TISAX certification

Nexus gains new security accreditation – highest level of InfoSec for Automotive Industry 

When it comes to information security, our customers and partners have high expectations. Meeting these requirements is one of our most important concerns - which is why we recently had Nexus* audited for ISO 27001:13, Information Security Management Systems certification, and we have now taken a similar step forward with our information security compliance for the automotive segment. Information security is our top priority and Nexus* is proud to announce the completion of the highest protection level of TISAX certification (Assessment level 3 – information with very high protection level).

Nexus and TISAX

European automotive companies rely on trust to develop, build, and operate new vehicles. They use the Trusted Information Security Assessment Exchange (TISAX) to provide an aligned information security assessment. An independent accredited auditor, TÜV SÜD, completed the TISAX assessment of Nexus*.

“We continue to strive for the highest international standards and these latest achievements provide clear evidence of the ongoing expansion of our operations as an identity company in line with Nexus strategy to provide large scale infrastructure services” says Magnus Malmström, CEO of Nexus.

Nexus* has already been certified according to the ISO 27001:2013 standard by the accredited certification company RISE (Research Institutes of Sweden AB). “TISAX and ISO 27001 are very similar, and one of the most important concepts of TISAX, the maturity levels, is compatible with ISO 27001, and can help us to improve our information security management system at Nexus*. TISAX and ISO 27001 help us to improve our organization and operations as a supplier in the identity industry,” says Haifa Totangy, Chief Security Officer of Nexus.


To help secure the ever-increasing connectivity in the automotive industry, the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) developed a catalog of criteria for assessing information security. The VDA Information Security Assessment (German and English) is based on the fundamentals of the international ISO/IEC 27001 and 27002 standards adapted to the automotive industry. In 2017, it was updated to cover controls for the use of cloud services.

VDA member companies used this instrument both for internal security assessments and for assessments of suppliers, service providers, and other partners that process sensitive information on their behalf. However, because these evaluations were handled individually by each company, it created a burden on partners and duplicated effort on the part of VDA members.

To help streamline evaluations, the VDA set up a common assessment and exchange mechanism, the Trusted Information Security Assessment Exchange (TISAX). The catalogue of underlying TISAX requirements, Questionnaire for Checking Information Security Assessment and Information Security Management, Vers. 4 (German and English), provides common standards for IT security measures, and enables companies registered in TISAX to share assessment results. The VDA entrusted a neutral third party, the ENX Association, with TISAX implementation. In that capacity, it accredits auditors, maintains the accreditation criteria and assessment requirements, and monitors the quality of implementation and assessment results.

*Technology Nexus Secured Business Solutions AB



More Information

Read more about TISAX and ENX here: https://enx.com/tisax

Read more about Nexus offering for connected vehicles: https://www.nexusgroup.com/smart-id/identities-for-connected-vehicles/


Do you want to learn more about our solutions?




Read more from Nexus

Customer Cases Online service Workforce

ScandStick väljer Nexus för effektiv korthantering

10 oktober, 2023
Scandstick har valt Nexus som leverantör för sin korthantering. Nexus GO Cards minskar administrationen för företaget och blir på så vis kostnadsef...
Customer Cases Workforce Zero Trust

Landets IT-chefer överens – säkerheten har högsta prioritet

4 september, 2023
Landets IT-chefer överens - säkerheten har högsta prioritet De senaste åren har dominerats av stora kriser, först pandemin och därefter följderna ...
Citizen ID Customer Cases PKI

Kenya ushers in a new era of eCitizen services with National PKI

30 juli, 2023
Nexus PKI enables ICT Authority to facilitate secure growth of national digital infrastructure and achieve compliance with global standards.