TISAX certification

Nexus gains new security accreditation – highest level of InfoSec for Automotive Industry 

When it comes to information security, our customers and partners have high expectations. Meeting these requirements is one of our most important concerns - which is why we recently had Nexus* audited for ISO 27001:13, Information Security Management Systems certification, and we have now taken a similar step forward with our information security compliance for the automotive segment. Information security is our top priority and Nexus* is proud to announce the completion of the highest protection level of TISAX certification (Assessment level 3 – information with very high protection level).

Nexus and TISAX

European automotive companies rely on trust to develop, build, and operate new vehicles. They use the Trusted Information Security Assessment Exchange (TISAX) to provide an aligned information security assessment. An independent accredited auditor, TÜV SÜD, completed the TISAX assessment of Nexus*.

“We continue to strive for the highest international standards and these latest achievements provide clear evidence of the ongoing expansion of our operations as an identity company in line with Nexus strategy to provide large scale infrastructure services” says Magnus Malmström, CEO of Nexus.

Nexus* has already been certified according to the ISO 27001:2013 standard by the accredited certification company RISE (Research Institutes of Sweden AB). “TISAX and ISO 27001 are very similar, and one of the most important concepts of TISAX, the maturity levels, is compatible with ISO 27001, and can help us to improve our information security management system at Nexus*. TISAX and ISO 27001 help us to improve our organization and operations as a supplier in the identity industry,” says Haifa Totangy, Chief Security Officer of Nexus.

About TISAX

To help secure the ever-increasing connectivity in the automotive industry, the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) developed a catalog of criteria for assessing information security. The VDA Information Security Assessment (German and English) is based on the fundamentals of the international ISO/IEC 27001 and 27002 standards adapted to the automotive industry. In 2017, it was updated to cover controls for the use of cloud services.

VDA member companies used this instrument both for internal security assessments and for assessments of suppliers, service providers, and other partners that process sensitive information on their behalf. However, because these evaluations were handled individually by each company, it created a burden on partners and duplicated effort on the part of VDA members.

To help streamline evaluations, the VDA set up a common assessment and exchange mechanism, the Trusted Information Security Assessment Exchange (TISAX). The catalogue of underlying TISAX requirements, Questionnaire for Checking Information Security Assessment and Information Security Management, Vers. 4 (German and English), provides common standards for IT security measures, and enables companies registered in TISAX to share assessment results. The VDA entrusted a neutral third party, the ENX Association, with TISAX implementation. In that capacity, it accredits auditors, maintains the accreditation criteria and assessment requirements, and monitors the quality of implementation and assessment results.

*Technology Nexus Secured Business Solutions AB

 

Published

More Information

Read more about TISAX and ENX here: https://enx.com/tisax

Read more about Nexus offering for connected vehicles: https://www.nexusgroup.com/smart-id/identities-for-connected-vehicles/

 

Do you want to learn more about our solutions?

GET IN TOUCH 

 

 

Read more from Nexus

Customer Cases Workforce

Siemens och Nexus partnerskap förenklar säker åtkomst

27 november, 2024
Med integrationen av Siemens SiPass och Nexus GO Cards har organisationer nu en anpassningsbar, användarvänlig åtkomstkontrolllösning som prioriter...
Customer Cases News Okategoriserad

Nexus blir exklusiv leverantör av kort till ID06

13 augusti, 2024
Nexus är nu ensam tillverkare av identitetskort till ID06 AB och för Sveriges byggindustri. Det innebär att Nexus hanterar hela produktionskedjan, ...
Customer Cases Online service Workforce

ScandStick väljer Nexus för effektiv korthantering

10 oktober, 2023
Scandstick har valt Nexus som leverantör för sin korthantering. Nexus GO Cards minskar administrationen för företaget och blir på så vis kostnadsef...