How ISO 27001 and TISAX are related

You probably know what ISO 27001 is, because it is an international standard, very popular in the information security sector, that helps organizations of all sectors to protect their information. But, did you know that the automotive industry is also interested in information security, and that they even have their own information security standards? In the following article, you’ll learn all the key aspects of the relationship between ISO 27001 and TISAX (Trusted Information Security Assessment Exchange), the information security standard for the automotive industry.

Information technology and cars are inseparable today


Twenty years ago, my mother had a small car, a Renault Twingo, and I was very impressed with it, because it was the first car that I had ever seen with an integrated digital control panel. In that time, this technology was a revolution, because most cars had an analog control panel. At the same time, that was my first experience with any digital technology in a car.

Today, cars are so different, and I don’t know a current car without some kind of digital technology. Even so, information technology is probably one of the most important parts, because most of our cars are managed by software, and it is so useful, because most actions related to our cars are now automated: tire pressure, speed limit, parking, etc.

Systems for a computer on wheels

If you have a car with Wi-Fi/Bluetooth connection, applications, cameras, etc., then basically, you can say that you have a computer with wheels. And, of course, if your car is like a computer, then threats related to information security also apply to it.

This is why companies in the automotive sector have performed information security assessments, not only in their own systems and processes, but also in their providers’ systems. But the problem (Read more...)

*** This is a Security Bloggers Network syndicated blog from The ISO 27001 & ISO 22301 Blog – 27001Academy authored by The ISO 27001 & ISO 22301 Blog – 27001Academy. Read the original post at: