
TISAX® AL2 vs AL3: Which Assessment Level Do You Actually Need?
AL3 is not AL2 with harder rules. It is the same VDA ISA controls checked on-site. Which TISAX level you need is set by your customer, not by you.
Explore all our latest insights and guides related to TISAX®.

AL3 is not AL2 with harder rules. It is the same VDA ISA controls checked on-site. Which TISAX level you need is set by your customer, not by you.

A control-by-control crosswalk from ISO/IEC 27001:2022 Annex A to the VDA ISA 6.0.3 catalogue behind TISAX: what maps, what is partial, and what has no ISO equivalent.

Why leading automotive, aerospace, and technology companies trust ITIS-Secure to take them from security gaps to full certification — fast. Learn our 7-step methodology for TISAX®, ISO 27001, and NIS2.

A TISAX label covers all ten NIS2 Article 21 measures, per ENX's own expert opinion. Here is the control mapping and the five gaps it leaves open.

Does ISO 27001 cover TISAX? A certified ISO 27001:2022 ISMS covers about 70–80% of the VDA ISA Information Security module. Here is exactly where the two meet and where the gap is.

Preparing for a TISAX assessment in 2026 is not just about passing an audit. It is about proving to the world's leading OEMs that you are a resilient, reliable partner in an increasingly hostile cyber landscape.

TISAX awareness training is assessed under VDA ISA control 2.1.3 and graded on a 0–5 maturity scale. Here is the scope, the refresh cadence, and the evidence you need to reach level 3.

VDA ISA 6.0 has been the basis for TISAX® assessments since April 2024. Here are the controls ISA 5.1 suppliers must address before their next audit.

For organizations navigating the complex landscape of information security compliance, deciding between ISO/IEC 27001 and TISAX® (Trusted Information Security Assessment Exchange) is a critical str...

A TISAX label lasts three years. Miss the recertification window and it lapses on the ENX portal, visible to every OEM. Here is how to plan backwards.

What automotive supplier TISAX requirements actually mean in OEM procurement, which assessment level you need, what drives it, and how to read the contract clause.

For automotive suppliers, the mandate for cybersecurity has never been more complex. Today's connected vehicles contain upwards of 100 million lines of code, transforming them into mobile data cent...
Book your free gap assessment today. Our experts will map your current posture against your target framework and give you a clear, honest roadmap to certification.
No commitment required • GDPR compliant • Strategy confirmed via secure link