ESS Achieves TISAX “Very High” Protection Level

• Share on Facebook
• Share on LinkedIn
• Share on X
• Email this Page

On January 28, 2026, ESS confirmed the TISAX assessment for the Very High Availability and Strictly Confidential Objectives. (see the certificate here)

Your prototype data, your future vehicle designs, your confidential paint shop specifications. When you share these with a software partner, you need certainty they won’t end up somewhere else.

TISAX (Trusted Information Security Assessment Exchange) is an assessment and exchange mechanism for the information security of enterprises, developed by the ENX Association and published by the Verband der Automobilindustrie (German Association of the Automotive Industry or VDA). TISAX concerns the secure processing of information from business partners, the protection of prototypes and data protection in accordance with the General Data Protection Regulation (GDPR) for potential business transactions between automobile manufacturers and their service providers or suppliers. The VDA established TISAX in 2017 together with the ENX Association.

ESS holds TISAX label at the “Very High” protection level, enabling the secure handling of strictly confidential data with very high confidentiality and availability requirements.

What this means for you:

You can share sensitive CAD data, paint specifications, and engineering documentation with ESS knowing it meets the same security requirements all Tier 1 suppliers must satisfy.

Why ESS pursued this:

Paint shop simulation sits at the intersection of design confidentiality and manufacturing reality. Our customers share body-in-white geometries months or years before production. They share process parameters that represent decades of R&D investment. That information deserves protection that matches its value.

What changed internally:

Security improvements are an ongoing part of how ESS operates. They are embedded into system design and operational foundations, ensuring that customer collaboration and data handling remain stable, familiar, and uninterrupted. This isn’t visible in daily operations, which is the point. Security that requires constant attention from users is security that will eventually fail.

Beyond compliance:

TISAX also aligns ESS with upcoming European regulations like NIS2 and CRA (Cyber Resilient Act). The automotive supply chain is raising its baseline requirements. Meeting them early is simpler than catching up later.

ESS has held the TISAX label since 2022 and now we successfully confirmed that the practices we built three years ago continue to meet evolving standards.

Your data stays your data.