CBTL GmbH has received an assessment according to TISAX (Trusted Information Security Assessment Exchange). This standard provides a consistent, standardised approach to information security systems for the automotive industry in Europe.
Registered participants can view our results at:
https://portal.enx.com/en-en/TISAX/tisaxassessmentresults.
Participant ID: PZXCT6
Scope ID: SCXPP7
Assessment ID: A5RMX2-3.
Why is it becoming increasingly important for many companies to demonstrate a certain level of information security management?
Imagine you want to share confidential information with a business partner. Your collaboration can only work if this information is properly protected.
But how can you be sure that your partner will treat your information confidentially?
Faith is good, but control is better. That’s why your partner needs proof that its information security management meets your requirements. Companies mostly rely on standards for this.
And how does the automotive industry answer the question of safety verification?
The VDA (German Association of the Automotive Industry) and the governance organization ENX Association have developed TISAX, a standard that evaluates IT security measures across companies. Derived from ISO 27001, TISAX has been adapted to the specifics of the industry.
How does a TISAX assessment work?
The TISAX assessments are carried out by accredited audit providers who provide proof of their qualifications at regular intervals. However, TISAX and the TISAX results are not intended for the general public.
What measures has CBTL GmbH taken?
The confidentiality, availability and integrity of information are of great importance to CBTL GmbH. We have therefore taken extensive measures to protect sensitive and/or confidential information and implemented an information security management system (ISMS).
In 2021, we were audited at the Munich site by TÜV Süd as an accredited audit provider in accordance with VDA ISA catalog version 4.1. The audit objectives were:
- Information requiring a very high level of protection (Info Very High)
- Data protection. According to Article 28 (‘Processor’) of the General Data Protection Regulation (GDPR) (Data)