We automate IoT cybersecurity compliance

Zealience Compliance Management Software (Z-CMS) automates documentation work required for ETSI EN 303 645, one of the best standards to prepare for IoT cybersecurity regulations (e.g. Radio Equipment Directive Delegated Act, Cyber Resilience Act and UK PSTI)

IoT devices

What is Z-CMS?

Zealience Compliance Management Software (Z-CMS) automates the generation of technical documentation required to demonstrate compliace with ETSI EN 303 645. This standard is regarded as one of the best standards for consumer and enterprise IoT product security compliance. Don't know where to start? Z-CMS assists and fast-tracks your compliance work in the following ways:

Automatically identify applicable requirements

At the beginning of your project, Z-CMS asks you simple questions about your target device in order to automatically identify applicable requirements (i.e., "provisions" in the ETSI EN 303 645's term). This scoping feature prevents you from wasting time on unnecessary work.

Zealience dashboard showing applicable provisions
Zealience software identifies risks of non-compliance

Simply answer 'Intelligent Q&A' to compile documentation

The major challenge of product cybersecurity compliance is to document all the required information. It requires deep technical knowledge and a lot of time. Manufacturers typically spend more than a year for this activity alone.
Z-CMS makes this step easy and fast by providing comprehensive intelligent Q&A (different questions are asked based on your previous answers) that you can simply follow along. Rest assured that all the required information is captured and stored for you.

Immediately identify risks of non-compliance

As you fill in the intelligent Q&As, Z-CMS automatically identifies risks of non-compliance and highlights the reasons behind. This instant feedback allows you to address the risks early on, minimizing the costs to remediate them later.
Z-CMS currently covers 50% of conceptal tests for this feature. Of course, we are working to achieve 100% coverage.

Zealience software identifies risks of non-compliance
Zealience dashboard showing risks of non-compliance

Manage and remediate risks of non-compliance

Once the risks of non-compliance are identified, they are aggregated in a risk register. This offers a single place for you to track and review your compliance risks. As you continuously work on the compliance activities, the risk register can frequently change; you may add or delete risks in the risk register or update existing risks with new risk treatments in your effort to remediate them.

Generate technical documents with one click

In 1 click, you can download the technical documentation for ETSI EN 303 645 (i.e., ICS, IXIT, and risk register) as well as a tailor-made test plan for your device. You save 70% of manual typing thanks to Z-CMS' automation!
We take great care in the quality; the documents follow exactly the expectation of the standard. This results in complete and accurate documentation.

Zealience generates required documents
Zealience dashboard showing risks of non-compliance

Scale your compliance work across your portfolio of devices

Do you produce many devices and are looking for a scalable way to document them all? We can support your needs! In Z-CMS, you can assign multiple devices to the information you input. Thanks to this feature, any new information or modification you make in Z-CMS is reflected in all the relevant devices. This way, you will not waste time inputting and managing the same information twice, contributing to the significant time saving.

Why ETSI EN 303 645?

Best interim standard to prepare for RED Cybersecurity

ETSI EN 303 645 is one of the most popular standards to prepare for the Radio Equipment Directive Delegated Act. The relevance of the standard is evident as the RED DA's official standards, the EN 18031 series, also includes its mapping to ETSI EN 303 645.

ETSI EN 303 645 covers Radio Equipment Directive DR and CRA
ETSI EN 303 645 global mapping

Globally acknowledged as the best standard to demonstrate cybersecurity

ETSI EN 303 645 is well acknowledged globally and regarded as the reference standard for consumer IoT devices. Some countries have already introduced their own device security regulations, allowing manufacturers to use this standard to demonstrate compliance (e.g. UK Product Security and Telecommunications Infrastructure (PSTI)). Similarly, Finland's national consumer IoT certification scheme and Singapore’s national Cybersecurity Labelling Scheme are built on ETSI EN 303 645.

Simply see it for yourself!

For a demo or a free trial:

phone icon

+49 69 505027142

Included in the free trial:

check icon

1-month trial of the software

check icon

Free customer support

check icon

Simple and secure on-prem software installation

Zealience

Schumannstraße 27, 60325 Frankfurt am Main

+49 69 505027142

info@zealience.com

© 2024 Zealience GmbH All Rights Reserved