GRCCopilot
Sign In
United Nations Economic Commission for Europe (UNECE)

UNECE WP.29 R155

Mandatory automotive cybersecurity regulation requiring vehicle manufacturers to implement a Cybersecurity Management System (CSMS)

Start Assessment Create Free Account
19
Controls
19
Questions
Active
Status

About this Framework

UNECE WP.29 Regulation No.155 establishes mandatory cybersecurity requirements for vehicle manufacturers seeking type approval in participating markets. The regulation requires organizations to implement a Cybersecurity Management System covering risk assessment, threat monitoring, incident response, vulnerability management, and secure lifecycle management of connected vehicles.

Key Control Domains

Cybersecurity Governance
Vehicle Cybersecurity
Risk Assessment
Vulnerability Management
Incident Response
Supply Chain Security
Threat Intelligence
Secure Engineering

Who Needs This?

  • Automotive OEMs
  • Vehicle Manufacturers
  • Automotive Suppliers
  • Connected Vehicle Providers
  • Autonomous Vehicle Developers

Compliance Benefits

  • Regulatory compliance for vehicle type approval
  • Improved resilience against automotive cyber threats
  • Enhanced vehicle lifecycle security
  • Alignment with global automotive cybersecurity requirements

Official Reference

UNECE WP.29 R155 Official Regulation
https://unece.org

Assessment Details

Issuer / AuthorityUnited Nations Economic Commission for Europe (UNECE)
FrameworkUNECE WP.29 R155
Controls19
Questions19
StatusActive
Assessment Start03 Jun 2026

Share this Assessment

Share this permanent link with your team, clients or auditors.

https://grcopilot.app/frameworks/unece-wp29-r155

Sign in to begin this assessment

Create a free GRC Copilot account to access this and 50+ other security and compliance frameworks.

Sign In Register Free