TISAX Trusted Information Security Assessment Exchange
As the assessment result of an information security capability commonly recognized and trusted by the automotive industry, it further promotes the upstream and downstream enterprises in the industry (such as component manufacturers, suppliers, service providers) to meet the VDA-ISA information security assessment of different parties (mainly OEMs). At the same time, its evaluation results can further recognize, exchange and trust each other, thereby reducing frequent audits by different OEMs. TISAX has become a mandatory requirement of VDA for information security, and a prerequisite for supplier purchase orders, project cooperation, data exchange, and qualification renewal.
Valid for three years, no need to repeat audit. Based on security trust between enterprises. Recognition of the participants.
Security Audit of Volkswagen WFS5 Anti-theft Parts
This assessment is based on the consulting and construction work prior to the relevant audit in accordance with Volkswagen's unique anti-theft parts safety standards, namely WFS5&WFS6. Scope of assessment: development, matching and production of electronic control systems and their components for vehicle applications, powertrains of hybrid and electric vehicles and their components (excluding battery cells), and the production and equipment and tools required for production and maintenance, as well as related information systems, infrastructure and personnel.
WP29 CSMS regulatory requirements
The European Union has made cybersecurity mandatory for vehicles entering the EU. The EU will incorporate the principles specified in the current WP.29 Network Information Security Regulation into the EU legal framework and ensure consistency with other EU regulations (e.g. emissions, maintenance information, member states and/or EU general rules on information security)
ISO/SAE 21434 Cybersecurity for road vehicles
One of the important reference standards for vehicle network security system and process construction, IOS/SAE 21434 puts forward requirements for network security risk management for road vehicles and their components, interfaces, etc., and defines the vehicle life cycle including vehicle engineering, production, operation, maintenance and Decommissioning related phase requirements. Products designed, produced, and tested through this standard mean that they have certain network security protection capabilities.
Standard system construction consulting
Core - Information Security
1. Information security management system construction based on ISO27001 2. Information security management system construction based on TISAX&WFS 3. The construction of cloud service information security management system based on ISO27017 4. Based on ISO27018 public cloud personally identifiable information security management system construction consulting
Support - operation and maintenance management
ISO2000OIT operation and maintenance management system construction and ITIL consulting Glorytime provides ITIL and ISO20000-based operation and maintenance management system construction consulting work for various parties and information service providers ISP
Support - Business Continuity
Based on ISO22301 Business Continuity Management System Construction Consulting
Development - Asset Management
ISO55000 Asset Management System Construction Consulting Glorytime provides customers with all-round comprehensive solutions from six perspectives: strategy and planning, asset management decision-making, full life cycle realization, asset information, organization and personnel, risk and review
Industry Compliance Consulting
Provide enterprises with compliance system integration and implementation consulting
Committed to helping enterprise managers master the relevant laws and regulations related to corporate compliance, compliance management, internal control, comprehensive risk management, internal audit, internal compliance operation management, construction of compliance management system, compliance evaluation and application of results, and compliance in business areas Comprehensive case analysis of compliance management, professional competence in compliance management personnel training and cultural construction, and "slimming", integration and implementation consultation on various standards and regulatory requirements that enterprises have established
Multi-system integration consulting
Consultation on Level 2 and Level 3 Protection Assessments in various industries
Enterprise entities that meet the requirements of Class Guarantee 2.0 and the corresponding level declaration, expert review, construction and integration of Class Guarantee system and technology and support for the evaluation process.
Consultation on Financial
Including banks, securities and futures, and insurance funds can provide regulatory compliance consulting, including but not limited to technology risk, comprehensive risk, technology outsourcing, continuity, data governance, production and change management, etc.
Consultation on pharmaceutical clinical industry
Various consultations on industry information security, privacy protection and compliance auditing.
Multi-system integration consulting
Information Security Service Qualification
Security development class Safety Engineering
Disaster backup and recovery service qualification
Qualification consulting for disaster backup and recovery services
Information system integration qualification