AutoCore Technology (Nanjing) Co., Ltd. Awarded ISO/IEC 27001:2022 Information Security Management System Certification

2026-06-05
AutoCore

AutoCore Technology (Nanjing) Co., Ltd. has successfully passed the comprehensive audit conducted by TÜV SÜD, and has been officially awarded the ISO/IEC 27001:2022 Information Security Management System Certification.

ISO/IEC 27001:2022 Information Security Management System Certification

1. Scope of Certification

Design, development and sales of automotive platform software, industrial automation and robotics platform software, and Large Language Model (LLM)-based SaaS (Software as a Service).

2. Key Implementation Highlights

  • Governance and Organization: An information security committee led by top management has been established to define security policies, objectives, roles and responsibilities.
  • Risk Management: A risk assessment methodology built on asset identification, threat modeling and vulnerability analysis drives the selection of controls, formalized via the Statement of Applicability (SoA) and an acceptable risk baseline.
  • Secure Development: A Secure SDLC is implemented across the R&D processes of automotive and industrial automation and robotics platform software and LLM SaaS, covering security requirements, design threat modeling, secure coding, SAST/DAST, dependency auditing and release gating.
  • Operational Controls: Least-privilege access control, logging and monitoring, key and credential management, change management and configuration baselines are enforced.
  • Supply Chain: Suppliers are subject to security qualification and continuous evaluation, with clearly defined data handling responsibilities.
  • Business Continuity and Incident Response: BCM/DR plans are maintained and tested, supported by a 24x7 security incident response mechanism.
  • AI Data Governance: Classification, de-identification, retention and access auditing controls are applied to LLM training and inference data.

3. Continual Compliance

The ISMS will be continually maintained and improved through internal audits, management reviews and surveillance audits, and will remain aligned with industry and regulatory requirements such as ISO/SAE 21434, GDPR, the PRC Data Security Law, the Personal Information Protection Law, and the Interim Measures for the Administration of Generative AI Services.

About AutoCore

AutoCore Technology (Nanjing) Co., Ltd. focuses on the R&D and commercialization of automotive platform software, industrial automation and robotics platform software and LLM-based SaaS, delivering trustworthy and verifiable platform capabilities and services to automotive OEMs / Tier-1s, industrial manufacturers and AI customers.

For more information about AutoCore, please visit: www.autocore.ai

All News