March 2009
New industrial cyber security management standard
The American National Standards Institute approved the second standard in the ISA99 series, Security for Industrial Automation and Control Systems.
The new standard, ANSI/ISA-99.02.01-2009, Establishing an Industrial Automation and Control Systems Security Program, describes elements to set up a cyber security management system and provides guidance on how to meet the requirements for each element. Topics include policies, procedures, practices, and personnel.
“The great value of this standard is that it draws together the best thinking on industrial cyber security management from experts at leading companies and organizations across the globe,” said Jim Gilsinn of the U.S. National Institute of Standards and Technology. Gilsinn was the lead editor for the standard.
The new standard follows last year’s publication of the first standard in the series, ANSI/ISA-99.00.01, which serves as the basis of all standards in the ISA99 series by presenting key concepts, terminology, and models. Obtain the standards at www.isa.org/standards.
Additional ISA99 standards under development will cover how to operate a security program after its design and implementation, and technical security requirements for industrial automation and control systems.
Return to Previous Page
Read questions answered by our experts or join the email list.
