ANSI/ISA-99.02.01 Outlines Industrial Cyber Security Management Systems
February 18, 2009 // Published as a news service by IHS
The American National Standards Institute (ANSI) approved ANSI/ISA-99.02.01-2009 - Establishing an Industrial Automation and Control Systems Security Program, according to the International Society of Automation (ISA).
The standard is the second in the ISA99 series - Security for Industrial Automation and Control Systems. It details elements to establish a cyber security management system with guidance on how to meet the requirements for each element.
Topics include policies, procedures, practices and personnel.
The first standard in the series, ANSI/ISA-99.00.01, outlined key concepts, terminology and models.
Other ISA99 standards under development will address operating a security program after it is designed and implemented, and technical security requirements for industrial automation and control systems.
The Security for Industrial Automation and Control Systems series of standards serves as the foundation for the IEC 62443 series of the same titles, developed by IEC TC65 WG10 - Security for industrial process measurement and control - Network and system security.
Building upon the cyber security for industrial automation and control systems standards development efforts, the ISA Security Compliance Institute will identify and promote security standards-compliant products and systems in industrial applications.
Compliant products and systems will be entitled to carry the ISASecure designation, providing recognition of the security characteristics to industrial asset owners and integrators.
Source: International Society of Automation (ISA).