The Trusted Information Security Assessment Exchange (TISAX) was developed by the German Association of the Automotive Industry (Verband der Automobilindustrie, or VDA) as a framework to address the information security needs of the automobile manufacturing industry and to protect the auto industry's sensitive and proprietary information.
TISAX is broadly based on the international ISO/IEC 27001 and 27002 standards and is overseen by a neutral third party—the ENX Association—which governs the accreditation and assessment of the TISAX standards.
TISAX and TISAX certification is a requirement for cloud computing companies working with the German auto industry.
Reports and other documentation
TISAX results are not intended for the general public.
The IBM Deutschland GmbH TISAX assessment result can only be retrieved by logging into the ENX Portal (link resides outside ibm.com). (Scope ID: SRPR41)
IBM Cloud® Infrastructure services available across all IBM Cloud data centers were assessed at the TISAX assessment level 2 standard, to the following VDA Information Security Assessment (ISA) criteria catalogues:
- Information with high protection needs
- Connection to 3rd parties with high protection needs
- Data protection according to EU-GDPR art. 28 ("processor")
IBM Service Descriptions (SDs) indicate if a given offering maintains TISAX compliance status. Services below issue TISAX reports every 3 years.