TISAX certification

Nexus gains new security accreditation – highest level of InfoSec for Automotive Industry 

When it comes to information security, our customers and partners have high expectations. Meeting these requirements is one of our most important concerns - which is why we recently had Nexus* audited for ISO 27001:13, Information Security Management Systems certification, and we have now taken a similar step forward with our information security compliance for the automotive segment. Information security is our top priority and Nexus* is proud to announce the completion of the highest protection level of TISAX certification (Assessment level 3 – information with very high protection level).

Nexus and TISAX

European automotive companies rely on trust to develop, build, and operate new vehicles. They use the Trusted Information Security Assessment Exchange (TISAX) to provide an aligned information security assessment. An independent accredited auditor, TÜV SÜD, completed the TISAX assessment of Nexus*.

“We continue to strive for the highest international standards and these latest achievements provide clear evidence of the ongoing expansion of our operations as an identity company in line with Nexus strategy to provide large scale infrastructure services” says Magnus Malmström, CEO of Nexus.

Nexus* has already been certified according to the ISO 27001:2013 standard by the accredited certification company RISE (Research Institutes of Sweden AB). “TISAX and ISO 27001 are very similar, and one of the most important concepts of TISAX, the maturity levels, is compatible with ISO 27001, and can help us to improve our information security management system at Nexus*. TISAX and ISO 27001 help us to improve our organization and operations as a supplier in the identity industry,” says Haifa Totangy, Chief Security Officer of Nexus.

About TISAX

To help secure the ever-increasing connectivity in the automotive industry, the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) developed a catalog of criteria for assessing information security. The VDA Information Security Assessment (German and English) is based on the fundamentals of the international ISO/IEC 27001 and 27002 standards adapted to the automotive industry. In 2017, it was updated to cover controls for the use of cloud services.

VDA member companies used this instrument both for internal security assessments and for assessments of suppliers, service providers, and other partners that process sensitive information on their behalf. However, because these evaluations were handled individually by each company, it created a burden on partners and duplicated effort on the part of VDA members.

To help streamline evaluations, the VDA set up a common assessment and exchange mechanism, the Trusted Information Security Assessment Exchange (TISAX). The catalogue of underlying TISAX requirements, Questionnaire for Checking Information Security Assessment and Information Security Management, Vers. 4 (German and English), provides common standards for IT security measures, and enables companies registered in TISAX to share assessment results. The VDA entrusted a neutral third party, the ENX Association, with TISAX implementation. In that capacity, it accredits auditors, maintains the accreditation criteria and assessment requirements, and monitors the quality of implementation and assessment results.

*Technology Nexus Secured Business Solutions AB

 

Published

More Information

Read more about TISAX and ENX here: https://enx.com/tisax

Read more about Nexus offering for connected vehicles: https://www.nexusgroup.com/smart-id/identities-for-connected-vehicles/

 

Do you want to learn more about our solutions?

GET IN TOUCH 

 

 

Read more from Nexus

Customer Cases PKI

LFV selects Atea and Nexus Smart ID to enable SWIM

8 January, 2020
LFV, Sweden's leading provider of air traffic control and associated services for civil and military aviation selected Atea and Nexus Smart ID to e...
Cards & credentials Customer Cases ID06 Online service

Tyréns chooses Nexus for all ID06 and customized company access cards

16 December, 2019
Tyréns chooses Nexus for all ID06 and customized company cards Tyréns wanted to have customized access cards for all of their employees and with t...
Cards & credentials Customer Cases Online service

SVEBRA chooses mobile visual ID to give users instant access to their ID cards

15 November, 2019
SVEBRA chooses mobile visual ID to give users instant access to their ID cards SVEBRA contributes to a safe and secure society through reliable an...