next-level information security certification

Ventrex, part of Aalberts fluid control, was recently awarded a TISAX (Trusted Information Security Assessment Exchange) certification. This certification covers the automotive industry and underwrites Ventrex' ability to provide customers with cutting-edge information security while remaining one step ahead of the competition.

strict requirements
Working with large automotive original equipment manufacturers (OEMs) and other manufacturers means cyber security is always a very present topic, as they work hard to protect their know-how and design innovations from interested competitors around the world. This is why suppliers are frequently monitored on how they comply with stringent information security requirements.

“They need to protect their intellectual property and TISAX is a vital tool in achieving this along the supply chain,” says Stefan Semlak, head of IT/data processing at Ventrex. “Certification also provides us with a competitive advantage, as there are very few suppliers within the German industry that are either TISAX or ISO 27001 certified. While for some companies cyber security is viewed as a threat, we believe it also enables us to distinguish ourselves in the market.”

“TISAX is basically a catalogue of controls structured in different areas within your business,” Stefan says. “In 2018 various customers asked us to become certified, which required a detailed review of all existing processes and their adaptation in information security procedures. At the same time, the implementation of new controls for secure communication, data handling and project security, challenged us to improve our IT infrastructure and building security. The most time-consuming part was to make all employees 'information security fit'. That required comprehensive awareness trainings and checks, which we achieved within 8 months, before becoming fully certified for a three-year period in April of this year.”

best practices
One of Stefan’s takeaways from the certification process is that a strong cyber system can open up new opportunities. “I know that some companies across Aalberts already have ISO 27001 certification, and they’ll recognise the value of implementing best practices and strong controls within the company to create a resilient security system. Being aware of how you deal with third parties along the supply chain, and managing that information closely, can lead to greater customer well-being and a competitive edge that attracts new business.”