, the VDA developed its TISAX® requirements catalog. This contains a catalog of criteria, audits, processes and KPIs, i.e. in the end a TISAX® certification. If a provider is TISAX® certified, it guarantees the controlled exchange and security of the data it holds.

The VDA has chosen a neutral third party, the ENX Association, which accredits auditors, maintains the assessment requirements, monitors audit quality and finally keeps the audit results.

TISAX® Label and its Advantages

A TISAX® label confirms your safety level and the quality standards of the automotive industry, which is recognized by the largest car manufacturers. A transparent, secure supply chain, thanks to TISAX® requirements, helps all participants reduce their costs.

TISAX® Consultancy: From Scratch to Label

You have decided to carry the TISAX® label. We offer you the GAP analysis at a fixed price, the full package up to the receipt of the label we offer you individually on the basis of the GAP analysis.

Three Ways that We Can Help You

We are here to help you get your TISAX® label at less cost and faster.
Would you like to learn more about TISAX® or do you have any questions? Then make a free-of-charge appointment.
Do you already want to start with your TISAX® project? Then book our GAP analysis so that you have your maturity level and your TISAX® roadmap clearly defined.
Do you want to do a free TISAX® Self-Assessment? Then click the link below.

Want to learn more about TISAX®?

Then have a look at our blog post: TISAX® Certification, where we explain TISAX® Certification in detail. If you are already informed about TISAX®, but not sure about how to run a Self-Assessment, you can also check this blog post.

FAQ

An established ISMS, operational TISAX® processes and KPIs are the milestones to the TISAX® label. However, an existing ISO 27001 certificate simplifies the path to the TISAX® label.

The audit for the label according to TISAX® is carried out by an external auditor. The auditing company must be commissioned independently. We can help you with the selection and commissioning of the auditing company.

Of course, it depends on the information security maturity of your company. Project duration and thus costs are 3-12 months, and 20-50T€. If you need in-depth information about TISAX® costs, here is our blog post.

It depends on the requirements of your customers and your products and services. An AL2 is usually tested remotely, AL3 requires on-site testing. Data protection and prototype protection can be additionally tested.

TISAX® is a trademark of ENX Association (European Network Exchange Association).