TISAX consists of three modules: information security, prototype protection, and data protection.
Data protection specifies requirements on personal data protection as stipulated by article 28 of the European General Data Protection Regulation (GDPR). Any data processor must develop and implement appropriate measures to protect personal data in accordance with applicable laws and regulations.
Prototype protection specifies physical and organizational requirements for the protection of vehicle prototypes (test vehicles and core part prototypes), covering end-to-end processes (such as transportation and parking) in vehicle prototype handling.
Information security consists of three levels of protection requirements, which are evaluated based on the following control domains: physical security and business continuity, identity and access management, IT security/cybersecurity, supplier relationships, information security system and organization, and human resources. The three levels of information security include:
1. General protection requirements (level-1 label, AL1): Only internal information is involved.
2. High protection requirements (level-2 label, AL2): Confidential information is involved.
3. Very high protection requirements (level-3 label, AL3): Secret information is involved.
Huawei Cloud's TISAX certification is of the highest level. This certifies Huawei Cloud's qualification to provide secure cloud services for the automotive industry.