Trusted Information Security Assessment Exchange (TISAX)

This page describes TISAX compliance controls in Databricks.

TISAX overview

TISAX (Trusted Information Security Assessment Exchange) is an information security assessment and exchange mechanism defined by the ENX Association on behalf of the German Association of the Automotive Industry (VDA). It standardizes how organizations in the automotive sector assess and share information security compliance, based on ISO/IEC 27001 and VDA ISA (Information Security Assessment) requirements.

Key points

• Developed for the automotive industry to ensure consistent information security assessments and trust between partners.
• Based on ISO/IEC 27001 with additional automotive-specific security and data protection requirements.
• Requires assessment by an accredited TISAX audit provider.
• Certification results are shared via the TISAX online platform managed by ENX.

Enable TISAX compliance controls

To configure your workspace to support processing of data regulated by the TISAX standard, the workspace must have the compliance security profile enabled. Only specific preview features are supported for processing regulated data. For details on the compliance security profile, supported preview features, and supported regions, see Compliance security profile.

Ensure that sensitive information is never entered in customer-defined input fields, such as workspace names, compute resource names, tags, job names, job run names, network names, credential names, storage account names, and Git repository IDs or URLs. These fields might be stored, processed, or accessed outside the compliance boundary.

To enable TISAX compliance controls, see Configure enhanced security and compliance settings.