TISAX ยท Enjinia Blade Division

Technical firepower when your team needs reinforcement.

VDA ISA 6.0 has technical control expectations that most advisory firms cannot implement because they do not have the engineers on staff to do the work. Asset inventory at the CAD workstation level. Identity federation across the IT/OT boundary in a prototype garage. Network segmentation between your corporate environment and the bench-test infrastructure where pre-series firmware runs. MDM with geofenced restrictions in R&D zones. Our engineering practice exists to execute this work directly, embedded with your platform and security engineering teams. We are not a staffing firm placing resources by the hour. We are a delivery team that builds, configures, and hands off technical controls that the auditor will verify against live systems.

  • Core TISAX Implementation The full-scope engineering build-out for companies that need a complete technical control environment stood up against VDA ISA 6.0. We scope the environment, select the tooling against your existing stack, implement the controls across IT, OT, and prototype-facing systems, instrument the ISMS with logging and monitoring that produces evidence on demand, and train your team to operate what we built. Typical duration is 4 to 6 months running in parallel with an advisory engagement or as a follow-on. We deliver identity, access, endpoint, network, classification, and prototype protection control sets as an integrated program.
  • Fast-Track TISAX Engineering When your advisory partner has an ISMS on paper but no engineering capacity to implement the controls before audit, we come in as the delivery team. Fast-track engineering assumes the policies, procedures, and scoping are already defined and the remaining work is execution. We take the ISMS control matrix, the maturity target for each control, and the audit timeline, and we build. This is a 6 to 10 week engagement with a senior engineering lead and a small delivery pod. Our output is live, auditor-ready controls, not documentation about controls we plan to build next quarter.
  • TISAX Technical Recovery When an audit produced non-conformities that require technical remediation before the CAP can close, and your internal engineering team does not have bandwidth or specialist depth, we take the findings list and execute against it. We have remediated identity federation failures across hybrid Active Directory environments, rebuilt network segmentation between IT and OT zones that failed AL3 on-site verification, implemented prototype access control integrations that the original deployment missed, and closed logging gaps that made evidence collection impossible during the initial assessment. Scope is defined by the findings list. Timeline is defined by the audit provider's follow-up date.
  • Prototype Protection Engineering TISAX labels for Proto Parts, Proto Vehicles, and Test Vehicles have technical control requirements that go far beyond anything in ISO 27001. Physical segregation validated by badge system integrations. Camera systems with retention and access policies that pass AL3 on-site review. Mobile device restrictions enforced by MDM geofencing inside R&D zones. CAD workstation hardening with DLP rules tuned to automotive file formats. Supplier portals with data classification controls that prevent pre-series designs from flowing outside approved channels. Our prototype protection engineers have built these programs end-to-end, and we take on this scope standalone or as part of a broader TISAX implementation.

Engineering engagements deliver working technical controls, not designs for controls. Our engineers operate in your environment with your tooling, document against your architecture conventions, and validate against the specific VDA ISA 6.0 control language the audit provider will use on assessment day. Every engineering engagement includes post-build hardening, runbook documentation written for your operations team, and audit-day support where our engineers answer questions directly alongside yours.

Includes:

  • Core TISAX Implementation
  • Fast-Track TISAX Engineering
  • TISAX Technical Recovery
  • Prototype Protection Engineering
  • Identity, Access, and Endpoint Control Build-Out
  • Network Segmentation Across IT/OT Boundaries
  • Logging and Evidence Automation Infrastructure
  • Runbook Documentation and Audit-Day Engineering Support