Integrating ISO 27001 and TISAX – A Customer Case Study

by Martin Hettwer published on November 07, 2023

The ISO/IEC 27001:2022 standard provides the requirements for an Information Security Management System (ISMS) as well as a listing of best practice information and cybersecurity controls (IC/ICC), contained in Annex A of the standard.

A portion of the IC controls provided in Annex A carry over into the Trusted Information Security Assessment Exchange (TISAX) Information Security Assessment (ISA) workbook released by the German Association of the Automotive Industry (VDA).

Leadership and commitment (Clause 5.1 (b) in ISO 27001 requires top management to ensure the integration of the information security management system requirements into the organizations (business) processes.

The purpose of this discussion is to show a customer case study and to reinforce the role of top management and process owners for the integration of processes and IC controls, to enable an effective and efficient information security management system that conforms to the TISAX ISA workbook.

Watch the recording to know more..


Martin Hettwer

Martin Hettwer is the Managing Director for Omnex Europe. He is also the Director of Integrated Management Systems, a senior consultant and certified corporate trainer for Omnex Inc. As an Operations and Program (APQP) Manager, he has launched nine (9) new manufacturing and assembly plants, and is a leading SME for new production facility launches. Previously employed by Toyota in their new product development group, Martin focused on gated Program Management for new vehicle and assembly plant launches.