Specification of the CSMS
The objective of the formal and structured Specification Cybersecurity Management System (CSMS) is to enable the company to develop, produce and operate cybersecure products. Such products may be vehicles, consumer products, industrial installations, components or backend services.
Quma is shipped with a flexible Cybersecurity Management System (CSMS) that can be used out-of-the-box or adapted to existing structures. It enforces a clear structure, which greatly improves the usability and process maturity. Presented below is an extract of Qumas approach to the CSMS.
Policy
The policy is the entry point of the Cybersecurity Management System (CSMS) that ties all it's elements together. It defines the scope of the CSMS, manages the releases of the sub elements and defines the responsibilies for all cybersecurity activities.
Work Instructions
Work Instructions explain in some detail how to perform the individual activities within the cybersecurity process. They also detail the purpose, prerequisites and provide acquired know-how.
Checklists
Checklists contain all the collected knowledge of the company in the form of individual requirements and present the basis for formal reviews or reports.
Processes
The processes are best displayed in diagrams, presenting cybersecurity related activities and their relations to each other. It is good practice to relate each procedure (each box) of a process directly with a work product or work instruction.
Templates
Templates are standardized frameworks for each work product. They define what the expected evidence for each cybersecurity activity looks like and prompt the individual steps described in the work instruction.
Qumasoft
Better automotive cybersecurity, but at half the cost and in half the time.
Get in touch!
...