Skip To Main Content

> ENX and TISAX              > Assessment Levels and Audit Areas              > FAQ's

FAQ

Required TISAX Labels: Click here

The only valid alternative is an ISO 27001 certificate, which covers the products and services provided to PACCAR.

In case you have received a request to achieve TISAX and want to use your ISO 27001 certification instead, please direct your request to Cybersecurity: CybersecurityNA@PACCAR.com.

Supplier needs to provide a pdf of the ISO 27001 certificate, expiry date and scope description.
In addition supplier declares that the scope of the ISO 27001 certificate covers the products and services provided to PACCAR.

The TISAX process includes a mechanism to deal with identified issues in a reasonable time frame for up to 9 months while preliminarily receiving the TISAX Label. Suppliers are obliged to obtain the required TISAX Label before the deadline.

The total cost of gaining TISAX Label is a sum of ENX Registration, Auditor fees and potential remediation costs where applicable. Further information can be found www.enx.com.

TISAX is a generic assessment scheme and its use is not limited to PACCAR, suppliers are responsible for being TISAX compliant and will pay all associated costs.

All sites of a supplier that are utilized for manufacturing and/or delivery of parts/products/services to PACCAR are in scope for TISAX compliance.

Suppliers must share their TISAX Label with PACCAR on the ENX platform as described in the TISAX handbook. PACCAR requires that suppliers enable audit information sharing in ENX to make progress visible to PACCAR listed as ‘participant ID PYT3F4’. The audit result in ENX becomes available to PACCAR for monitoring. The level of sharing should be at least “A+Labels".

Via the website: www.enx.com. Also review the TISAX handbook, that can be found on this website.

There are cyber security and TISAX consultancy service providers in Europe, North America and Asia/Pacific. Suppliers can make their own choice to arrange support.

Yes, PACCAR may for example have approached you to provide deliverables in the context of the R155/R156 regulation. These requests and the supply chain cybersecurity related requests run in parallel.

If after careful review of the FAQ an answer cannot be found, please submit your question to: PACCAR Cybersecurity: cybersecurityNA@paccar.com.

A WORLD OF OPPORTUNITY AWAITS. LEARN ABOUT CAREERS AT PACCAR ➝