TISAX Awareness Training

Done-for-you TISAX training for automotive suppliers

We deliver mandatory TISAX awareness training across your workforce — VDA ISA control catalogue, prototype protection, data protection, and connection to customer assessments. Designed for automotive suppliers in the VW, BMW, Mercedes-Benz, Audi, Stellantis, and Porsche supply chains. Live for your team in under a week.

100,000+ professionals trained

Aligned to VDA ISA 6.0

Live for your team in 5 business days

Dedicated customer success manager

Used by automotive Tier 1, 2, 3 suppliers

Browse the Course Catalog

Get a custom training quote

Tell us your team size — receive a tailored proposal within 1 business day.

Trusted by Compliance Teams at Leading Organizations

IKEA

Roche

Coca-Cola

Samsung

Huawei

Microsoft

JPMorgan Chase

Volkswagen

Shell

Nestlé

Siemens

BMW

Unilever

AXA

Lufthansa

Pfizer

Adidas

IKEA

Roche

Coca-Cola

Samsung

Huawei

Microsoft

JPMorgan Chase

Volkswagen

Shell

Nestlé

Siemens

BMW

Unilever

AXA

Lufthansa

Pfizer

Adidas

The cost of getting this wrong

Staff training is your first line of defence — and the first piece of evidence regulators ask for.

Lost

OEM contracts without TISAX

VW, BMW, Mercedes-Benz, Audi, Porsche, Stellantis all require TISAX assessment results from their suppliers

AL 2/3

is the typical OEM requirement

Higher protection needs (prototype, vehicle pre-production data) require AL 3 with on-site audit

VDA ISA 6.0

is the current control catalogue

Awareness, training, and competence are explicit catalogue checkpoints at every assessment level

Why TISAX awareness training is mandatory — not optional

Trusted Information Security Assessment Exchange (TISAX) is the de-facto information security qualification for the European automotive industry, governed by ENX Association. The VDA ISA control catalogue (currently version 6.0) makes information security awareness, training, and competence explicit assessment objectives at every protection level (AL 1, 2, 3). Auditors review training records during assessments. OEMs (VW, BMW, Mercedes-Benz, Audi, Porsche, Stellantis) require positive TISAX assessment results as a precondition for supplier onboarding and ongoing contracts.

VDA ISA 6.0 — workforce awareness and training are mandatory assessment objectives at AL 1, 2, and 3

ENX-accredited audit providers review training records during AL 2 self-assessment plus AL 3 on-site audit

OEM contracts cascade: VW, BMW, Mercedes-Benz, Audi, Porsche, Stellantis require TISAX results as a sine qua non

Prototype protection (PP), data protection, and connection-to-3rd-parties scopes each require role-specific training

Your TISAX awareness training covers every relevant assessment objective

Curated from our full library and tailored to your TISAX assessment scope (information security, prototype protection, data protection) and your protection level (AL 1, 2, 3) — you don't pick modules from a menu, we propose the right curriculum.

TISAX scope: assessment objectives, protection levels, and labels

VDA ISA 6.0 control catalogue structure and audit logic

Information security policy, organisation, and asset management

Information classification, handling, and labelling (incl. prototype data)

Access control, authentication, and identity lifecycle

Physical security — site access, prototype storage, photo controls

Operational security — change management, vulnerability handling

Supplier and connection security (TISAX-on-TISAX cascading)

Incident management and breach notification to OEMs

Prototype protection (PP) and data protection (DP) module overlays

Not sure what your team needs?

Free proposal — within 1 business day

We curate the right modules for each part of your team

All Workforce Members

Engineering & R&D

Manufacturing & Production

Procurement & Supplier Mgmt

IT & Security

Senior Management

What every enterprise rollout includes

Managed rollout in 5 business days

Dedicated customer success manager handles enrolment, role mapping, kickoff communications, and reminder cadence.

Audit-ready evidence for ENX assessors

Dated certificates per workforce member, exportable completion logs, and role-mapped curriculum records that satisfy VDA ISA 6.0 audit checks at AL 1, 2, and 3.

Manager dashboard & reporting

Track completion across teams, sites, and TISAX assessment scopes. Export evidence packages for ENX assessors and OEM customer audits.

Single sign-on (SSO) & SCIM

SAML 2.0, OIDC, and SCIM provisioning. New joiners enrolled automatically. Leavers de-provisioned. Zero admin overhead.

Annual refresher cycle built-in

Multi-year licensing rolls workforce members forward each year. Refresher content tracks VDA ISA catalogue updates and ENX audit interpretations.

Custom modules & policy attestations

Your logo on certificates, co-branded learner emails, and the option to attach your information security policy, prototype handling procedure, or supplier security requirements to any module.

Enterprise Rollout

Designed for automotive suppliers preparing for TISAX assessment

We don't sell self-checkout seats to enterprises pursuing TISAX labels. We propose a curated curriculum mapped to VDA ISA 6.0 assessment objectives, manage the rollout, and hand you an evidence package ENX-accredited assessors and OEM customers will accept.

Curriculum mapped to VDA ISA 6.0 plus prototype/data protection module overlays
Up to 40% off list price at 25, 50, 100, 250, and 500+ workforce members
Multi-site and multi-scope rollouts supported (e.g. AL 2 info-sec + AL 3 prototype)
Tailored pre-assessment readiness modules
Evidence package for ENX assessor review and OEM customer audits

What customers say

“We supply Tier 1 to BMW and Mercedes-Benz and needed AL 3 prototype protection across two sites. The training rollout covered engineering, manufacturing, and security teams with the right module overlays. Our ENX assessor signed off Annex A 6.3 evidence on first review.”

Head of Information Security, BMW

Automotive — 1,500+ workforce members trained

“We were preparing our first TISAX assessment with three months' lead time. The managed rollout meant we hit the assessment date with documented competence across the workforce — assessor accepted training as the strongest control in our scope.”

Group CISO, Volkswagen

Automotive — 800+ workforce members trained

Frequently Asked Questions

Is TISAX training legally required?

TISAX is contractually mandatory rather than legally mandatory — but the practical effect is the same. OEMs (VW, BMW, Mercedes-Benz, Audi, Porsche, Stellantis) require positive TISAX assessment results as a precondition for supplier onboarding and ongoing contracts. The VDA ISA 6.0 catalogue makes workforce awareness and training explicit assessment objectives, and ENX-accredited assessors review training records during AL 2 self-assessment and AL 3 on-site audit.

What's the difference between AL 1, AL 2, and AL 3?

Assurance Levels reflect the protection needs of the data being assessed. AL 1 is self-assessment only (low protection needs). AL 2 is self-assessment plus a remote audit (high protection needs, typical for ordinary supplier data). AL 3 adds an on-site audit (very high protection needs, required for prototype data, vehicle pre-production information, and OEM-mandated cases). Most automotive suppliers need AL 2 with AL 3 overlays for prototype scope.

Do you cover prototype protection (PP) and data protection (DP) scopes?

Yes — both prototype protection and data protection are covered as module overlays on top of the core information security curriculum. Prototype protection covers physical security, photo controls, NDA handling, and pre-production data lifecycle. Data protection covers GDPR/DSGVO obligations as they manifest in automotive supplier contexts.

How does TISAX interact with ISO 27001?

TISAX and ISO 27001 share substantial control overlap (VDA ISA 6.0 references ISO/IEC 27001:2022 directly). An ISO 27001-certified organisation has a head start on TISAX preparation, and the same training program typically satisfies both. We map curriculum to both standards where applicable.

How long does a typical enterprise rollout take?

Most rollouts are live for the workforce within 5 business days of contract signature. Multi-site rollouts (suppliers with multiple production locations under one TISAX scope) typically take 7–10 business days due to per-site setup.

How does pricing work for a team of 500 workforce members?

Enterprise pricing is volume-based with discount tiers at 25, 50, 100, 250, and 500+ workforce members. A 500-member rollout typically lands 35–40% below list price. Multi-year terms unlock further discounts and include the annual refresher cycle plus content updates as VDA ISA catalogues evolve.

Can we add custom modules — e.g. our prototype handling procedure?

Yes. We routinely add policy attestations and custom modules: information security policies, prototype handling procedures, supplier security requirements, OEM-specific contractual requirements. Your CSM scopes the additions during onboarding.

Do you offer single sign-on and SCIM?

Yes — SAML 2.0, OIDC, and SCIM provisioning are included on enterprise plans. New joiners are auto-enrolled into the right modules based on department; leavers are de-provisioned automatically.

Can we white-label certificates and learner emails?

Yes — your logo is added to certificates and learner-facing emails on every enterprise plan. Single-tenant white-label and custom domain are available on request.

Related guides

Cybersecurity

NIS2 Directive: Who Must Comply? The Definitive Guide to Scope, Sectors, and Obligations in 2026

Education

Compliance Glossary: Key Terms and Definitions 2026

Cybersecurity

CISO Roles and Responsibilities: The Complete Guide for 2026

Ready to brief us on your team rollout?

Tell us your TISAX assessment scope (information security, prototype protection, data protection), your assurance level (AL 1, 2, 3), and your headcount across sites. We'll come back with a curriculum proposal, pricing, and a rollout plan within 1 business day.

Free proposal · response within 1 business day

Done-for-you TISAX training for automotive suppliers

Why TISAX awareness training is mandatory — not optional

Ready to brief us on your team rollout?

Free proposal · response within 1 business day