Archived News

VCS Introducing Vehicle Cybersecurity (VCS) Audit scheme

2023-11-07 by Suhas Konanur

The feasibility of a Vehicle Cyber Security (VCS) Audit was successfully proven in a project conducted until 12 October 2023. Following the recommendations of the project group, which has worked on the VCS audit scheme over the last two years, ENX Association is entering into preparation of phase 2 of the development, making audits available to more participants.

The ENX VCS (Vehicle Cybersecurity Audit Scheme) is aimed at automotive suppliers, who are concerned with development or production, or maintenance of electrical and electronic systems for road vehicles. The audit scheme offers standardized CSMS (Cybersecurity management system) audits by implementing the ISO/PAS 5112 in the context of the ISO/SAE 21434 and leveraging the existing and established audit framework of ENX Association.

...Read more

ISA6 Changes to TISAX Labels Accompanying ISA 6 Release

2023-10-17 by Immo Wehrenberg

Together with ISA version 6 becoming effective, we are going to also implement some changes to TISAX Assessment Objectives and the respective TISAX Labels. This affects the existing “Info High” and “Info Very High” labels. The changes for these “Info” labels follow the path already laid out described in the article New TISAX labels for availability.

In the beginning of the year, ENX has introduced new labels for availability to TISAX. This was the beginning of a split of the “Info” (“Info High” and “Info Very High”) labels. With the release of ISA 6 we will now conclude the split and introduce “Confidential” and “Strictly Confidential” as the logical addition to the already existing “availability” labels.

These new Labels will become mandatory for all new TISAX Assessments that are ordered after April 1st 2024. Assessments that have been started according to the old TISAX Labels (including corrective-action-plan assessments, follow-ups, and scope-extension-assessments) can still be completed using the old standard. Existing TISAX Labels fully retain their validity. Locations with existing “Info” labels will automatically get the respective confidentiality as an additional TISAX Label.

...Read more

ISA6 ISA Version 6 Now Available

2023-10-16 by Immo Wehrenberg

Today, a new Version 6 of ISA has been published and is now available for download. ISA 6 is the newest major revision of the ISA Catalogue that defines the baseline and best practices for information and cyber security of organizations in the automotive industry.

ISA 6 significantly improves requirements on incident and crisis management, adds new controls and requirements to strengthen resilience to Ransomware and APT further, and reconfirmed its applicability to shopfloor IT and OT by mapping and referencing the ISA/IEC 62443-2 standard.

ISA 6 will become mandatory for all new TISAX Assessments that are ordered after April 1st 2024. Audits that have been started according to the old ISA 5.1 standard (including corrective-action-plan assessments, follow-ups, and scope-extension-assessments) can still be completed using the old standard.

Read more....

VCS Feasibility Study of VCS Audit Within ENX Ecosystem Concluded

2023-10-12 by Suhas Konanur

The increasing digitalization of vehicle systems due to automated driving, connectivity and new mobility concepts has led to increased demands on cybersecurity in electrical and electronic (E/E) systems for vehicles across the supply chain of the automotive industry.

Our VCS Working group consisting of experts from automotive manufacturers and leading suppliers and service providers for E/E components has investigated in great depth to what extent a useful VCS audit is feasible within the ENX audit ecosystem. This study has been completed, a project report along with the developed vehicle cyber security audit (VCSA) questionnaire is now available.

...Read more

Portal December 2022 Website Update

2022-12-28 by Valentino Giacometti

With this short News article we want to show some of the best new features added with this change:

• Cleaned up the navigation bar for logged-in users.
• Ability to add users to your companies account after they accidentially signed-up themselves.
• Reminder for overdue invoices and expiring TISAX scopes
• Improved Company Page

We hope you appriciate out effort to improve the portal with every change... Find out more in the full news article page

TISAX Introducing new TISAX Labels for confidentiality and availability

2022-10-28 by Immo Wehrenberg

The threat created by cyber-attacks leading to outages of suppliers of production material and parts puts information security of such suppliers under a looking glass. The resulting specific risk profile creates the need to make changes on the TISAX Assessment Objectives.

Accordingly, we create the two new TISAX Assessment Objectives "high Availabliity" and "very high Availability" for organizations where the need is determined by availability. 

TISAX TISAX and the coronavirus

2021-06-01 by Immo Wehrenberg

See what options you have if you have to deal with TISAX Assessments during the COVID-19 Pandemic. This document covers the folowing three scenarios:

1. Employees working from Home
2. Initial assessment cannot be done as planned
3. Expiring assessment results
4. Expiring temporary labels
5. Handling TISAX Assessment of Partners 

TISAX Your ISMS and the Coronavirus

2000-01-01 by Immo Wehrenberg

Changes in exceptional situations like the pandemic are necessary to deal with a changed risk landscape. The ISMS is a tool to support you to act efficently, decisive and appropraite in unexpected situations like the covid-pandemic.