Scribd
Upload
1K views2 pages

Stellantis TISAX FAQ

Uploaded by

Pepe Gonzalez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views2 pages

Stellantis TISAX FAQ

Uploaded by

Pepe Gonzalez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

How do I get a TISAX label?

You will need to register with ENX, prepare for, and complete an audit of your information
security program.

Visit ENX.com/TISAX to learn more about TISAX. ENX’s website has information about
registering, selecting an audit provider, and preparing for your audit, along with a plethora
of other information about TISAX.

Which TISAX label(s) do I need to get?

This depends on the type of services you provide Stellantis or the type of information you’re
handling for Stellantis. The diagram below was provided in the original bulletin about
Stellantis’ TISAX requirement.

Supplier Group TISAX Label(s)

Direct Material Suppliers

• With ADP < 6000 High Availability


• With ADP >= 6000
Very High Availability

Logistics providers

• Only using Stellantis‘ Supply Chain systems High Availability


• With (admin) access to Stellantis‘ Supply Chain
High Availability
systems

Aftersales/Parts and Services Suppliers High Availability

Manufacturing Equipment Suppliers

• No direct access into the Stellantis Network High Availability


• With direct access into the Stellantis Network
High Availability

Suppliers handling strategic or financial data Strictly Confidential

Suppliers handling customer/employee data

• Handling normal personal data Data


• Including special data according to GDPR
Special Data
ICT Suppliers (e. g. SaaS, IT Service providers, suppliers Strictly Confidential + Very High
with priviledged access to Stellantis‘ systems/network) Availability

Suppliers with direct access into Stellantis‘ network (more Optional


than being a user of Supplier Portal)

Suppliers not mentioned above No

It is the responsibility of the supplier to understand the services they provide Stellantis and
the Stellantis data they handle. Talk to your Stellantis purchasing representative or
business partner(s) if you need to verify your ADP or clarify the services you provide.

When do I need to obtain my TISAX label(s)?

You need to obtain your TISAX label(s) by Q3 2026. It can take up to, or more than a year to
obtain a TISAX label. Preparing for a TISAX audit can be a large undertaking, so do not delay
your registration and begin preparing immediately.

Where can I learn more about TISAX?

Visit ENX.com/TISAX to learn more about TISAX. ENX’s website has information about
registering, selecting an audit provider, and preparing for your audit, along with a plethora
of other information about TISAX.

I have a question for the Stellantis Cybersecurity team

You can contact the Stellantis Cybersecurity team for cybersecurity related questions at
[email protected]. Please use the subject line “TISAX - <Name of your
company>” in your email to assist us in assigning the message to the right contact.

Note: The Cybersecurity team does not know what services you provide, or what your ADP
is. You should contact your Stellantis business partner for questions about your ADP or the
services you provide Stellantis.

You might also like