Skip to main content

TISAX Compliance Software

Trusted Information Security Assessment Exchange. Narrate gives you everything you need to achieve and maintain TISAX compliance — VDA ISA controls, prototype protection, information security management, and supplier assessment.

Book a Demo View All Features

What is TISAX?

TISAX (Trusted Information Security Assessment Exchange) is the automotive industry standard for information security, managed by the ENX Association on behalf of the German Association of the Automotive Industry (VDA). Based on the VDA Information Security Assessment (ISA) catalogue, TISAX provides a standardised assessment and exchange mechanism for information security across the automotive supply chain. Major OEMs such as Volkswagen, BMW, and Daimler require their suppliers to hold valid TISAX labels, making it essential for any organisation working within the automotive sector.

How Narrate helps with TISAX

Complete VDA ISA control framework with all assessment criteria mapped, tracked, and ready for audit
Prototype protection requirements management covering physical security, digital safeguards, and personnel controls
Supplier information security assessment workflows to evaluate and monitor third-party compliance across the supply chain
Assessment preparation for both AL2 (normal) and AL3 (high) protection levels with gap analysis and remediation tracking
Cross-standard mapping to ISO 27001 for organisations pursuing both certifications without duplicating effort

Common TISAX challenges

TISAX readiness trips up even experienced teams. Here's what slows people down.

VDA ISA Catalogue Complexity

The VDA ISA catalogue contains detailed assessment criteria across multiple domains, requiring careful interpretation and implementation for each maturity level.

Prototype Protection Requirements

Protecting unreleased vehicle designs and components demands rigorous physical, digital, and organisational controls that go beyond standard information security.

Assessment Level Selection

Choosing between AL2 and AL3 assessment levels impacts scope, cost, and audit rigour — getting it wrong means wasted effort or insufficient certification.

Supply Chain Compliance

OEMs increasingly require TISAX labels from their entire supply chain, creating cascading compliance obligations that must be managed and evidenced.

Key capabilities for TISAX

Everything you need from gap assessment to TISAX label.

VDA ISA Controls

Full VDA ISA catalogue mapped with maturity levels, evidence requirements, and implementation guidance

Prototype Protection

Dedicated controls for prototype and pre-production vehicle data with physical and digital safeguards

Assessment Prep

Guided preparation for AL2 and AL3 assessments with readiness scoring and gap identification

Supplier Management

Assess and track supplier information security posture across the automotive supply chain

Policy Templates

Pre-built templates for information security policies, prototype handling procedures, and access controls

Compliance Autopilot

Continuous monitoring for control drift, evidence staleness, and gap detection across all TISAX domains

Cross-standard mapping: TISAX shares significant control overlap with ISO 27001. Narrate maps shared controls automatically — pursue multiple frameworks without duplicating effort.

See it in action

TISAX compliance view

Upload screenshot to assets/

Ready to start your TISAX journey?

Book a demo to see how Narrate simplifies TISAX compliance from gap assessment to TISAX label.

Book a Demo View Pricing