In the automotive industry, the networking of business processes between companies is giving rise to increasing risks in information processing. A specialized working group of the German Association of the Automotive Industry (VDA) therefore develops recommendations and tools for its members to protect information. (Further information on this topic can be found on the website of the VDA).
In close cooperation, a VDA view was also created for verinice which simplifies the processing of ISA questions on the basis of ISO 27002 and facilitates the submission of results. This allows an Information Security Assessment (ISA) according to the requirements of the VDA with verinice. Version 4.1.0 of the corresponding VDA ISA catalogue is currently available and will be valid from 01.01.2019.
A beta version is currently available for verinice. Please note: The initial post and the thread are German only, however the link for the English beta version is embedded.
verinice version 1.18 supports the VDA ISA catalog version 4.1.0 for TISAX in German and English language. In the VDA perspective, users can carry out information security assessments including the additional modules prototypes, third party integration and data protection.
The beta version previously presented here is now available as standard in verinice 1.18, and the final catalog now contains all information on the maturity model, requirement levels, KPIs and other relevant information on the performance of an assessment.
The report templates are not yet part of Release 1.18, but will be delivered at short notice.
The questionnaire is also interesting for users outside the automotive sector: It enables a guided self-assessment of the state of information security in one's own company and thus an introduction to the topic of IS management.
To carry out an IS assessment with verinice, you need a verinice client. Get the latest verinice version directly from verinice.SHOP.