We are proud to announce that Ampure has achieved two of the most rigorous and respected information security certifications in the industry — TISAX (Trusted Information Security Assessment Exchange) compliance and ISO/IEC 27001 certification. These accomplishments reflect our unwavering commitment to protecting client data, securing our operations, and meeting the highest global standards for information security management.
This was an initiative led by the Ampure IT organization — spanning our headquarters in Monrovia, CA and our operations in Guanajuato, Mexico — representing a truly global commitment to security excellence.
An IT-Led Initiative with Global Impact
From the outset, this was an initiative championed and executed by the Ampure IT organization. Our IT team took ownership of the full scope — from gap analysis and control design to policy authoring, audit readiness, and ongoing governance — demonstrating that world-class security starts from within.
Critically, this program was not limited to a single site. Both of Ampure's primary locations were brought into scope and achieved compliance together:
Expertise, Independence, and a Fresh Start Done Right
When Ampure became an independent organization, our IT team saw it not as a challenge to overcome — but as a rare opportunity to build something better from the ground up.
Our team brought with it years of deep expertise in compliance, data protection, and information security earned within the automotive industry — one of the most demanding environments for security and regulatory rigor in the world. Rather than simply replicating what existed before, we applied that institutional knowledge to design something purpose-built for Ampure: leaner, more deliberate, and built for where we are going.
It was also an opportunity to prove what a smaller, more agile team can accomplish. With focused ownership, clear accountability, and the freedom to make smart decisions quickly, our IT organization delivered an enterprise-grade security program without the overhead of a large enterprise — and did so at a pace that reflects who Ampure is.
Agile by Design — Secure and Process-Driven by Commitment
One of the defining goals of this initiative was to demonstrate that agility and security are not in tension — they reinforce each other when the right foundations are in place.
Our IT team is smaller than what you would find at a large enterprise — and that is a strength. Decisions move faster, ownership is clear, and our team is deeply invested in outcomes. Rather than building layers of bureaucracy, we built a security program that matches our culture: structured and process-driven where it needs to be, and flexible and fast everywhere else.
A key design principle throughout was building a framework that can quickly adapt as new technologies and tools are onboarded — without requiring a full compliance cycle from scratch each time. In practice, this means:
• Principle-based security policies that stay relevant as specific technologies change — not brittle rules tied to a single tool or platform
• A streamlined security review process for onboarding new vendors, software, and systems — fast enough to support the business, rigorous enough to protect it
• Clear process ownership and documentation that empowers a lean team to manage a broad and evolving technology landscape
• Risk management that continuously weighs emerging threats against emerging capabilities — keeping security decisions current, not reactive
• Scalable control frameworks built to grow with Ampure — strengthening our compliance posture as the business grows
What This Means for Our Clients and Partners
These certifications are more than credentials — they are a promise to our clients, partners, and the industries we serve. Here is what you can expect from Ampure as a result of these achievements:
Our Journey to Certification
Achieving both TISAX compliance and ISO 27001 certification simultaneously represents the culmination of a comprehensive, multi-year security transformation program. Our teams across engineering, operations, legal, and leadership worked in close coordination to:
• Conduct a thorough gap analysis against TISAX VDA ISA and ISO 27001 Annex A controls
• Implement and mature over 90 security controls spanning access management, incident response, business continuity, and supplier security
• Conduct internal audits and management reviews to validate effectiveness
• Engage accredited external auditors and TISAX assessment bodies for independent verification
• Build a culture of security awareness through organization-wide training and communication
This achievement belongs to every member of the Ampure team whose dedication, diligence, and collaborative spirit made it possible.
Looking Ahead
Compliance is not a destination — it is a continuous journey. With these foundations in place, Ampure is positioned to:
• Expand our engagement with automotive OEMs and Tier 1 partners who require TISAX-certified vendors
• Pursue additional compliance frameworks and regional standards as our client base grows
• Invest further in security tooling, automation, and talent to stay ahead of the evolving threat landscape
• Share best practices with partners and contribute to raising the bar for information security across our industry
Security. Trust. Excellence.
These achievements reinforce Ampure's position as a trusted partner for organizations that demand the highest standards of data protection and information security. We look forward to continuing to earn your trust every day.
For more information
Contact your Ampure account representative or reach our security team at:
security@ampure.com | www.ampure.com/certifications-compliance