Question 1

Which Stuttgart companies require TISAX certification?

Accepted Answer

Any Stuttgart company that stores, processes or transmits sensitive information from automotive OEMs, including prototype photos, CAD data, personal vehicle owner data or connected car telemetry, must hold a TISAX label at the appropriate assessment level. This includes software developers, engineering consultancies, logistics providers and marketing agencies in the automotive supply chain.

Question 2

What is the difference between TISAX AL1, AL2 and AL3?

Accepted Answer

TISAX Assessment Level 1 is a self-assessment for low-sensitivity information. AL2 requires a spot-check audit by an ENX-approved provider and covers confidential vehicle development data. AL3 involves a full on-site audit and is required for high-sensitivity data including prototype images and personal data with special privacy requirements. Stuttgart OEMs typically require AL2 or AL3 from their direct suppliers.

Question 3

How does ISO 27001 certification help Stuttgart companies win automotive contracts?

Accepted Answer

ISO 27001 certification demonstrates a mature information security management system to Stuttgart OEMs and Tier 1 suppliers. While TISAX is the primary automotive standard, many Mercedes-Benz, Porsche and Bosch procurement requirements reference ISO 27001 for non-automotive data categories. Holding both certifications significantly strengthens your supplier qualification.

Question 4

Can KaitoSec help Stuttgart engineering firms with BSI Grundschutz alongside TISAX?

Accepted Answer

Yes. Stuttgart companies with public-sector engineering contracts or classified defence projects may need BSI Grundschutz certification in addition to TISAX. KaitoSec maps controls across both frameworks simultaneously, allowing your team to prepare for both assessments without maintaining two separate compliance projects.

TISAX-grade resilience for Stuttgart's automotive base

Automotive Supply Chain Compliance

TISAX AL2 and AL3 Expertise

Swabian Engineering Quality in Compliance

FAQ

Product

Frameworks

Solutions

Services

Resources

Company

Legal