top of page


We are a team of 4 UK-based TISAX consultants who deliver services worldwide. We have a 100% success rate and helped companies in the UK, Germany, Poland, the US, Brazil, China and Australia to achieve TISAX AL2 and AL3 labels.

We offer a truly unique customised service which is based on your requirements. Our consultants will help you fully prepare for TISAX audits and obtain competitive audit quotes.


Please note that we offer TISAX consultancy services but not certification audit services. 

Our aim is to make sure achieving the TISAX label is less stressful for your team by taking all the burden. We will fully manage your project to guarantee you are meeting deadlines.

TISAX is an information security assessment based on ISO 27001, 27017 and some automotive-specific controls. OEMs created TISAX assessments to ensure information security in their supply chain. 

Many organisations worldwide have already achieved TISAX labels, so OEMs have a choice to select suppliers with valid TISAX labels. To ensure your company's continual delivery of goods or services to OEMs, you need to achieve the TISAX label.

Usually, OEM will contact you with the request to achieve AL2 or AL3 label by a particular deadline. If you have received such a request, contact us now for a free consultation and overall advice on your project.


The project normally starts with us performing a gap analysis of your current policies and procedures against TISAX requirements. We would then be able to advise you on any gaps and the most efficient way to close them. We will prepare the project plan and agree with you on important milestones, including dates for your TISAX audit.

Preparation for the audit phase timelines would depend on your readiness for the audit. It could be as little as 1 month or could extend to 6-12 months. We will be able to advise you on a realistic timeframe once we have an understanding of your Information Security Management System (ISMS).


We will collaborate with various stakeholders in your business, such as Top Management, IT, HR, Legal, Facilities, DevOps, etc., to ensure they all understand their roles and responsibilities. We could deliver TISAX training to your staff.

As part of the ISMS implementation phase, we would also perform risk assessments, and internal audits, deliver Top Management Reviews and advise on best information security practices. We will draft all required ISMS documentation.

Once you are ready for the TISAX audit, we will represent your business during the audit. We will establish contact with the audit provider and will share TISAX documentation with them before the audit. We will be present during all TISAX audit sessions. Once the audit is completed and the audit report is ready, we will advise you on closing any audit findings (non-conformities and observations). You will have 9 months after the audit to remediate the findings. If your overall audit result is minor non-conform, you will be able to share a temporary TISAX label with your partner. 

TISAX labels are valid for 3 years from the date of your initial TISAX assessment, so you will not have annual surveillance audits as in ISO 27001. During this 3-year cycle, we will help you to maintain your Information Security Management System to ensure continual improvement.

Please see below the overview of the usual TISAX process explained in 5 steps. At the bottom of this page, you can review the list of our TISAX clients.

Make sure you contact us today for a no-obligation TISAX consultancy quote. We will help you throughout the whole process, and you will not regret choosing us as your consultants.

Your TISAX Journey in 5 steps

Step One

Engage AKRUP

Start your journey by bringing us on board. We have a 100% success rate and we will make this process easy and stress-free for you. Contact us today to get a quote.

Step Two

Prepare for the TISAX® Audit

Our consultants will make sure you are 100% ready for the audit. From project management, document drafting, to engaging TISAX auditor, you will be in good hands with us. This phase could last 1-6 months depending on your ISMS maturity.

Step Three

TISAX® Audit

We will assist you throughout all audit activities and represent your company during the audit. AL2 audits are perfomed remotely and last around 4 hours. AL3 audits are always perfomed on-site for about 4 days.

Step Four

Remediation Phase

Our experts will ensure you close all non-conformities and other findings. This phase could last up to 9 months from the audit date. From our experience, it is usually around 1-2 months.

Final Step

Achieve the TISAX® label 

Now you are awarded your well-deserved TISAX label, which will last for 3 years. You have to maintain your ISMS annually, and AKRUP consultants will be happy to perform all maintenance tasks for you.

We are proud to work with these amazing companies

bottom of page