ISO/ SAE 21434 (Threat and Risk Assessment CSMS)

The increasing digitalization and networking of road vehicles is associated with both opportunities and risks. It is essential for the automotive industry to protect both vehicles and their occupants from the risk of cyber attacks. As vehicle manufacturers rely on specialized suppliers for safety-relevant components and systems, these suppliers must demonstrate the use of a cybersecurity management system (CSMS).

ISO/SAE 21434 is primarily concerned with the identification and assessment of critical elements and their risks throughout the lifecycle of organizations’ systems and processes to ensure that cybersecurity is “built in” from the outset. The standard focuses on “threat analysis and risk assessment” (TARA) methods to ensure the effectiveness of organizations' cybersecurity management systems.

• The audit criteria are relevant for the automotive sector, and the assessment and reporting procedures are standardised
• Certification to ISO/SAE 21434 is a basis for conformity with UN ECE 155/156  
• Neutral attestation by TÜV NORD CERT of compliance with ISO/SAE 21434 provides transparency and builds trust of customers and business partners 
• Cost and risk reduction through identification and elimination of digital security gaps from the very beginning 
• Lowest possible risk of errors and faults and therefore of reputational damage
• Your customer focus, performance capability, quality and security all become visible to third parties
• Transparent feedback from competent TÜV NORD security experts help you to develop as a learning organisation
• You have certified proof of continual improvement in the level of your security against cyber crime