ISA-62443-2-1 (IEC 62443-2-1)
Title:
Security for industrial automation and control systems, Part 2-1: Industrial automation and control systems security management system
Description:
This standard defines the elements necessary to establish an industrial automation and control systems (IACS) security management system (IACS-SMS) and provides guidance on how to develop those elements. This document uses the broad definition and scope of what constitutes an IACS described in ISA-62443-1-1.
The elements of a IACS-SMS described in this standard are mostly policy, procedure, practice and personnel related, describing what shall or should be included in the final IACS-SMS for the organization.
Status:
This work product was previously published as ANSI/ISA-99.02.01-2009 and IEC 62443-2-1:2010. It is currently being revised by work group 2. A working draft is available for review.
Outline:
- Scope
- Normative References
- Terms, definitions, abbreviated terms, acronyms, and conventions
- Description and requirements for an IACS security management system
- Security policy
- Organization of cyber security
- Asset management
- Human resources security
- Physical and environmental security
- Communications and operations management
- Access control
- Information systems acquisition, development and maintenance
- Information security incident management
- Business continuity management
- Compliance
- Annex A (normative) Industrial automation and control systems extended control set
- Annex B (informative) Additional IACS implementation guidance
|
Last modified at 5/10/2013 1:22 PM by Eric Cosman
|
|