Frequently asked questions about TISAX

Frequently asked questions about TISAX

Terms & Conditions

活动对象:华为云电销客户及渠道伙伴客户可参与消费满送活动,其他客户参与前请咨询客户经理

活动时间: 2020年8月12日-2020年9月11日

活动期间,华为云用户通过活动页面购买云服务,或使用上云礼包优惠券在华为云官网新购云服务,累计新购实付付费金额达到一定额度,可兑换相应的实物礼品。活动优惠券可在本活动页面中“上云礼包”等方式获取,在华为云官网直接购买(未使用年中云钜惠活动优惠券)或参与其他活动的订单付费金额不计入统计范围内;

  • What's TISAX?

    Trusted Information Security Assessment Exchange (TISAX) is an assessment and exchange mechanism for the information security of automotive companies. It was set up by the German Association of the Automotive Industry (Verband der Automobilindustrie, VDA) and is administered by the European Network Exchange Association (ENX) on behalf of the VDA. The TISAX label is the automotive industry's first and only officially released information security label mechanism across the globe. It provides a common framework to streamline information security assessments in the automotive industry both in Europe and around the world.


    Huawei Cloud has earned the TISAX level-3 certification (very high need for protection) and label, which certifies Huawei Cloud's leading expertise in cybersecurity and data privacy protection, and its ability to provide cloud services of the highest security standard for the automotive industry.


    In addition, Huawei Cloud periodically reviews its information security management systems based on changing conditions. This ensures that Huawei Cloud services will always be protected by industry-leading capabilities in cybersecurity and data privacy protection.

  • What does the TISAX standard include?

    TISAX consists of three modules: information security, prototype protection, and data protection.


    Data protection specifies requirements on personal data protection as stipulated by article 28 of the European General Data Protection Regulation (GDPR). Any data processor must develop and implement appropriate measures to protect personal data in accordance with applicable laws and regulations.


    Prototype protection specifies physical and organizational requirements for the protection of vehicle prototypes (test vehicles and core part prototypes), covering end-to-end processes (such as transportation and parking) in vehicle prototype handling.


    Information security consists of three levels of protection requirements, which are evaluated based on the following control domains: physical security and business continuity, identity and access management, IT security/cybersecurity, supplier relationships, information security system and organization, and human resources. The three levels of information security include:


    1. General protection requirements (level-1 label, AL1): Only internal information is involved.


    2. High protection requirements (level-2 label, AL2): Confidential information is involved.


    3. Very high protection requirements (level-3 label, AL3): Secret information is involved.


    Huawei Cloud's TISAX certification is of the highest level. This certifies Huawei Cloud's qualification to provide secure cloud services for the automotive industry.

  • Can my organization become TISAX-certified automatically by using Huawei Cloud?

    Although Huawei Cloud has earned the TISAX certification and provides you with secure and reliable cloud services on this basis, using services provided by Huawei Cloud does not certify your organization's compliance with the TISAX requirements. TISAX certification requires us to establish, implement, maintain, and continuously improve the information security management system of our organizations based on the TISAX guidelines, standards, and best practices. To have your organization certified, you can contact a TISAX certifying body to initiate the certification.