TISAX-Certified Annotation Platforms: What It Means for AV Data

TISAX-certified annotation platforms meet the information security requirements that European automotive OEMs and Tier-1 suppliers demand from vendors handling production vehicle sensor data. Kognic holds TISAX Assessment Level 3, the highest level required for processing high-protection automotive data.

Key Takeaways

• TISAX is the automotive industry's standard for information security, governed by the ENX Association and required by most European OEMs for vendors processing production vehicle data.
• Assessment Level 3 (AL3) is the highest TISAX level and is required when handling high-protection data, including production sensor streams from autonomous driving programs.
• Kognic is TISAX AL3 certified. The certification covers the full annotation pipeline: ingest, labeling, quality assurance, and delivery.
• Annotation platforms without TISAX certification cannot process production sensor data for European OEMs without exceptions or workarounds. For most autonomy teams, that disqualifies the vendor.
• You can verify any vendor's TISAX status directly through the ENX portal at portal.enx.com/en-US/TISAX.

What Is TISAX?

TISAX (Trusted Information Security Assessment Exchange) is the German automotive industry's information security framework, governed by the ENX Association on behalf of VDA (Verband der Automobilindustrie, the German Association of the Automotive Industry).

It exists because automotive supply chains involve hundreds of vendors handling sensitive data: vehicle blueprints, prototype specifications, raw sensor recordings from test fleets, and customer information. Every OEM used to audit every vendor independently, which was duplicative and expensive. TISAX consolidated this into a single certification model. A vendor gets assessed once by an accredited auditor, and the result is recognized by all OEMs participating in the network.

TISAX is administered through the ENX portal. Assessments are performed by accredited audit providers and follow the VDA Information Security Assessment (ISA) catalogue, a structured set of controls covering information security, data protection, prototype protection, and connection security.

Why TISAX Matters for AV Annotation

Autonomous driving programs generate enormous volumes of sensitive data. Camera footage, LiDAR point clouds, radar streams, and behaviour logs from test fleets fall under high-protection categories under the VDA ISA catalogue. They contain proprietary vehicle setups, identifiable individuals in some cases, and reveal the OEM's testing locations and strategies.

When an OEM contracts an annotation vendor, the vendor inherits responsibility for protecting that data through the full annotation pipeline: data ingest, annotator workstations, quality review systems, and delivery infrastructure. If any of those have weak controls, the OEM's data is at risk.

TISAX certification gives OEMs a single, recognized signal that the vendor meets the information security baseline. Most European OEMs now require TISAX certification before signing production contracts. Vendors without it are typically limited to non-sensitive pilot programs or simulation data.

For AV annotation specifically, the protected data tends to include:

• Multi-sensor recordings from production or pre-production test vehicles
• Annotation guidelines that reveal model architecture and performance gaps
• Edge case datasets that document where current models fail
• Customer-specific labeling ontologies that encode product roadmap information

How TISAX Assessment Levels Work

TISAX defines three Assessment Levels, mapped to the protection needs of the data being handled:

• Assessment Level 1 (AL1): Self-assessment, no external audit. Suitable for vendors handling only normal-protection data.
• Assessment Level 2 (AL2): Plausibility check by an accredited auditor, including a remote evidence review. Required for high-protection data with lower risk profiles.
• Assessment Level 3 (AL3): Full on-site audit by an accredited auditor with deep evidence review and process observation. Required for high-protection and very-high-protection data, including production sensor streams from autonomous driving programs.

For AV annotation vendors handling production OEM data, AL3 is the level that matters. AL1 is essentially self-declared and AL2 doesn't reach the depth of audit that OEMs typically require for production contracts.

Each assessment is valid for three years and must be renewed through the same process. Vendors must maintain controls between audits and can be subject to follow-up checks.

What an AL3 Audit Actually Covers

An AL3 audit is not a paper exercise. The auditor examines evidence across the full ISA catalogue, with specific focus on:

Governance and risk management. Information security policies, risk assessment processes, supplier management, incident response, and business continuity planning. The auditor verifies the policies exist, are followed, and are reviewed regularly.

Access control and identity management. Multi-factor authentication, least-privilege access, account lifecycle management, and audit logging. For an annotation vendor, this includes how annotator accounts are provisioned, what data each annotator can access, and how access is revoked.

Physical and environmental security. Office access controls, server room security, asset management, and clean-desk policies. For remote-first annotation operations, this extends to home office security and device management.

Operations security. Patch management, vulnerability scanning, malware protection, network segmentation, and secure development practices.

Data protection. Encryption at rest and in transit, data classification, retention policies, and secure deletion. For an annotation vendor, this includes how OEM data is stored, who can export it, and how it is destroyed after contract end.

Supplier and connection security. Third-party risk management and secure connections to OEM systems.

The auditor verifies each control through documentation review, technical testing, and interviews with personnel across multiple levels of the organization.

TISAX-Certified Annotation Platforms in 2026

The number of annotation platforms holding TISAX certification at AL3 is small. Most general-purpose labeling platforms (Scale AI, Labelbox, V7, SuperAnnotate) do not publicly list TISAX certification. CVAT is open-source and not a managed service. Annotation platforms focused on the European automotive market are the most likely to be certified.

Verifying current status is straightforward: the ENX portal at portal.enx.com/en-US/TISAX lets you search for a vendor by name and see their current assessment status, level, and the data labels included.

If you are evaluating annotation vendors for a European OEM program, ask each vendor for their TISAX scope ID and verify it directly. Don't rely on marketing pages that mention TISAX without specifying the assessment level or scope.

Kognic's TISAX Status

Kognic holds TISAX Assessment Level 3, the highest level. The certification covers the full annotation pipeline:

• Data ingest from customer cloud storage and direct upload
• Annotator workstations and accounts
• Quality assurance and multi-tier review systems
• Annotation tooling and platform infrastructure
• Export and delivery back to customer systems

You can verify Kognic's TISAX status directly on the ENX portal. TISAX AL3 means Kognic meets the security baseline for production autonomous driving programs at the major European OEMs (BMW, Mercedes-Benz, Volkswagen group, Volvo, Stellantis) as well as Tier-1 suppliers operating in those supply chains.

How to Evaluate TISAX Status When Choosing an Annotation Vendor

Four steps to verify before signing:

1. Ask for the TISAX scope ID. Every certified entity has a public scope ID on the ENX portal. If the vendor cannot provide one, they likely do not hold a current certification.
2. Verify the assessment level. AL1 self-assessments are not equivalent to AL3 audits. For production OEM data, only AL3 should be considered.
3. Verify the scope of the assessment. The certification might only cover certain offices, certain services, or certain data types. Check that the scope includes the activities relevant to your contract.
4. Check the validity date. Certifications expire after three years. A vendor with an expired status has no current certification.

For some programs, OEMs additionally require a separate Data Protection (DP) label or a Connection-to-Third-Parties (CTP) label on top of the base assessment. Confirm with the OEM's procurement team what labels apply to your project before committing to a vendor.

Frequently Asked Questions

What is TISAX certification?

TISAX (Trusted Information Security Assessment Exchange) is the German automotive industry's information security certification, governed by the ENX Association on behalf of VDA. It standardizes information security audits across automotive supply chains so that a single assessment is recognized by all participating OEMs. TISAX assessments are based on the VDA ISA catalogue and are performed by accredited auditors.

Which annotation platforms have TISAX certification?

Kognic holds TISAX Assessment Level 3 (the highest level) certification, covering the full annotation pipeline from ingest through delivery. Most general-purpose labeling platforms do not publicly list TISAX certification, since their primary market is not European automotive. To verify any vendor's current TISAX status, search the ENX portal at portal.enx.com/en-US/TISAX with the vendor name. 

What is TISAX Assessment Level 3?

Assessment Level 3 (AL3) is the highest TISAX level. It requires a full on-site audit by an accredited auditor with deep evidence review and process observation across the VDA ISA catalogue. AL3 is required for vendors handling high-protection and very-high-protection automotive data, which includes production sensor streams from autonomous driving programs.

Is TISAX required to annotate data for European OEMs?

For production contracts with European OEMs handling sensitive vehicle data, TISAX is effectively required. Vendors without TISAX certification are typically limited to non-sensitive pilot work, public datasets, or simulation data. The exact requirement depends on the data classification of each project and the OEM's procurement standards.

How long is a TISAX certification valid?

TISAX certifications are valid for three years from the date of assessment. Renewal requires a new assessment cycle with the accredited auditor. Vendors must maintain the controls covered by the certification between audits and may be subject to follow-up checks.

What is the difference between TISAX and ISO 27001?

ISO 27001 is the international standard for information security management systems, recognized across industries globally. TISAX is specific to the automotive industry and uses a control catalogue (VDA ISA) tailored to automotive supply chain requirements. ISO 27001 is broader; TISAX is deeper for automotive use cases. 

Can a US-based annotation platform get TISAX certified?

Yes. TISAX is run by ENX in Germany but is open to vendors from any region. The assessment is performed against the same VDA ISA catalogue regardless of vendor location. US-based or other non-European annotation platforms can pursue and hold TISAX certification.

How can I verify a vendor's TISAX status?

Search the ENX portal at portal.enx.com/en-US/TISAX with the vendor's name. The portal shows current assessment status, level, scope, and validity dates. Ask vendors to provide their TISAX scope ID directly. A vendor that cannot supply a scope ID likely does not hold a current certification.

Ready to learn more about how Kognic's TISAX-certified annotation platform handles your production data? Book a demo or explore the Kognic annotation platform and our ADAS annotation capabilities.