Secure through TISAX certification

About TTTech Auto

TTTech Auto operates under the umbrella of the TTTech Group and offers solutions for the challenges of future vehicle generations. The company specializes in secure software and hardware platforms for automated driving used in serial production programmes. With its technology solutions, TTTech Auto ensures safety and electronic robustness for a more automated world.

The challenge

As a technology company with a focus on the automotive industry, TTTech Auto wanted to be certified according to the TISAX information security standard defined by the automotive industry. The Association of the Automotive Industry (VDA) has developed a questionnaire, the VDA Information Security Assessment, which forms the basis for the examination by accredited certification service providers.

The solution

In order to achieve the “Very High” test goal in the categories “Information Security” and “Connection of Third Parties”, TTTech Auto has secured the support of A1 Digital International GmbH, which is already continuously monitoring THE IT infrastructure of TTTech Auto for potential and real security vulnerabilities. A1 Digital should help to develop and implement concrete measures for the TTTech Auto Organisation from the requirements of the VDA ISA. In addition, A1 Digital should conduct an independent pre-audit and accompany TTTech Auto in the final audit by the TISAX examiner.

TTTech Auto relies on A1 Digital

At the beginning, the security specialists of A1 Digital carried out an analysis of the actual situation at TTTech Auto and checked whether all audit-relevant categories of the VDA ISA requirements catalogue for the sites to be certified can be implemented. The result was noted in a gap analysis that included recommendations on what action was needed to close the vulnerabilities. The action plan was prioritized according to the degree of deviation and the estimated effort for TTTech Auto.

All necessary measures were planned as milestones in an implementation project. In addition, A1 Digital TTTech Auto's security specialists actively supported the implementation of the measures as part of project management by adapting, updating and improving existing information security policies and processes. In addition, they helped optimize the INFORMATION Security Management System (ISMS) of TTTech Auto and all relevant processes, e.g. in the design and modification of security-relevant processes, such as risk management, auditing, third party risk management, change management, user management and asset management, created process documentation and collected evidence for the execution of the processes. They also contributed their expertise in the implementation of technical security measures such as security log management or vulnerability management.

For the TISAX self-assessment, the security specialists provided a TISAX auditor, who carried out a preliminary audit of the measures and made further recommendations. Last but not least, they prepared the actual TISAX test and accompanied TTTech Auto organizationally during the audit and follow-up.