TISAX58
Trusted Information Security Assessment Exchange — the automotive industry assessment built on VDA ISA for shared supplier information security assurance.
Requirements in this framework
- Access Control Policy
- Access Control Systems
- Assessment evidence readiness
- Asset Inventory
- Business Continuity Management
- Camouflage and Concealment
- Change Management
- Clear Desk and Clear Screen
- Cloud Service Provider Security
- Confidential Information Handling
- Continual improvement and reassessment readiness
- Corrective Actions
- Cryptographic Controls
- Data Protection and Privacy
- Equipment Disposal
- Evidence Documentation
- Finding Remediation
- Incident Classification
- Incident response and notification coordination
- Incident Response Procedure
- Information classification and handling procedures
- Information Classification Scheme
- Information Labeling
- Information security governance
- Information Security Organization
- Information Security Policy
- Internal Audit Program
- ISMS Continual Improvement
- Lessons Learned Process
- Logging and Monitoring
- Management Review
- Network Security
- Non-Disclosure Agreements
- OEM Notification Requirements
- Perimeter Security
- Photography and Recording Controls
- Physical site and facility protections
- Protection of confidential information
- Prototype and physical security
- Prototype Physical Security
- Risk Management
- Secure development and engineering practices
- Secure Development Lifecycle
- Secure Testing Environments
- Secure Work Areas
- Security Awareness and Training
- Self-Assessment Execution
- Server Room and Data Center Security
- Supplier Information Security Requirements
- Supplier Monitoring and Review
- Supplier TISAX Assessment
- System Hardening
- Third-party and partner assurance
- TISAX Assessment Scope Definition
- TISAX Label Management
- TISAX Reassessment Planning
- Visitor Management
- Vulnerability Management