Support for the OEM
Discover the most suitable methods and solutions for cybersecurity according to ISO/SAE 21434
Cybersecurity needs are rapidly evolving in the automotive industry, in the face of the growing spread of cyber threats to vehicles and passengers.
If your organization needs resources for the management of compliance with the principles of the ISO/SAE 21434 standard, the consultancy service is the solution to access specialist knowledge from the phase of negotiation.
With a dedicated team by your side, you’ll have flexible support with proven expertise to guide you through changes in cybersecurity, in accordance with threat protection standards, such as ISO/SAE 21434.
What you will get from the consultancy:
- Correct application of the legally required cyber security standards throughout the life cycle of the work product, from the review of the initial architecture of the systems to the formalization of the final Cyber Security Concept, as required by ISO/SAE 21434
- Strengthening of the cybersecurity processes through targeted audits of the internal organization, regarding roles, responsibilities, procedures for handling cyber incidents, and practices for improving the level of cybersecurity
- Secure management of the supply chain, with our support for the selection, assessment and auditing of suppliers
- Conducting of in-depth analysis for the verification and assessment of cyber security using penetration testing tools and drawing on in-depth expertise in the world of regulatory standards
- Collection of the evidence gained from the TARA (Threat Analysis and Risk Assessment) for the detailed study of potential threats, ensuring that all risks are correctly identified and mitigated, with the evaluation of vectors and consequences of a cyber attack
- Development and implementation of the management system that meets the requirements of ISO/SAE 21434 in the long term, including cybersecurity policies and training programs for monitoring levels of cybersecurity
Contact us to carry out your cybersecurity projects with the help of consultancy.
Support for Tier 1
Discover the most suitable methods and solutions for compliance with R155, R156, ISO/SAE 21434 and ISO 24089
If the market demands compliance with the requirements of the standards dictated by the regulations R155, R156, ISO/SAE 21434 and ISO 24089, your organization is required to plan actions for improving cybersecurity, which increase the security of the items from the design phase.
Consultancy is given to help you adapt to the standards, with targeted services for:
- Strengthening of the cyber security processes starting with an initial audit of the organization, regarding roles, responsibilities, procedures for handling cyber incidents, and gaps vs. regulatory requirements
- Drawing up the Cybersecurity Interface Agreement (CIA), agreeing with the OEM on the activities to be developed regarding the interfaces between the different systems and components within the vehicle ecosystem, in accordance with ISO/SAE 21434
- Correct application of the legally required cybersecurity standards throughout the life cycle of the item, from the review of the initial architecture to the formalization of the final Cyber Security Case, as required by ISO/SAE 21434
- Conducting of in-depth analysis for the verification and assessment of cybersecurity using penetration testing tools and drawing on in-depth expertise in the world of regulatory standards
- Collection of the evidence gained from the TARA (Threat Analysis and Risk Assessment) for the detailed study of potential threats, ensuring that all risks are correctly identified and mitigated, with the evaluation of vectors and consequences of a cyber attack
- Development and implementation of the management system that meets the requirements of ISO/SAE 21434 in the long term, including cybersecurity policies and training programs for monitoring levels of cybersecurity
Contact us to carry out your cybersecurity projects with the help of consultancy.
TISAX area
Verifying compliance with certification schemes and the TISAX management system
TISAX (Trusted Information Security Assessment eXchange) is the certification based on the assessment of the security of information exchanged in the supply chain of the automotive sector.
The standardization mechanism was developed by the German Association of the Automotive Industry (VDA) and is managed by the ENX Association. TISAX certification ensures that automotive companies meet a uniform standard of cybersecurity, particularly with regard to the passing of sensitive data between manufacturers, suppliers of devices and service providers.
How we support your organization throughout the TISAX certification process:
- Definition of a plan for implementation of the TISAX mechanisms, checking for areas for improvement regarding cybersecurity
- Identification of measures for mitigating risks relating to cybersecurity
- Planning of the internal audits formally required in the assessment according to the TISAX schemes, reporting any non-conformities to be resolved
- Development of a clear cyber security policy that outlines your organization’s commitment to cybersecurity, in terms of objectives and employee responsibilities
- Finalization of the Cyber Security Management System, taking into account internal risk management, access, physical and environmental security, supplier relations, business continuity, encryption and response to cyber incidents
Fulfillment of the requirements for the security of TISAX information with the help of consultancy.
Faq
Recommended Posts
Why choose us
We are a company in the TÜV Rheinland group with an established reputation in the automotive sector
Specialist skills in the field of ISO/SAE 21434 from the phase of negotiation
Single interface for the management of cyber security, analysis, auditing and mitigation measures
We adopt a targeted approach based on the complexity of the project, following the guidelines of industry standards