Getting Started

Getting Started on Change Management		status: valid
tags: security_management relates to: wf__cr_mt_security_plan, wf__cr_mt_security_package, wf__p_fs_audit_security, wf__p_formal_security_rv, wf__cr_mt_security_manual, wf__cr_mt_security_sbom, wf__mr_vy_security, wf__consult_exe_sec_training
doc_getstrt__security_management_process		Getting Started

This document and sub chapters describes the steps needed to be done to ensure compliance to Security according to ISO SAE 21434 (secrity standard used in the project). This document serves as the entry point or the first document to be read for the Security related processes in this project. All other sub processes are linked here and in sub chapters.

General Workflow

Some workflows/activities have to be done once (or when there is a significant change in project scope) and some have to be executed continuously. Some workflows have to be done centrally once in the project and some for each modules / sub teams. All these workflows are defined in the Security Management Workflows section.

Following workflows shall be done centrally or according to the project needs:

• Create/Maintain Security Plan

• Create/Maintain Security Package

• Create/Maintain Security Manual

• Create/Maintain SBOM

• Monitor/Verify Security

Some of the workflows are currently either tailored out or not in scope of this project (due to Out-of-Context development). Refer Tailoring Document Work Pro... (wp__tailoring_work_products) section for the details about tailoring.

Note

The term security is used here synonymously for the term cybersecurity as defined in ISO SAE 21434.