Daniel Jones
Security and Compliance
Security compliance checks
In this article:

The latest Runecast 6.5.4 automates compliance checks against the TISAX standard, helping organisations from the automotive sector to ensure a high level of information security across their supply chain while minimising the time, resources, and risk involved in the compliance process.

What is the TISAX security standard?

The Trusted Information Security Assessment Exchange (TISAX), is a security standard developed by the German Association of the Automotive Industry (Verband der Automobilindustrie, or VDA) to secure the German automotive industry. A TISAX certification is required for all organisations that do business with most major players in the German automotive industry.

TISAX was developed in response to the increasing importance of information security in the automotive industry, particularly with the rise of autonomous vehicles and data uploads, from vehicles, to automotive companies. It is based on the international standard for information security management, ISO/IEC 27001 and despite some natural overlaps, TISAX is specifically tailored to the automotive industry's unique requirements and is designed to provide a standardised and recognised framework for assessing the information security of organisations and their suppliers.

TISAX Total Issues Dashboard View
TISAX Total Issues Dashboard View

Why is it important to be TISAX compliant?

One of the top threats to any IT system is ransomware, but in the automotive industry cyber attacks against interconnected vehicle systems could be fatal. These vehicle systems are vulnerable to attacks, expanding potential attack surfaces to an even larger and hugely mobile area.

Scanning against the TISAX security standard provides several advantages and benefits, including:

  1. Increased Trust: TISAX compliance scanning demonstrates to partners and customers that a company takes information security seriously and has implemented appropriate measures to protect their data. This can increase trust and improve the company's reputation in the marketplace.
  2. Compliance with Industry Standards: TISAX is specifically tailored to the unique requirements of the automotive industry, and compliance with the standard demonstrates that a company has met the rigorous security requirements set by the industry.
  3. Risk Mitigation: TISAX assessments identify potential information security risks and vulnerabilities, allowing companies to take proactive measures to mitigate these risks and prevent data breaches.
  4. Cost Savings: Early identification and remediation of security risks can help companies avoid costly data breaches and reduce the overall cost of information security management.
  5. Competitive Advantage: TISAX compliance can provide a competitive advantage in the marketplace, demonstrating to partners and customers that a company has implemented appropriate security measures and is committed to protecting their data.
  6. Improved Supply Chain Management: TISAX compliance can help companies better manage their supply chain by demonstrating that their partners and suppliers have met the same rigorous security standards.

How Runecast enables AI-powered TISAX compliance

The TISAX standard can now be assessed in the Security & Compliance section of the Runecast platform in the left hand menu, along with other standards such as ISO 27001 (the standard TISAX is based on), DISA STIG, GDPR, HIPAA, NIST, PCI DSS and more.

TISAX Issue Description
TISAX Single Issue Description

Clicking on the TISAX icon will take users to a page where they can see the status of their infrastructure, assessed against the standard. The columns can be filtered and ordered as needed. For example, sorting the Result column will show areas that have passed/failed the assessment and filtering the Severity column will show only those issues with highest severity, or lowest, as selected by the user. This enables administrators to prioritise issues and get to work remediating immediately.

Runecast provides the capability to filter and report over any chosen period of time, enabling automotive organisations to prove TISAX compliance throughout a given period and ensuring organisations can verify audit readiness. 

It’s this level of usability that gives Runecast the fastest time to value on the market, not just for TISAX, but for any of the other standards which we assess for. An additional feature is that users can build custom profiles within our platform, enabling them to monitor key information as decided by the specific needs and setup of their organisation.

Learn more - watch the video below:

At Runecast, we're committed to helping our customers maintain trust with their partners and customers by providing them with the highest level of security. With TISAX compliance scanning, we're proud to offer an easier way to achieve compliance with the recognized framework for information security management in the automotive industry.

Read our case studies to see where Runecast has saved organisations 90% of the time they previously spent troubleshooting.

Meet other Runecasters here:

Try our free demo

Try Now