Meet ComplAIIntelligence: Your AI-powered teammate for risk & complianceLearn more
All framework guides

Help Center · Framework guide

UN Regulation No. 155

UN R155 · Manufacturing · Global · v2025/5

AutomotiveUNECECSMSManufacturingType Approval

Overview

UN Regulation No. 155 addresses cybersecurity management systems for vehicles and related type-approval requirements.

31 controls available in ComplAI for this framework.

Who it's for

  • Automotive OEMs and suppliers
  • Manufacturers seeking type approval in UNECE markets
  • Vehicle cybersecurity and product security teams

Why it matters

Cybersecurity is now a type-approval gate. Mapping CSMS requirements to controls supports audit and regulatory readiness.

Cybersecurity management systemRisk assessment for vehiclesMonitoring and incident responseSupply-chain cybersecurity

How ComplAI helps

  • Activate UN R155 in the Framework Library to load its control catalog
  • Assign owners, track compliance status, and attach evidence per control
  • Use risk register and issues workflows when controls fail or deviate
  • Export readiness views for leadership and auditors

Sample controls

  • §6

    CSMS certificate of compliance

    governance
  • §7.2.1

    CSMS establishment and verification

    governance
  • §7.2.2.1(a)

    Organizational cyber security processes

    governance
  • §7.2.2.1(b)

    Vehicle type risk identification

    risk management
  • §7.2.2.1(c)

    Risk assessment, categorization and treatment

    risk management
  • §7.2.2.1(d)

    Risk management verification

    risk management

Getting started

  1. Open Framework Library and activate UN R155
  2. Review the control list and prioritize high-impact domains
  3. Attach policies, procedures, and technical evidence
  4. Mark controls audit-ready and monitor residual gaps