TISAX® Foundation

Values of Information Security

Protection Goals of Information Security

Security Incidents and Events

Management System

Difference between Policies, Processes, Procedures, Documents, and Records

Definition of Documented Information

Process Orientation in the Implementation and Maintenance of a Management System

Deming Cycle (PDCA)

Audit and Improvement

Importance and Objectives of an Information Security Management System (ISMS)

Benefits of Implementing an ISMS

Awareness and Commitment of Employees in Maintaining an ISMS

VDA ISA vs. ISO/IEC 27001

Explanation of the Maturity Model SPICE

Introduction to the VDA ISA Questionnaire and Its Purpose

Overview of the Various Maturity Levels, Requirement Levels, and Requirement Catalogs in the VDA ISA Questionnaire

Definition of KPIs, SMART KPIs, and Critical Success Factors (CSFs) and Overview of VDA ISA KPIs

Assistance and Guidance for Implementing an ISMS

Statement of Applicability Definition and Good Practices

Information Security Requirements (all Controls of the VDA ISA Information Security Requirement Catalog will be explained individually and discussed with the participants)

Prototype Protection Requirements (all Controls of the VDA ISA Prototype Protection Requirement Catalog will be explained individually and discussed with the participants)

Data Protection (all Controls of the VDA ISA Data Protection Requirement Catalog will be explained individually and discussed with the participants)

Path to Assessment

Involved Organizations

Overview of the Various TISAX® Assessment Levels

Findings in the Assessment

Exchange of the Auditor's Results

ISO/IEC 27000

BSI IT Basic Protection Compendium

ISO 9000

ISIS12

ISO/IEC 15408 Common Criteria

ISO/IEC 20000

FitSM

ITIL

Relation between ISO 27001 / ISO 9001 / EU GDPR