Our consulting is based on decades of experience in high-level security and assessment management at the leading German certifiers for the ISO 27001, ISO 22301, and TISAX® standards. Our consulting concept has been successfully implemented by our clients.
The information security module always serves as the basis, and the additional modules of prototype protection and data protection are incorporated depending on the OEM’s requirements. The applicable protection requirements are based on the classification of the OEM’s information. High protection need is comparable to confidential information and very high protection need is comparable to strictly confidential or even secret information.
The consulting concept and methodology can be roughly broken down as follows:
- Inventory of security/information security based on your processes and documentation
- Derivation and determination of the assessment scope in accordance with TISAX® requirements
- Definition of the document landscape (processes, individual documents, supporting proof) for your company and the TISAX® assessment
- Scaling of all processes, individual documents, and proof according to our templates for your company
The interactive implementation we do with you takes place in individual steps that are implementable and prioritized:
- You will receive the relevant templates for processes, individual documents and verifications on a weekly basis according to priority
- Under our guidance, together we discuss the processes and adapt the template documents to the new updated status within the company
- Every week at the same time we hold a meeting to review the documents you are working on
- Week by week, we make prioritized progress in implementing TISAX® up to the scheduled assessment
- One week before the assessment by the audit provider, we conduct an internal assessment to test and refine your processes and documents
- During the TISAX® assessment, we assist you by defending your position to the audit provider sent by the certifier