TISAX COMPLIANCE in SAP ECC, S/4 HANA and SAP PLM Systems For Automotive Industry by SAGESSE TECH Solutions

TISAX COMPLIANCE in SAP ECC, S/4 HANA and SAP PLM Systems For Automotive Industry by SAGESSE TECH Solutions

TISAX is a security standard devised by the German Association of the Automotive Industry (VDA) in 2017 to ensure a base level of information & cyber security in the European auto industry. It is administered by the ENX Association, and while isn’t officially recognised as an international standard, many foreign software partners do choose to get TISAX certified as well.

TISAX was originally based on ISO/IEC 27001, which presents a framework for protecting information through the use of an information security management system (ISMS). However, TISAX goes beyond this standard by adding guidance for data and prototype protection, among other areas. The scope, assessment and recommended measures are also different.

TISAX starts with a self-assessment, which is usually followed-up by an outside auditor either online or in person, depending on your individual scope. To be successful in qualifying for TISAX certification, your business will need to show that it possesses the required information security maturity across a variety of factors related to your business and the data it will handle on behalf of your auto partner.

So what are the objectives? Well, there are eight of them all totalled and they each map to one of three categories, called ‘criteria catalogs‘. Those are:

  1. Information security
  2. Prototype protection
  3. Data protection

As many Automobile Manufacturers and their suppliers run SAP Systems and these systems hold a lot of valuable information including prototypes( e.g. Product Lifecycle Management Systems ), it is very important to protect SAP Systems from unauthorized access. SAGESSE TECH's SAP Threat Detection and Security Monitoring Solution has a TISAX Compliance Dashboard for SAP ECC, SAP S/4 HANA and SAP PLM( Product Lifeceycle Systems ). Information security, data access and prototype access are monitored and suspicious activites are displayed in dashboards, alerts and reports integrated with SIEM Solutions like SPLUNK and IBM QRadar.

SAGESSE TECH, global SAP Security / Oracle Security / ERP Security Tech Company, is providing Automated Audit Tool for SAP, SAP Threat Detection and Monitoring Products, SAP PenTest Framework and an SAP Audit Service which control these kinds of configurations, vulnerabilities and much more in your SAP Systems. Their products and services can help you to integrate your SAP System into your central threat detection solutions and foster your NIS2 and DORA Compliance.

SAGESSE TECH is now providing companies who do not use a SIEM Solution or would like to have a separate SIEM for SAP Threat Detection with a Wazuh SIEM App.

You can contact SAGESSE TECH(E-mail : info@sagesseconsultancy.com, sales@sagesseconsultancy.com or kaankars@sagesseconsultancy.com ), if you would like to have more information about our products or to have a Vulnerability Scanning, SAP Audit or SAP PenTest on your SAP Systems or implement a SAP Threat Detection and Monitoring Solution integrated with leading SIEM Vendors like SPLUNK, IBM QRadar and Wazuh.




To view or add a comment, sign in

More articles by Sükrü Ilker BIRAKOĞLU

Insights from the community

Others also viewed

Explore topics