top of page

01

definition of the scope

Due to the complexity of the topic, we recommend joint analysis and selection of a pilot series in order to be able to make adjustments quickly and efficiently step by step. A complete implementation across the entire company in one step is usually very complex and risky. The pilot creates clarity, optimization options and gives you security of action!

02

GAP - analysis according to ISO/SAE 21434

We compare the pilot's status quo and the requirements based on the ISO/SAE 21434 standard and give you a valuable overview of where you stand as a company.

The analysis shows you specifically which areas of your cyber information security management system are already compliant with the standards and where areas are not covered and specific action is required. We also give you recommendations on the measures, an estimate of the expected expenditure and the duration of implementation.

03

Implementation of the measures mentioned in the CAP analysis

We support you in the introduction of ISO/SAE 21434 in the pilot environment and contribute our automotive and ISMS experience, because the individual sections of the standard do not manifest a predetermined order, but rather the standard sees itself as a framework for the establishment and continuous expansion of the CSMS.

04

Rollout of the pilot solution to the entire organization

After you have implemented ISO/SAE 21434 in one area, we will support you in incorporating the internal experience from the pilot and help you with the rollout of the standard in the other relevant areas as needed.

How does our ISO/SAE 21434 consulting work

Our process at a glance

I would be happy to work with Mr. Salvador and his team again on the next project. Thank you and all the best!

Andreas Freitag, BMW AG

My TISAX® audit went smoothly and was successful right from the start. We were able to demonstrate our information security in accordance with TISAX® and can now win new automotive customers.

Gaps in our preparation and testing were closed promptly and high-quality documents were delivered by Opexa. I can only recommend the team around Klaus Höllerer, Klaus Kilvinger and Thomas Salvador.

Dr. Samir Kadunic, MAASU GmbH

When reviewing customer requirements in the area of TISAX®, the company urgently needed advice. Thanks to the help of Opexa Advisory GmbH, we were able to meet our customer requirements and also achieve our goals with significant cost savings.

Opexa Advisory is the ideal partner due to its many years of automotive experience, project know-how and competent, efficient and uncomplicated support.

Herbert Schmidt, Dennemeyer & Co. GmbH

What our customers say

Frequently asked questions about ISO/SAE 21434 Consulting

Gibt die Norm konkrete Maßnahmen vor?

The standard defines a framework and not specific requirements for cybersecurity technologies or solutions. Basically, the standard requires the implementation of a CSMS that enables active management of (potential) vulnerabilities with regard to connected vehicles. Ideally, you start with the introduction of an ISMS - without losing sight of the CSMS components that are still pending - and add the vehicle-specific elements for the CSMS.

How long does it take to set up a CSMS?

Depending on the size and internal maturity level as well as the standards already implemented, the implementation can take between 6 months and 1 year. This is because the CSMS is usually implemented alongside day-to-day business and the internal resources required for this with process knowledge and development skills are usually closely integrated.

We already work according to TISAX® and IATF16949, is that an advantage?

On this basis, implementation can be accelerated because these processes, knowledge, organization and documents can be built upon. The following applies: the higher the level of maturity, the better and faster the implementation.

What other benefits can we expect?

Cyber risks and damage are reduced to a minimum through active management. By implementing and "living" a CSMS, the standard can support the entire company planning and make processes and responsibilities more efficient. It enables you to exploit your know-how and potential and take on a pioneering role in the market.

Cyber security and data protection are also playing an increasingly important role in cars, and the ISO/SAE 21434 standard is becoming mandatory for the approval of new vehicle types. The standard forms the basis for cyber security in the automotive sector and covers the most important phases in the entire life cycle of a vehicle. The standard supports the implementation of a cyber security management system (CSMS), which enables active management of (potential) vulnerabilities with regard to networked vehicles. It thus creates transparent and clear added value for all users.

ISO/SAE 21434 Implementierung
Einfach gemacht

Unsere Partner 

bottom of page