TISAX • AL2 & AL3
Information security for the automotive supply chain
TISAX (Trusted Information Security Assessment Exchange) is based on VDA ISA and is commonly required by OEMs and Tier-1 suppliers. Scope, protection needs and solid evidence are critical.
Assessment Level (AL2 vs. AL3)
AL2
Standard assessment with focus on consistent implementation and reliable evidence.
AL3
Higher depth of assessment and stronger effectiveness expectations—used for higher protection needs.
Common pitfalls
Unclear scope, missing evidence, “paper processes”, incomplete asset/supplier view, unclear ownership.
We support scoping, evidence structuring and preparation up to defensible findings.