Overview of VDA Information Security Assessment
The VDA Information Security Committee of the VDA (German Association of the Automotive Industry), which was established over 10 years ago, has developed a catalogue of assessment criteria on information security based on key aspects of the international ISO/IEC 27001 and 27002 standards: VDA ISA (VDA Information Security Assessment).
This instrument is used by VDA member companies for
- internal purposes
- external assessments at suppliers and service providers who process sensitive information of their respective partners
So far, assessments according to VDA ISA, particularly at service providers and suppliers, are handled individually by each requiring company. Therefore, it is possible that a partner is assessed several times at short intervals.