Audit process and process steps

Step 1    TISAX® registration

You register your company as a participant on the TISAX® platform.

Step 2    Preliminary clarification and conclusion of contract

In a joint preliminary clarification discussion, we verify the applicable assessment level and any additional modules, as well as the scope of the assessment. Based on this, a contract is concluded for the assessment.

Step 3    Preparations for the assessment

The auditor holds an initial conference call with you, explaining the procedure as well as any other important points. You receive the relevant questionnaires to complete and compile additional evidence. An assessment date is jointly agreed.

Step 4    The initial assessment

The auditor carries out the information security assessment based on documents or on-site and compiles the assessment report.

Step 5    Audit of measures plan

If required, the auditor assesses the measures plan you provide to rectify any findings and presents you with feedback, supplementing the assessment report.

Step 6    Audit of measure implementation / Follow-up

You implement the defined measures and provide evidence of this through suitable documentation and photos, etc. The auditor checks this evidence and creates a final report.

Step 7    Conclusion

You receive the final report and the assessment result achieved is reported to the TISAX® platform. You can decide who may see your audit results.