Policies and standards are documented in Confluence and managed in Jira. We use Confluence's formatting and layout features to display diagrams, flow charts, and other media.
In Jira, these are linked and managed. This means you can map their lifecycle and be warned of expiration, handle exception requests as linked tickets, and easily map policy updates.
Audits are presented in a similar way to Epics. In audits, all inquiries are collected and answered. If findings are made during the course of the audit that need to be addressed, they are also linked to the audit. All tasks created as part of the Findings are assigned as Measures or Controls to the respective Finding.
To ensure that companies in the automotive industry comply with governance, risk and compliance (GRC) compliance requirements and risks, TISAX was developed - a standardized information security assessment process.
TISAX certification includes a comprehensive review of IT infrastructure, security policies and procedures, and employee awareness for compliance with GRC requirements.
is used for incident reporting and control.
contains information on business partners and their security standards.
contains data on customers and their information security requirements.
enables the management of security processes and their implementation.
contains information about IT devices and their security status.
are used to review and improve safety standards.
can be managed and controlled with Jira and Confluence.
can also be managed and controlled with Jira and Confluence.
serves as a guide for information security in the company.
are offered to train employees on information security.