VDA ISA TISAX Requirements Training

Course Duration: 1 Day

This one-day course provides participants with awareness and understanding of the requirements of the TISAX information security assessment maturity model (ISA released by the VDA). The intent of this training is to provide awareness and understanding of the information and asset security management system framework and maturity levels required to achieve the organization’s desired TISAX certification label.

Learning Objectives

Understand the application of Information Security Assessment principles and maturity of controls

Course Outline

  • Day One
  • TISAX: Trusted Information Security Assessment Exchange
  • Roles Within TISAX
  • Assessment Model: Simplified Group Assessment
  • Assessment Methodology
  • Maturity Model
  • VDA ISA TISAX and ISO/IEC 27001 Compared
  • ISO/IEC 27001:2022 Annex A
  • TISAX Overlap with ISO/IEC 27001:2022
  • TISAX Additional Controls not in ISO/IEC 27001
  • TISAX Controls
  • Information Security Controls
  • Prototype Protection Controls
  • Data Protection Controls
  • TISAX Measurement and Analysis
  • Group Exercise: TISAX Measurement & Analysis

Who Should Attend

This seminar is designed for Information Security Assurance Managers, ISO/IEC 27001:2022 Implementation and/or Transition Team Members, Management Representatives, and all others who would like to develop competency with TISAX information security assessment (ISA) maturity.

Course Materials

Each participant will receive a seminar companion manual and an electronic copy of the Information Security Assessment workbook which includes specific questions for applying requirements, controls, and maturity levels.

Note: Omnex does not provide copies of standard(s) during training courses, but clients are encouraged to have their own copy.


An understanding of the ISO/IEC 27001:2022 requirements, controls and/or work experience in applying ISO/IEC 27001:2022, as well as other ISO ISMS standards in the 27000 series, is recommended. An understanding of Risk Management for Information Security Management – there is a whitepaper available on the VDA TISAX information portal – is also important.

Upcoming Training