News about TISAX - TISAX - solution

TISAX® Implementation guide with TX® solution
ISO 22301 Beratung
Advantage through knowledge
TISAX® Implementation guide
Advantage - through knowledge
Beratung zu TISAX VDA ISA
Go to content

News about Trusted Information Security Exchange (TISAX) and VDA ISA

TISAX Assessment

TISAX Assessment for free

Through a certification body, we can offer up to 6 TISAX assessments at no cost. for the period up to March 2022. If you are interested, please contact us.

Assessment for free

TISAX in COVID-19 times

TISAX-Assessment

TISAX assessment dates free again

As reported by various sources, the testing organizations again have free capacities for TISAX assessments. Previously, companies had to wait up to 6 months for a TISAX assessment appointment, but now it is much faster to get a TISAX assessment appointment.
Also on the side of TISAX implementation via TISAX projects, companies are just taking more time. Although the pressure from the OEMs is still being maintained, the suppliers probably have other problems at the moment.
TISAX and Homeoffice

TISAX and Homeoffice

TISAX - Home office requirements in the context of COVID-19

COVID-19 has led to a strong tendency for suitable activities to be processed in the "home office". However, this also rapidly increases the risks to information security. This is because employees' home offices are often not protected against cyber security risks. The business notebook is simply connected to the open and unprotected private router. Encryption is not activated, etc.

This again canibalizes the information security implemented in the company. Considerable security gaps are created.

Volkswagen has now also reacted to this and sent its suppliers in the TISAX environment a notification and special regulation on TISAX in the home office back in March. In it, the problem statement reads as follows:

"Due to exceptional circumstances, it is to be increasingly expected that partners will have to send their employees to the home office in order to ensure order fulfillment for Volkswagen. In accordance with the confidentiality agreement concluded as well as the associated need to implement the VDA ISA standard, home office work is not permitted for work on information classified by Volkswagen as internal, confidential and/or secret."

As of now, an application "Use of so called home office workplaces due to unusual circumstances" can/must be submitted to VW under the following conditions. As a rule, VW's approval is limited to several months.

Requirement I: Documentation obligation for employees in the home office
  
The TISAX partner shall keep a documentation / overview of which employees work for VW in the home office.
The documentation must include the following items: Name of the employee, short description of service provision, date (period) of activity in the home office - related to VW activities.
Upon request by Volkswagen, an inspection of the documentation / overview shall be granted.
 
Requirement II: Sensitization, instruction and obligation of employees working for VW
The employees working for VW in the home office shall be explicitly sensitized and instructed beforehand by the partner regarding compliance with confidentiality and information security.
The instruction of the employees shall be documented. The employees for VW projects shall confirm the instruction (sensitization and instruction) in writing.
Upon request by Volkswagen, an inspection of the documentation / evidence shall be granted.
 
Requirement III: Compliance with information and IT security measures
All reasonable measures in accordance with the specifications of Volkswagen AG for information and IT security (compliance with the VDA ISA standard) shall be taken by the partner on its own responsibility.
The instructions and specifications of Volkswagen Group IT regarding the technical realization of the ability to work from the home office (remote solutions) must be complied with.
 
Prerequisite IV: Processing of personal (pb) data in the home office
For the processing of pb data in the home office, additional coordination with Volkswagen Data Protection must be achieved.

Other automotive manufacturers will follow suit and approach suppliers in a similar manner.

Home office and TISAX thus take on a new meaning - which means additional effort.

www.consuvation.com
This site is operated by CONSUVATION GmbH.
(C) CONSUVATION GmbH
+49 (0) 7031.4181-860
contact(@)consuvation.com
CONSUVATION GmbH
Ziegelstraße 20
71063 Sindelfingen
Deutschland
WE ADVISE WORLDWIDE
Here you will find information
about our company
MONDAY - FRIDAY
09:00  - 17:00
SATURDAY - SUNDAY
closed

If you do not want to use the contact form, you can also send us an email or call us directly. We process your data from the contact form or email exclusively for processing your request and do not pass them on to third parties. We comply with the requirements of the Data Protection Regulation (DS GVO) and BDSG-neu.
Here you will find information about
Data protection
Back to content