Home cloud Compliance IBM Cloud TISAX Germany Compliance IBM Cloud® compliance: TISAX (Germany)
Illustration showing two people standing on platforms, with one person looking at a map display and the other regarding a security shield
What is TISAX?

The Trusted Information Security Assessment Exchange (TISAX) was developed by the German Association of the Automotive Industry (Verband der Automobilindustrie, or VDA) as a framework to address the information security needs of the automobile manufacturing industry and to protect the auto industry's sensitive and proprietary information.

TISAX is broadly based on the international ISO/IEC 27001 and 27002 standards and is overseen by a neutral third party—the ENX Association—which governs the accreditation and assessment of the TISAX standards.

TISAX and TISAX certification is a requirement for cloud computing companies working with the German auto industry.

Reports and other documentation

TISAX results are not intended for the general public.

The IBM Deutschland GmbH TISAX assessment result can only be retrieved by logging into the ENX Portal (link resides outside of ibm.com). (Scope ID: SRPR41)

IBM position

IBM Cloud® Infrastructure services available across all IBM Cloud data centers were assessed at the TISAX assessment level 2 standard, to the following VDA Information Security Assessment (ISA) criteria catalogues:

  • Information with high protection needs
  • Connection to 3rd parties with high protection needs
  • Data protection according to EU-GDPR art. 28 ("processor")

IBM Service Descriptions (SDs) indicate if a given offering maintains TISAX compliance status. Services below issue TISAX reports every 3 years.

Take the next step

Questions about a compliance program? Need a protected compliance report? We can help.

See more compliance programs