12月重磅新闻 | BSI正式取得ENX VCS审核提供方资质,为汽车供应链网络安全保驾护航

我们很高兴地宣布,近日BSI已正式被VCS内部治理组织ENX协会正式认可,即日起可以提供面向中国本地市场的VCS评估服务。VCS标签为有志于开拓海外市场,尤其是欧洲市场的中国企业提供了有力支持。这一重要里程碑与BSI协助汽车行业实现数字信任的全球目标不谋而合。

In recent days, we are delighted to announce that BSI has been officially recognized by the VCS internal governance organization, ENX Association, and is now able to provide VCS assessment services specifically for the Chinese market. The VCS label empowers the Chinese companies who have ambition to explore the overseas market, especially in the European market. This significant milestone aligns with BSI's global goal of assisting Auto industries in achieving digital trust.

什么是ENX VCS?

ENX VCS即车辆网络安全(Vehicle Cyber Security),是ENX协会为汽车行业制定的道路车辆网络安全审核标准。该计划由 ENX 工作组中的汽车行业专家(原始设备制造商、供应商和服务提供商)制定并不断发展,允许汽车供应商根据 ISO/PAS 5112 指南提供已实施网络安全管理系统 (CSMS) 的标准化证明。这可用于证明公司满足了根据国际标准 ISO/SAE 21434 在供应链中实施 CSMS 的技术要求。建立并通过 VCS 评估还能更好地促进组织道路车辆的网络安全,以满足联合国发布的联合国 R155 条例的要求。

The ENX VCS is the Vehicle Cyber Security which is an auditing standard for road vehicle cyber security established by the ENX Association for the automotive industry. The scheme has been developed and is continuously evolved by experts of the automotive industry (OEMs, Suppliers and service providers) in the ENX working group, which allows automotive suppliers to provide standardized proof of an implemented cybersecurity management system (CSMS) in accordance with the ISO/PAS 5112 guideline. This can be used to prove that companies fulfil the technical requirements for implementing a CSMS in the supply chain in accordance with the international standard ISO/SAE 21434. Establishing and passing the assessment of VCS can also better promote the cyber security of organizational road vehicles to meet the requirements of UN Regulation R155 issued by the United Nations.

ENX VCS适用于谁?

随着成千上万合作伙伴之间的数据交换日益频繁,信息安全对全球汽车供应链的完整性至关重要。ENX VCS 适用于各级汽车零部件制造商,包括次级供应商、主要汽车品牌的海外经销商、汽车修理厂、与原始设备制造商 (OEM) 相关的物流和服务公司,以及汽车生态系统中涉及产品设计、工程、营销、信息和服务的公司。

With the increasing exchange of data among thousands of partners, information security is crucial for the integrity of the global automotive supply chain. ENX VCS is suitable for organizations such as automotive parts manufacturers at all levels, including sub-suppliers, overseas dealerships of major automotive brands, auto repair shops, logistics and service companies related to original equipment manufacturers (OEMs), as well as companies in the automotive ecosystem involved in product design, engineering, marketing, information, and services.

组织为何需要申请ENX VCS标签?

1ENX VCS 提供标准化机制,以证明组织符合网络安全标准 ISO/SAE 21434和ISO/PAS 5112指南。

2它减少了与冗余审核和各种专有认证计划相关的成本和工作量。

3其目的是免除原始设备制造商(OEM)创建和维护《可接受保证清单》的需要。

4ENX 通过管理包括 BSI 在内的经批准的审核服务提供商库和监督审核质量来提供管理。

ENX VCS offers a standardized mechanism for demonstrating compliance with cybersecurity standard ISO/SAE 21434 and ISO/PAS 5112 guideline.

It reduces costs and efforts associated with redundant audits and various proprietary certification schemes.

It aims to relieve OEMs from the need to create and maintain a list of acceptable assurances.

ENX provides governance through managing an approved pool of audit providers and monitoring audit quality.

重要说明

参与 ENX VCS 审核的前提条件是拥有已注册的 TISAX 范围或有效的 TISAX 标签。如果您的组织没有 TISAX,请先注册 TISAX,BSI在中国也能提供此项服务。目前,BSI 是极少数几家有能力提供 IATF 16949、ENX TISAX 和 ENX VCS 认证的标准机构,以赋能汽车行业高质量发展。

The prerequisite for participating in ENX VCS audits is having a registered TISAX scope or valid TISAX labels. If your organization does not have TISAX, please register for TISAX first, which BSI could also provide the service in China. At present, BSI is very few Standard body with ability to provide IATF 16949, ENX TISAX and ENX VCS certification to empower the Auto industry.

如果您有兴趣成为 ENX VCS 标签在中国的试点项目,欢迎咨询我们。Click here to inquire us if any interest to be the pilot of ENX VCS Label in China.

关于ENX协会

ENX协会成立于2000年,是一个由汽车制造商、供应商和四个国家汽车协会组成的联盟。它旨在实现和简化工业增值网络中安全可信的数据交换。ENX 是与 VCS 相关的评估和交流的法律实体和组织者。所有评估结果都将放在 ENX 平台上。ENX 维护审核提供商标准和评估要求(TISAX ACAR)。它负责批准审核提供商,监控实施质量和评估结果。

Founded in 2000, ENX Association is an organization consisting of automobile manufacturers, suppliers and four national automotive associations. The aim is to enable and simplify secure and trustworthy collaboration over industrial value-added networks. ENX is the legal entity and organizer for evaluation and communication related to VCS. All evaluation results will be placed on the ENX platform. ENX maintains the audit provider criteria and assessment requirements (TISAX ACAR). It approves audit providers and monitors the quality of implementation as well as the assessment results.