Amazon Web Services (AWS) has completed a Trusted Information Security Assessment Exchange (TISAX) assessment. This standard provides the European automotive industry a consistent, standardized approach to information security systems.
Which AWS Regions are covered by the TISAX certification?
Regions assessed at TISAX very high protection level (AL 3) for the control domains Information Handling and Data Protection:
Europe (Ireland), Europe (Frankfurt), US West (Oregon), US East (Ohio), US East (North Virginia), Canada (Central), and Asia Pacific (Seoul).
The scope ID and assessment ID for the ENX portal are SP208R and AYZ38F-1, respectively.
Regions assessed at TISAX high protection level (AL 2) for the control domains Information Handling and Data Protection:
Europe (Paris), Europe (London)
The scope ID and assessment ID for the ENX portal are STRN58 and AYZ39G, respectively.
Which AWS services are covered by the TISAX certification?
The TISAX assessment is service-agnostic (i.e., it doesn’t test controls unique to services) and regions are assessed instead. All AWS services deployed in an assessed region are considered certified provided that the region is successfully assessed.
What is the TISAX certification?
TISAX is a European automotive industry-standard information security assessment (ISA) catalog based on key aspects of information security such as data protection and connection to third parties.
To complete the TISAX assessment, AWS was successfully audited by an accredited independent assessor. Due to the regional nature of the assessment, the assessment scope is limited to the EU.
Who created the TISAX standard?
TISAX was developed by the Association of the German Automotive Industry (VDA) in partnership with an association of European automotive manufacturers, called the European Network Exchange (ENX).
The current version of the ISA standard was released in 2020.