2023-11-07 by Suhas Konanur
The feasibility of a Vehicle Cyber Security (VCS) Audit was successfully proven in a project conducted until 12 October 2023. Following the recommendations of the project group, which has worked on the VCS audit scheme over the last two years, ENX Association is entering into preparation of phase 2 of the development, making audits available to more participants.
The ENX VCS (Vehicle Cybersecurity Audit Scheme) is aimed at automotive suppliers, who are concerned with development or production, or maintenance of electrical and electronic systems for road vehicles. The audit scheme offers standardized CSMS (Cybersecurity management system) audits by implementing the ISO/PAS 5112 in the context of the ISO/SAE 21434 and leveraging the existing and established audit framework of ENX Association.
2023-10-17 by Immo Wehrenberg
Together with ISA version 6 becoming effective, we are going to also implement some changes to TISAX Assessment Objectives and the respective TISAX Labels. This affects the existing “Info High” and “Info Very High” labels. The changes for these “Info” labels follow the path already laid out described in the article New TISAX labels for availability.
In the beginning of the year, ENX has introduced new labels for availability to TISAX. This was the beginning of a split of the “Info” (“Info High” and “Info Very High”) labels. With the release of ISA 6 we will now conclude the split and introduce “Confidential” and “Strictly Confidential” as the logical addition to the already existing “availability” labels.
These new Labels will become mandatory for all new TISAX Assessments that are ordered after April 1st 2024. Assessments that have been started according to the old TISAX Labels (including corrective-action-plan assessments, follow-ups, and scope-extension-assessments) can still be completed using the old standard. Existing TISAX Labels fully retain their validity. Locations with existing “Info” labels will automatically get the respective confidentiality as an additional TISAX Label.
2023-10-16 by Immo Wehrenberg
Today, a new Version 6 of ISA has been published and is now available for download. ISA 6 is the newest major revision of the ISA Catalogue that defines the baseline and best practices for information and cyber security of organizations in the automotive industry.
ISA 6 significantly improves requirements on incident and crisis management, adds new controls and requirements to strengthen resilience to Ransomware and APT further, and reconfirmed its applicability to shopfloor IT and OT by mapping and referencing the ISA/IEC 62443-2 standard.
ISA 6 will become mandatory for all new TISAX Assessments that are ordered after April 1st 2024. Audits that have been started according to the old ISA 5.1 standard (including corrective-action-plan assessments, follow-ups, and scope-extension-assessments) can still be completed using the old standard.
2023-10-12 by Suhas Konanur
The increasing digitalization of vehicle systems due to automated driving, connectivity and new mobility concepts has led to increased demands on cybersecurity in electrical and electronic (E/E) systems for vehicles across the supply chain of the automotive industry.
Our VCS Working group consisting of experts from automotive manufacturers and leading suppliers and service providers for E/E components has investigated in great depth to what extent a useful VCS audit is feasible within the ENX audit ecosystem. This study has been completed, a project report along with the developed vehicle cyber security audit (VCSA) questionnaire is now available.
2022-12-28 by Valentino Giacometti
With this short News article we want to show some of the best new features added with this change:
We hope you appriciate out effort to improve the portal with every change... Find out more in the full news article page
2022-10-28 by Immo Wehrenberg
The threat created by cyber-attacks leading to outages of suppliers of production material and parts puts information security of such suppliers under a looking glass. The resulting specific risk profile creates the need to make changes on the TISAX Assessment Objectives.
Accordingly, we create the two new TISAX Assessment Objectives "high Availabliity" and "very high Availability" for organizations where the need is determined by availability.
2021-06-01 by Immo Wehrenberg
See what options you have if you have to deal with TISAX Assessments during the COVID-19 Pandemic. This document covers the folowing three scenarios:
2000-01-01 by Immo Wehrenberg
Changes in exceptional situations like the pandemic are necessary to deal with a changed risk landscape. The ISMS is a tool to support you to act efficently, decisive and appropraite in unexpected situations like the covid-pandemic.