top of page


Definition of the scope

Due to the complexity of the topic, we recommend the joint analysis and selection of a pilot series in order to be able to make the adjustments step by step quickly and efficiently. Because a complete implementation throughout the company in one step is usually very complex and risky. The pilot creates clarity, optimization options and gives you confidence in your actions!


GAP - Analysis according to ISO/SAE 21434

We compare the status quo of the Piloten  and the requirements based on the ISO/SAE 21434 standard, giving you a valuable overview of where you stand as a company.

The analysis specifically shows you which areas of your cyber information security management system are already compliant with the standard and where areas are not covered and where there is a specific need for action. In addition, we give you recommendations for the measures, an estimate for the expected expenditure and the duration of the implementation.


Implementation of the measures mentioned in the GAP analysis

We support you with the introduction of ISO/SAE 21434 in the pilot environment and bring in our automotive and ISMS experience, because the individual sections of the standard do not manifest a predetermined order, but the standard understands rather than a framework for establishing and continuously expanding the CSMS.


Rolling out the pilot solution to the entire organization

After you have implemented ISO/SAE 21434  in one area, we will support you in incorporating the internal experiences from the pilot and help with the rollout of the standard in the other relevant areas as required.

How does our ISO/SAE 21434 consultation work

Our process at a glance

I would be happy to work with Mr. Salvador and his team again on the next project. Thanks and all the best!

Andreas Freitag, BMW AG

My TISAX® audit went smoothly and was successful right away, we were able to prove our information security according to TISAX® and can now win new automotive customers.

Gaps in our preparation and exam were closed in a timely manner and high quality documents were delivered by Opexa. I can only recommend the team around Klaus Höllerer, Klaus Kilvinger and Thomas Salvador_cc781905-5cde-3194-bb3b-136bad5cf58d.

dr Samir Kadunic, MAASU GmbH

When examining customer requirements in the area of TISAX®, there was an urgent need for advice in the company. Thanks to the help of Opexa Advisory GmbH, we were able to meet our customer requirements and also achieve our goals with significant cost savings.

Opexa Advisory is the ideal partner because of its many years of automotive experience, project know-how and competent, efficient and uncomplicated support.

Herbert Schmidt, Dennemeyer & Co. GmbH

What our clients have to say

​Common questions about ISO/SAE 21434 Consulting

Does the standard specify specific measures?

The standard defines a framework and not specific requirements for cybersecurity technologies or solutions. Basically, the standard requires the implementation of a CSMS that enables active management of (potential) weak points with regard to connected vehicles. Ideally, you should start with the introduction of an ISMS - without losing sight of the pending CSMS components and adds the vehicle-specific elements for the CSMS. 

How long does it take to set up a CSMS?

Depending on the size and internal level of maturity as well as the standards already implemented, the introduction can take between 6 months and 1 year. Because the CSMS is usually implemented alongside day-to-day business and the internal resources required for this with process knowledge and development skills are usually closely involved there.

We already work according to TISAX® and IATF16949, is that an advantage?

On this basis, the implementation can be accelerated, since the knowledge and organization as well as documents can be built on these processes. The following applies: The higher the level of maturity, the better and faster the implementation.

What other benefits can we expect?

Cyber risks and damage are reduced to a minimum through active management. By implementing and "living" a CSMS, the standard can support the entire corporate planning and make processes and responsibilities more efficient. It enables you to exploit your know-how and potential and to take on a pioneering role in the market.

Cyber security and data protection also play an increasingly important role in the car, the ISO/SAE 21434 standard is becoming mandatory for the approval of new vehicle types. The standard forms the basis for cybersecurity in the automotive sector, it includes the most important phases in the entire life cycle of a vehicle. The standard supports the implementation of a cyber security management system (CSMS), which enables active management of (potential) vulnerabilities with regard to connected vehicles. It thus creates transparent and clear added value for all users.

ISO/SAE 21434 implementation
Made easy

Our Partners 

bottom of page