If you haven’t heard about Trusted Information Security Assessment Exchange (TISAX) certification chances are, you’re going to soon.
This accreditation, created by the ENX Association (ENX) in 2017, is quickly becoming the automotive industry’s answer to the security of data that is stored, processed and transferred between customers, partners and suppliers.
For instance, many big names are listed in the ENX Network Yellow Pages. So, expect more organizations to start requiring this certification in the near future.
In fact, this is one of the reasons Ansys achieved TISAX certification. It gives customers and partners in the automotive industry a compelling argument to use its software and consulting services for the foreseeable future.
So, let’s dig a little deeper into the requirements, process and benefits of gaining this new certification.
What is TISAX?
ENX, an organization of automotive manufacturers, suppliers and associations, created the TISAX certification to offer a set of rules that ensure the secure exchange of information between two parties.
These rules cover a range of information and operational security topics.
Information security rules cover:
- Disaster/data recovery
- Access controls
- Destroying old data
Operational security rules cover:
- Physical and environmental security
- Legal documentation
- Human resource management
- Asset management
- Office management
- Decision making
To achieve certification, organizations need to show that they can follow these, and other, rules. They also need to document their processes so they can continuously prove compliance during recertifications.
For instance, organizations need to prove that the software they use to login and gain access to the data is secure. To do so, it must determine processes to create and terminate an employee’s access to the data and software.
Additionally, each partner and customer that works with the organization will have its own secure database. So, the organization will need to keep track of which employees have access to each database.
Organizations also need a secure area to work and access this database. This could involve the creation of secure physical spaces within an organization.
So, TISAX certification isn’t just an IT challenge. To achieve certification, numerous departments in an organization must work with IT, including: human resources, legal and logistics.
How Ansys Met TISAX Certification
ENX only gives organizations TISAX rules and best practices. It’s up to the organization to develop tools, technologies, processes and workflows that meet those standards.
Ansys chose to use cloud architecture, on the Azure platform, as the backbone to its solution. This way, if it ever needs to make more TISAX compliant databases, for more clients, it can do so easily.
Clients access the secure cloud system to send the data they want to share. Ansys can then access this data to offer its clients new technologies and services that suit their needs.
For instance, Ansys can provide consulting work to develop workflows and technology to process, compute and simulate the data sent by its clients. Ansys can then use the database as a means to:
- Send processed data back to the client
- Use the data to develop client tools and technologies
- Find gaps in a client’s workflow
The database can also facilitate meetings with these clients and could improve collaboration between individuals working from disparate locations around the globe.
To learn of other ways Ansys supports the development of cars, check out the automotive engineering solutions page.