TISAX^® certification at LOGSOL

LOGSOL opted for TISAX^® certification in the summer of 2021. We have thus taken a significant step towards independent auditing of our technical and organizational measures and security awareness. This approval allows us to demonstrate the high standard required in the automotive industry. TISAX^® (Trusted Information Security Assessment Exchange) was developed specifically for the requirements of the automotive industry. It creates uniform standards for information security and data protection.

In October 2022, the time had come: the audit was carried out

However, the process began months earlier with registration with ENX (an affiliation of automobile manufacturers, suppliers, and four national automotive associations) for the TISAX^® assessment. We then received the TISAX^® questionnaire, conducted the self-assessment, and selected an accredited testing service provider. The latter checked the self-disclosure for plausibility and carried out remote or on-site sampling. If weaknesses were identified here, an iterative optimization process was started.

TISAX^® certification offers numerous benefits and opportunities for the automotive market. It is now a basic requirement for working with many of our customers, as OEMs such as Porsche and Mercedes demand TISAX^® certification from their service providers and suppliers. However, we also see it as an impetus for our own continuous improvement, as TISAX^® additionally requires documentation of processes, designation of responsible parties, training of employees, and protection of assets.
This increases the quality of internal operations and information security, which makes us as a company less vulnerable to cybercrime.

We are already very well positioned thanks to our existing ISO27001 certification.
However, TISAX^® has a different focus in some areas, and some requirements are specified more precisely. This enabled us to improve further in the areas of service procurement and IT system auditing, among others.

Awareness-raising and training of our employees with regard to information security plays a decisive role in this. After all, trained employees are the most effective means of combating cybercrime, since many cyber attacks begin with social engineering, such as phishing. For this reason, LOGSOL conducts annual training sessions to make all employees aware of the importance of information security and data protection. We are currently working on the introduction of a new awareness training platform for our employees that will facilitate individual training.

Customer perception noticeably improved as a result of TISAX^® certification, as LOGSOL is now listed as a certified company in the ENX database. This opens up promising business prospects by increasing the opportunities for projects involving sensitive data in the automotive industry. This gives LOGSOL a competitive advantage over some of its competitors in terms of information security. We are very pleased to be able to carry the TISAX^® certificate for at least the next two years before the next audit for renewed certification is due.

We aim to ensure and further develop information security by continuously working on our information security management system (ISMS). This includes ISO27001 certification as well as TISAX^® certification, and involves regular internal and external audits to protect the company from growing information security threats, whether software, hardware, or human.