White Paper "Information Security Risk Management"

The objective of this White Paper is to inform companies in the automotive industry with regard to risk-oriented information security management and to enable those to establish an effective information security risk management. It is intended to support organizations in preparing or conducting a TISAX assessment to meet the requirements of the VDA ISA control question 1.4.1. It´s content it is to be considered as implementation recommendations, not as a mandatory requirements.

本白皮书旨在向汽车行业的企业传达风险导向型信息安全管理的理念，并助力其构建高效的信息安全风险管理机制。该文件旨在支持组织准备或执行TISAX评估，以满足VDA ISA控制问题1.4.1的要求。其内容应被视为实施建议，而非强制性要求。