Skip to main content
All CollectionsTISAX
TISAX: NC's & Temporary Labels
TISAX: NC's & Temporary Labels
Fabiola Munguia avatar
Written by Fabiola Munguia
Updated over 12 months ago

During the TISAX assessment process, your company might encounter non-conformities (NCs). Understanding the implications of these NCs, the available time for remediation, and the concept of temporary labels is crucial for successfully navigating this step.


Dealing With Non-Conformities

Dealing With Non-Conformities (Major NCs) ๐Ÿšจ

When a major non-conformity is identified, it signifies a significant immediate risk to your information security or raises doubts about the overall effectiveness of your ISMS. The first step is not to panic; there's a structured way to address this:

  1. Immediate Action: You're required to promptly implement compensating measures to mitigate any immediate risks highlighted by the major NC ๐Ÿ”ง.

  2. Corrective Action Plan: Develop and submit a corrective action plan to the audit provider, detailing how and when you'll address the major NC ๐Ÿ“.

Converting Major NCs to Minor NCs โžก๏ธ

With a satisfactory corrective action plan and its effective execution, major NCs can be downgraded to minor NCs after a follow-up assessment by the audit provider. This demonstrates your commitment to continuous improvement and can facilitate the progression towards certification.

Important โ—๏ธTimeframe for Remediation โณ

9-Month Window: You have a maximum of nine months from the closing meeting of the initial assessment to resolve all major NCs. Failing to do so requires starting the assessment process anew.

Handling Minor Non-Conformities (Minor NCs) ๐Ÿ› ๏ธ

Minor NCs do not pose significant immediate risks and don't cast doubt on the overall ISMS effectiveness. Like major NCs, they must be addressed without undue delay, but they offer a bit more flexibility in terms of immediate impact on the certification process.

You can find a detailed overview of these in this section of the ENX Handbook.


Temporary TISAX Labels ๐Ÿท๏ธ

  • For Minor NCs: If your overall assessment results in a "minor non-conform," you're eligible for temporary TISAX labels. These labels indicate that while minor issues were found, none were significant enough to prevent certification, provided these are resolved in the agreed timeframe.

  • Utilizing Temporary Labels: These can be beneficial in demonstrating to clients and partners that you're on the path to full compliance, maintaining trust and business continuity ๐Ÿค.

Find out more about Temporary Labels in this section of the ENX Handbook.


No Non-Conformities ๐ŸŒŸ

If no NCs are found, your organization's ISMS is deemed fully compliant with TISAX requirements, leading directly to certification. This ideal scenario reflects a well-prepared and effectively implemented ISMS.


Return to the main Certification Guide to progress further in your Certification Journey. Each step builds upon the last, deepening your understanding and implementation of the standards required for certification.

Did this answer your question?