Supplier Solutions Portal

How is the assessment carried out?

TISAX® assessments are always full audits, which means that all controls from each relevant area are checked.

The figure shows the principle behind the assessment procedure:

The extent and duration of the audit vary depending on the specified scope and the assessment label being aimed for. The applicable assessment method is then derived from:

Document based assessment /
Document based assessment with on-site inspection

An document based assessment based is the auditing of all relevant assessment points in accordance with TISAX® specifications, based on documents and other suitable records. In addition to this, there is a telephone interview or web conference with the client. For a document based assessment with an on-site inspection, instead of a telephone interview, the information specified is verified directly at the client's premises.

On-site assessment

The on-site assessment is the auditing of all relevant assessment points in accordance with TISAX® specifications on the client's premises/on-site at the client.

Here, the primary focus is on checking whether necessary information security processes have been implemented. For this purpose, documentation and guidelines are inspected on-site and assessed, and interviews are carried out. There is also a tour round the premises to assess physical security.


TISAX® is a registered trademark of the ENX Association.