UN Regulations R155 and R156 mandate vehicle manufacturers to implement and document a Cybersecurity Management System (CSMS) and a Software Update Management System (SUMS). Although these regulations specifically target OEMs, the impact extends to the entire supply chain; OEMs must ensure compliance across all suppliers to mitigate their overall liability.