ISO/SAE 21434 Template SERIES

Cybersecurity Plan Template 
(acc. to ISO/SAE 21434)

Cybersecurity Plan Template (acc. to ISO/SAE 21434:2021)
[Customizable Word/Excel file]

Along ISO/SAE 21434 Road Vehicles - Cybersecurity Engineering, the Cybersecurity Plan is a fundamental work product necessary for orchestrating all cybersecurity activities throughout the development lifecycle of vehicles and its components. As a key work product that lays the foundation for effective cybersecurity engineering in automotive and vehicle development. This plan is crucial for ensuring that all relevant cybersecurity activities are planned, executed and documented. Proper preparation and elaboration of the Cybersecurity Plan are essential, as this document lays the foundation for all cybersecurity-related efforts. Therefore, it is advisable for those responsible to have a professional approach to this task established and applied – for example, in the form of our professional template.

By using our template (incl. customizable Word file, a corresponding checklist + an additional Work Product Task Plan template as Excel file), teams can ensure that their Cybersecurity Plan is comprehensive, structured, and in line with the ISO/SAE 21434 standard, thereby improving the cybersecurity posture of automotive products.

 Important: The Cybersecurity Plan (in ISO/SAE 21434:2021, Clause 9 it is [WP-06-01]) is a mandatory work product to ensure compliance with ISO/SAE 21434.

Trusted by leading automotive OEMs and suppliers
Empty space, drag to resize
Overview

Information about this template

By purchasing the Cybersecurity Plan template offered here, you will receive working materials designed to simplify the creation and management of this work product.

This template Cybersecurity Plan consists of three documents:

Template

An open Word template file (file format: .dotx, open file) for the elaboration of the work product
Checklist

A supplementary checklist as Excel template file (file format: .xltx, open file) including a short instruction on how to use it during the development of the work product
Work Product Task PLAN

A Work Product Task Plan as additional Excel template file (file format: .xltx, openfile) for planning and tracking all Cybersecurity relevant work products in a development project

This template includes extensive information and explanations about the work product Cybersecurity Plan in general, as well as the exact procedure for its custom/tailored development.

Write your awesome label here.
Cybersecurity Plan Template
The Word template file is designed to facilitate the complete processing of the Cybersecurity Plan according to a predefined structure. The template file is an open working document that can be filled individually according to the associated instructions. All essential information can be entered along predefined sections, as provided for by the work product in the proper formulation.
  • Format: Word
Cybersecurity Plan Checklist
Within the Checklist Excel file you will also find brief instructions with explanations of how to work with the checklist and the associated working methods in your organization-specific context.
  • Format: Excel
Write your awesome label here.
Write your awesome label here.
Work Product Task Plan
The Cybersecurity Work Product Task Plan (provided as an open Excel file) provides you with a simple basis for identifying and tracking cybersecurity-relevant work products (in accordance with ISO/SAE 21434) within a development project in the form of a dedicated tracking document, which makes it easier for you to monitor your elaborations and ensure compliance with ISO/SAE 21434 in the project. (Includes a short explanation on how to fill in the document).
  • Format: Excel
Benefits

Benefits of using our Word/Excel template as an ISO/SAE 21434 template for your project

The Cybersecurity Plan is a key work product that describes the project level specific cybersecurity activities for a (vehicle/automotive) development project. It provides details and interdependencies with internal and external partners on a project. The Cybersecurity Plan document is created for the project level and hence can be considered as complementary to a given Cybersecurity Management System (CSMS) which is created at organizational level. The Cybersecurity Plan serves as a reference for decision-making and helps with alignment between customers/suppliers regarding scope and requirements around cybersecurity implementations. As a "living" document, the Cybersecurity Plan is intended to be a comprehensive source of information (also required as a dedicated Work product by ISO/SAE 21434) to track in detail the dependencies, resources, responsibilities and the progress of the implementation of cybersecurity activities (with their respective levels of maturity) along all phases of the lifecycle.

Using this Cybersecurity Plan template offers you the following benefits:

  • Ensuring conformity with the requirements of ISO/SAE 21434
  • Providing overview of required cybersecurity activities and supporting reasonable time and effort estimations
  • Utilization of best-practice know-how from the real vehicle development projects
  • Simplification of documentation and associated preparation processes
  • More efficient working methods in proper and correct preparation
  • Promoting cooperation between different disciplines and, if necessary, across organizations between suppliers and OEMs
Additional INFO

Supplementary information on Cybersecurity Plan along the ISO/SAE 21434

How do you track and monitor everything that is required in terms of cybersecurity in an automotive/vehicle development project? This question needs special attention, especially with regard to the entire lifecycle, all resources involved, all responsibilities (and much more).

The Cybersecurity Plan, as required by ISO/SAE 21434, provides a structure for tracking all cybersecurity activities in development projects that fall under the relevance criteria of automotive cybersecurity.



Purpose of the Cybersecurity Plan
In every vehicle development-specific development project, project-specific cybersecurity management must be carried out, not least with the help of the Cybersecurity Plan as a dedicated work product of the ISO/SAE 21434 standard. Whether referencing the actual project plan or included in the project plan, the Cybersecurity Plan (which is continuously updated incrementally during the project) has the task of ensuring the following aspects:

  • Holistic overview, comprehensive planning and documentation of realization of cybersecurity activities in an automotive development project (according to the requirements of ISO/SAE 21434).
  • Meeting the demands of creating an overview and ensuring communication regarding the responsibilities and accountabilities for cybersecurity activities in a development project.
  • Creation of a continuously maintained source of information for all dependencies, personnel responsibilities, resource requirements and further information on activities and work products.
  • Dedicated tracking of progress in cybersecurity activities through the incrementally maintained Cybersecurity Plan document.



Content of the Cybersecurity Plan

According to ISO/SAE 21434 the Cybersecurity Plan should include at least the following:

  • objective of an [cybersecurity] activity,
  • dependencies on other activities or information;
  • personnel responsible for performing an activity;
  • required resources for performing an activity;
  • starting point or end point, and the expected duration of an activity; and
  • identification of the work products to be produced.
Thousands of users in various functions and roles already benefit from our content

Who is the template Cybersecurity Plan for?

Our template Cybersecurity Plan is aimed at a broad spectrum of professionals in the automotive and vehicle development industry, both on the OEM and supplier side, as well as experts involved (service providers, consultancies, freelancers, etc.). In view of the interdisciplinary challenges and the need for comprehensive cooperation, the target group includes in particular those involved in working practice in the following domains:
Cybersecurity managers

Professionals who are responsible for overseeing the overall cybersecurity strategy and implementation.

Project managers and Project leaders

People responsible for overseeing new products/development projects, including compliance with (cybersecurity) standards and coordination between different teams and organizations.


Software developers and Software architects

Those who design and implement the expected functionalities of the product.

Hardware engineers

Specialists who are involved in the development of the physical components of the system and ensure their integration into the overall system.


Quality managers and Risk Management Officers

Professionals who ensure that the development results meet the defined quality standards and safety requirements and (cybersecurity) risks are identified and managed accordingly.

Systems engineers/system Architects

Specialists responsible for the preliminary system architecture and the definition of system boundaries, who also need to understand how cybersecurity considerations are integrated.


Cybersecurity specialists

Professionals who deal with the identification of potential security threats and the development of appropriate protective measures.

Cybersecurity and functional security consultants


External experts who support companies in the implementation of security standards and practices.


Trusted by global automotive professionals

Our industry-proven resources are adopted by top OEMs and Tier N suppliers worldwide.

Attendees of our Level 1 and 2 Automotive Cybersecurity Professional courses

Officially issued personal certificates TÜV Rheinland Certified Qualification

Slides with world-class expertise in applied automotive cybersecurity
WHAT OUR CLIENTS SAY

From the virtual classroom to the industry: Participant quotes on their learning experience

Discover the impact of our automotive cybersecurity video training through the eyes of those who've experienced it firsthand. From seasoned professionals to rising stars, our participants share how our program has transformed their skills, boosted their careers, and prepared them to tackle the evolving challenges in vehicle security.
"The ACP training is the ideal way to get a quick introduction to the topic of cybersecurity at the vehicle level. Highly varied didactic materials set the ground for an informative and entertaining training."

Frank Langner
Functional Safety and Cyber Security Manager at Aston Martin
"Prepared very well, and the trainers provided a number of relevant examples based on their professional experience. If Automotive security is within your scope, I strongly recommend this training."
Saber Ferjani
Application Security Engineer at TomTom
"The training gave an extensive overview about Automotive Cybersecurity taking into account the entire Product Lifecycle. Finally, it is a solid basis to continue with the learning path up to the Automotive Cybersecurity Professional Expert Level."

Sven Schran
Product Security Officer at Robert Bosch
"The ACP Level 1 Training by CYEQT Knowledge Base was very informative and well-structured, covering the essentials of the ISO/SAE 21434 standard. The course was engaging and interactive, including questionnaires between the chapters. The overall experience was amazing."

Anna Stylianou
Secure Car Specialist at SBD Automotive
ABOUT THE AUTHORS

Expert knowledge from +100 industry professionals just one click away

The training courses and video learning content offered by the CYEQT Knowledge Base are a truly unique learning resource, not only because of the breadth and depth of the learning material, but also because of the high level of practical relevance.

The nearly one hundred experts who have been involved in creating our content to date all have many years of experience in applied automotive cybersecurity (in accordance with UN Regulation No. 155, ISO/SAE 21434 and beyond) at OEMs and Tier N suppliers.
Write your awesome label here.
Empty space, drag to resize
Empty space, drag to resize
Secure your access to the ISO/SAE 21434 Templates today

How to Access the Template "Cybersecurity Plan"
 (acc. to ISO/SAE 21434:2021)

  • Secure Payment: Our encrypted system ensures the highest level of security for entering your data and processing your payment.

  • Instant Access: After successful purchase, you’ll receive immediate access to the ACP Role Based video course via your personal login. Enjoy maximum flexibility and learn at your own pace.

  • Certificate Upon Completion: Once you’ve completed the course and passed the chapter quizzes, you will receive a personalized Certificate of Attendance as a downloadable PDF.

01.

Registration:
Enter your details to create an account on the platform. This account will be used to access your purchased content.

02.

Billing Details:
Provide your billing information to ensure the automated generation of a correct invoice. Business customers, please have your VAT-ID ready.

03.

Payment Method:
Choose your preferred payment method from the available options. Do you have a discount code? Enter it here

04.

Complete Your Order:
Click the "Buy" button to confirm your booking. You will receive an order confirmation and access details via email.
Empty space, drag to resize

Need the course access for someone else?

If you’re purchasing for an organization, department, or team, or require customized purchasing processes (quote, purchase order, etc.), please contact us directly: learn@cyeqt.com
Empty space, drag to resize
Guaranteed Security using one of the most advanced encrypted systems on the market.
The information in this page is being processed and encrypted securely using industry-leading encryption and fraud prevention tools.
FAQs

All you need to know about our
ISO/SAE 21434 Templates

1. Who is the template for the Cybersecurity Plan intended for?

The template Cybersecurity Plan is designed for a wide range of professionals in the automotive and vehicle development industry, including cybersecurity managers, project managers, quality managers, systems engineers, sw/hw engineers and developers, cybersecurity specialists, and cybersecurity and functional safety consultants.

2. What does the template contain?

The template includes predefined sections for all essential information that must be recorded as part of the Cybersecurity Plan, including Project dependent Cyberecurity Management, Distributed Cybersecurity activities, Continual Cybersecurity activities, Concept, Product Development, and more.

The scope of delivery includes:
(1) An open Word file (as an open Word template file with branding of CYEQT Knowledge Base),
(2) a supplementary checklist (as an open Excel template file with branding of CYEQT Knowledge Base),
(3) and an additional Work Product Task Plan template (as an open Excel template file with branding of CYEQT Knowledge Base).

3. How does the template help with ISO/SAE 21434 compliance?

The template is specifically designed to meet the requirements of ISO/SAE 21434. It provides a structured approach to create a Cybersecurity Plan document, facilitates the identification and documentation of security risks and supports the systematic collection and management of information relevant to cybersecurity engineering.

4. Can the template be adapted to specific project requirements?

Yes, the template is designed to be flexible and can be adapted to the specific requirements of your project. It serves as a starting point that can be expanded and modified as required to reflect the uniqueness of each development project.

5. How does the template support interdisciplinary collaboration?

The template promotes collaboration between different disciplines by providing a common framework for documentation and the exchange of information. It facilitates communication between system engineers, software and hardware teams and security experts and helps all parties involved to develop a common understanding of the product's cybersecurity requirements.

6. What happens if my project has very specific or unique requirements?

The template is designed as a general and flexible tool that can be adapted to a wide range of project requirements. If you encounter specific challenges that are not directly addressed in the template, we recommend that you complete the extensions and adaptations yourself based on the given structures or contact our experts to discuss customized solutions or adaptations.

7. Are supplementary training courses or introductions to the Cybersecurity Plan available?

Around the entire topic area of cybersecurity development along ISO/SAE 21434, you will find introductions and training materials to help you get started with the template and ensure you realize its full potential on the CYEQT Knowledge Base online training platform (e.g. Cybersecurity Plan - Video course). These resources are designed to provide you with an advanced understanding of the structure and purpose of the various work products around ISO/SAE 21434. For individual training needs or consulting support with the template, please contact us.

8. How is support provided after purchasing the template?

Please note that the purchase of the Cybersecurity plan template as a stand-alone digital product does not entitle you to support for the actual work and implementation of the work product. After purchasing the template, you will automatically receive the purchased files digitally. Possible questions regarding technical support or questions regarding the application and customization of the template as well as the solution of specific challenges that may arise during use are not part of the scope of delivery. However, our aim is to ensure that you can use the template effectively for your project requirements by including extensive explanations on how to handle the documents.

9. How is the template updated to keep pace with new developments?

Please note that you will receive this template as a digital product at the time of purchase; regular updates are not part of the purchase contract. Currently (2024), the present template complies with the latest requirements and best practices of ISO/SAE 21434:2021 (the "First Edition", published in 2021) and is based on real project work in the vehicle development context.
DISCOVER OUR SUBSCRIPTION OPTIONS

Skip the ACP training course? Sure. Focus on the topics you need!

Prefer a more flexible approach to learning? With our subscription plans, you can access our Automotive Cybersecurity video courses and focus only on the content that aligns with your current needs. Gain valuable insights on demand, without committing to the a ACP Level program.

Please note: Certificates and eligibility for TÜV-Rheinland-Certified Qualification programs are only available through the complete ACP Level trainings.
20
courses are UP AND RUNNING
+50
COURSES ARE
READY FOR RELEASE
Empty space, drag to resize
Write your awesome label here.

We’d love to hear from you.

We are here to help you with any questions you may have about ordering and purchasing, using the learning platform or general inquiries.

Please note: We can process enquiries sent to us by email/message more quickly.

CONTACT US NOW

Any questions, suggestions or comments? Please use the contact form below and we will answer your inquiry very soon.

TIP: SEND US AN EMAIL

The easiest way for us to answer your questions is by email. Please send your email to our service team via: learn@cyeqt.com

PERSONAL HELP VIA PHONE

Call us to get your questions answered in a personal conversation. Reach our service team here:
+49 89 9275 4198 0

MEET US IN MUNICH (DE)

We would love to meet you in person for a coffee. To arrange an on-site meeting in Munich (Germany), simply contact us.
Empty space, drag to resize

Get in touch!

Would you like to find out more about the CYEQT Knowledge Base and our services or do you already have a specific request?

Our dedicated team is at your disposal and looks forward to hearing from you.

Please use the form on the right to send us a message.

Drop us a message here.

First Name
Last Name
E-mail address
Your message
Thank you!
CYEQT Knowledge Base has established itself as a global authority and essential resource in the field of sustainable automotive cybersecurity. With a unique ecosystem designed for sustainable skills development and true empowerment, it sets new standards for professional development in one of the most challenging areas of the globally connected automotive industry.

In addition to the subscription-based video learning platform for individuals, larger teams and organizations, which is continuously expanded through exclusive partnerships with leading training providers, the Munich-based company also offers a wide range of practical expert knowledge, complemented by training formats (live/video), ISO/SAE 21434-compliant certifications with TÜV Rheinland, practice-oriented templates and tailored coaching and mentoring programmes.

 Unlock your next favorite newsletter

Thank you!
By submitting this form, you confirm that you agree to storing and processing of your personal data by CYEQT Knowledge Base as described in our Privacy Policy.
Empty space, drag to resize

Scrolled down this far? Join hundreds of automotive pros passionate about applied cybersecurity.

Follow CYEQT Knowledge Base on LinkedIn for exclusive vehicle industry updates, latest knowledge blog postings and more.

RESOURCES

COMPANY

LEGAL

© 2025 CYEQT Knowledge Base GmbH. All rights reserved. All content on this website, including but not limited to videos, text, graphics, charts and slides, are protected by copyright. Any unauthorised reproduction, distribution, retransmission or other use constitutes a copyright infringement and will be prosecuted.