TISAX and Cresta
Today, Cresta is excited to announce that we’re expanding our security compliance footprint with our recent achievement of TISAX compliance. TISAX (Trusted Information Security Assessment Exchange) is an information security assessment and exchange catalog for manufacturers, service providers, and partners that contribute to the automobile industry. The TISAX catalog is administered by the ENX Association on behalf of the German VDA (Verband der Automobilindustrie, the German Automobile Industry Association) and is designed to improve the security and privacy of data and information throughout the automotive supply chain.
Which TISAX Assessment Level Does Cresta Certify With?
The TISAX requirements stem from the VDA’s ISA (Information Security Assessment) criteria which is based on the ISO/IEC 27001 and ISO/IEC 27002 standards. Cresta underwent an external assessment against the TISAX Level 2 standard performed by an ENX-accredited audit firm. Our TISAX level 2 assessment also included the additional high protection requirements which are not covered by the ISO/IEC 27001 and ISO/IEC 27002 standards.
TISAX Attestation Details and Results
If you’re registered with the ENX Association, you can find Cresta’s TISAX assessment details and results on the ENX portal.
- Company Name: Cresta Intelligence, Inc.
- Cresta Assessment ID: ACW6G7-1
You may also contact [email protected] if you’re having any issues accessing Cresta’s TISAX results or have any questions about our compliance with TISAX.
Continuous Improvement
At Cresta, we’re always striving to strengthen our compliance with global security and privacy regulations, frameworks, and standards to fulfill our commitment to protecting our customers’ data. As an example, we recently developed an internal common control framework to get a more holistic view of our Security and Compliance program and easily adapt our controls to new frameworks as we begin to expand into new industries and regions around the globe. To learn more about our dedication to the security and privacy of our products, people, and company, please visit our Trust page.