• Documentation Review: Comprehensive analysis of existing security policies, procedures, and ISMS documentation

• Stakeholder Interviews: Structured discussions with IT team, security officers, leadership, and process owners

• Control Mapping: Initial identification of implemented security controls against VDA ISA 6.0 framework

• Scope Definition: Determination of applicable assessment objectives from the 10 available categories (Protection Need, Availability, Data Protection, etc.)

• Asset Inventory: Cataloging of critical information assets, systems, and processes

• Current State Analysis: Evaluation of existing security posture and maturity level

 

Key Deliverables:

• Initial security maturity assessment report

• High-level gap identification summary

• Scope recommendation for formal assessment

• Resource requirement estimation

• Project timeline and milestone planning

 

Result: Initial report with general overview of security maturity and readiness level