ISO/IEC 27001: Ensuring Information Security at Porsche
Porsche AG’s Information Security Management System (ISMS) is certified according to the international ISO/IEC 27001 standard. This certification covers the confidentiality, integrity, availability, and authenticity of corporate information as well as the protection and availability of IT systems. Porsche takes a holistic approach to protecting corporate assets, aligned with internationally recognized standards.
The certification focuses on the secure handling of information throughout its entire lifecycle – from collection to use to deletion. Audits at multiple sites also review practical implementation in offices, IT facilities, and data centers. The accredited certification body confirmed the establishment and application of an ISMS in line with ISO/IEC 27001 requirements for the development and operation of IT services across the following areas:
- Digital Architecture & Transformation
- Digital Backbone
- Digital Vehicle Services
- Digital Solutions Customer
- Delivery
- Employee
- Finance
- Product
- Logistics
TISAX: Trust and Security in the Automotive Industry
TISAX (Trusted Information Security Assessment Exchange), a VDA standard, strengthens supply chain resilience through standardized audits. In addition, TISAX certification helps Porsche meet future legal requirements such as the EU NIS-2 Directive on information security.
In Q4 2024, Porsche was successfully assessed by independent auditors according to TISAX, demonstrating the effectiveness of its ISMS.
In line with the principle of “Together we protect Porsche”, Porsche AG leads by example: TISAX certification is also required of Porsche subsidiaries and all suppliers involved in critical business processes.
