ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 TR#2 “Second Edition” Long Beach Meeting April 28, 2004.

Slides:



Advertisements
Similar presentations
Radiopharmaceutical Production
Advertisements

Microsoft Operations Framework (MOF) 4.0
Status of Extensible SCCS-SM Concept Green Book 12 February
1 Femto Cell System Overview S.P Status Update to CDG and Femto Forum Fukuoka, Japan, September 2010.
ANSI/ASQ E Overview Gary L. Johnson U.S. EPA
Systems Analysis and Design in a Changing World
Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.
More CMM Part Two : Details.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
Information Security Policies and Standards
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Office of Inspector General (OIG) Internal Audit
CBIIT Quality Assurance Process Preston Wood NCI CBIIT Government Quality Representative (GQR) January 2014 RS.
FPSC Safety, LLC ISO AUDIT.
Self Declaration Protocol EPA Regions 9 & 10 and The Federal Network for Sustainability 2005.
Seafood HACCP Alliance for Training and Education Chapter 10 Principle 6: Establish Verification Procedures.
Chicagoland IASA Spring Conference
Dr. MaLinda Hill Advanced English C1-A Designing Essays, Research Papers, Business Reports and Reflective Statements.
Introduction to Software Quality Assurance (SQA)
Basics of OHSAS Occupational Health & Safety Management System
Creating an Effective Policy Central Missouri Chapter Jesse Wilkins April 16, 2009.
Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 Planning for TR#2 Second Edition Long Beach Meeting April 28, 2004.
Page 1 Internal Audit Outsourcing The Moss Adams Approach to Internal Audit Outsourcing Proposed SOX 404 Changes.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
GBA IT Project Management Final Project - Establishment of a Project Management Management Office 10 July, 2003.
Principles of Information Systems, Sixth Edition Systems Design, Implementation, Maintenance, and Review Chapter 13.
DCIPS Implementation Project Plan Update Army G2 Intelligence Personnel Management Office (IPMO) April 6, 2009.
Standards Certification Education & Training Publishing Conferences & Exhibits ISA SP-99 Working Group #3 October 27, 2005 Chicago, IL Eric Cosman, Evan.
BSBPMG505A Manage Project Quality Manage Project Quality Project Quality Processes Diploma of Project Management Qualification Code BSB51507 Unit.
AREVA T&D Security Focus Group - 09/14/091 Security Focus Group A Vendor & Customer Collaboration EMS Users Conference September 14, 2009 Rich White AREVA.
ISA–The Instrumentation, Systems, and Automation Society ISA SP-99 Introduction: Manufacturing and Control Systems Security -- Kickoff Meeting Call to.
Educational Research: Competencies for Analysis and Application, 9 th edition. Gay, Mills, & Airasian © 2009 Pearson Education, Inc. All rights reserved.
1 User Policy (slides from Michael Ee and Julia Gideon)
Standards Certification Education & Training Publishing Conferences & Exhibits ISA SP-99 Structure & Organization October 24, 2005 Chicago, IL Bryan L.
Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2006 ISA ISA-SP99: Security for Industrial Automation and Control.
Harmonization Project FAS Meeting Harmonization project and ISSAI 200 Purpose and scope of the project The purpose is to provide a conceptual basis.
Professional Certificate in Electoral Processes Understanding and Demonstrating Assessment Criteria Facilitator: Tony Cash.
Apply Quality Management Techniques Project Quality Processes Certificate IV in Project Management Qualification Code BSB41507 Unit Code BSBPMG404A.
ISO DOCUMENTATION. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Name.
Chapter 9: Introduction to Internal Control Systems
Grid Operations Centre LCG SLAs and Site Audits Trevor Daniels, John Gordon GDB 8 Mar 2004.
Principles of Information Systems, Sixth Edition 1 Systems Design, Implementation, Maintenance, and Review Chapter 13.
BSBPMG404A Apply Quality Management Techniques Apply Quality Management Techniques Project Quality Processes C ertificate IV in Project Management
2015 Pipeline Safety Trust Conference November 20 th, 2015 | New Orleans, LA API RP 1175 Pipeline Leak Detection Program Management – New RP Highlights.
Internal Auditing ISO 9001:2015
Fundamentals of Governance: Parliament and Government Understanding and Demonstrating Assessment Criteria Facilitator: Tony Cash.
Project Management Strategies Hidden in the CMMI Rick Hefner, Northrop Grumman CMMI Technology Conference & User Group November.
WEEK 6 Introduction to Project Management. Agenda Phase 4: Controlling.
Incorporating Road Safety Audit into Development Control Kevin Nicholson Principal Consultant.
Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.
Info-Tech Research Group1 Info-Tech Research Group, Inc. Is a global leader in providing IT research and advice. Info-Tech’s products and services combine.
Supplier Management Can’t live with them, Can’t live without them!
Security Methods and Practice Principles of Information Security, Fourth Edition CET4884 Planning for Security Ch5 Part I.
ARMA Boston Spring Seminar 2011 Jesse Wilkins, CRM.
INDULGENCE There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.
Security SIG in MTS 05th November 2013 DEG/MTS RISK-BASED SECURITY TESTING Fraunhofer FOKUS.
How to Survive an External Quality Assessment
Safeguards- Feedback on Safeguards ED-2 and Task Force Proposals
Prepared by Rand E Winters, Jr. ASR Senior Auditor October 2014
Flooding Walkdown Guidance
Outcome TFCS-11// February Washington DC
Outcome TFCS-11// February Washington DC
RECORDS AND INFORMATION
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
IS4550 Security Policies and Implementation
2019 Meeting 1 Northern Ontario Safety Group.
What is IT audit? An examination of how IT systems where implemented to ensure that they meet the organization’s business needs without compromising.
Radiopharmaceutical Production
Presentation transcript:

ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 TR#2 “Second Edition” Long Beach Meeting April 28, 2004

2 ISA–The Instrumentation, Systems, and Automation Society Agenda n Status n Identified Improvements n Plans for ongoing meetings

3 ISA–The Instrumentation, Systems, and Automation Society Status n 24 sections identified l 3 sections and 5 sub-sections with no content n 3 annexes identified l 2 annexes with no content

4 ISA–The Instrumentation, Systems, and Automation Society General Improvements n Make the document of more practical use by providing examples, checklists, etc. n More information on components “attached” to M&CS: l e.g., historians, optimizers, supervisory systems n Personnel and personnel policies l aligned with TR #1

5 ISA–The Instrumentation, Systems, and Automation Society General Improvements n Better description or definition of policies, procedures, programs, etc. n More in depth treatment of existing network security functions and features during inventory and assessment phase n Addition of more details on configuration management and change control

6 ISA–The Instrumentation, Systems, and Automation Society Sections 1 through 5 n Supporting information & background n No specific changes discussed

7 ISA–The Instrumentation, Systems, and Automation Society 6: Developing a Program n Outlines basic approach n Introduces security lifecycle model n Comments: l business case topic has to be written l creating a program vs. extending an existing program (IT and process safety) l policies vs. standards l functional or performance characteristics with security implications

8 ISA–The Instrumentation, Systems, and Automation Society 7: Define Risk Goals n related to the question of “what’s different” n expand with examples n may be appropriate to combine with section 6, or more appropriately, section 9 n check against changes to lifecycle model

9 ISA–The Instrumentation, Systems, and Automation Society 8: System Assessment n Include safety instrumented systems and burner management systems n Go back to introduction to make sure that the basic reference model is well described and understood; know the scope

10 ISA–The Instrumentation, Systems, and Automation Society 9: Conduct Risk Assessment n Should the specifics of this section be placed in an annex? current version is 12 pages n Focus on general principles in the text

11 ISA–The Instrumentation, Systems, and Automation Society 10: Select Countermeasures n Reference change mgmt in TR1 n Section 10.2: Address Vulnerabilities l Comprehensive treatment of steps to address vulnerabilities

12 ISA–The Instrumentation, Systems, and Automation Society 11: Procure Countermeasures n build vs. buy n this is where compromises have to be made n the only step listed is “create spec”, but there are other steps, such as evaluate alternatives

13 ISA–The Instrumentation, Systems, and Automation Society 12-17: Testing n Treat these sections as a group

14 ISA–The Instrumentation, Systems, and Automation Society 18: Finalize Operations Measures n Management of changes is referenced in 18.3; is this similar to that in 10.3? n section 18.4 says to establish audit frequency; may want frequency not be public

15 ISA–The Instrumentation, Systems, and Automation Society Sections 19 through 21 n These sections are empty in the first release n Section 19: Addition of guidance on routine security reporting and analysis n Section 20: Addition of guidance on periodic audit and compliance measures n Section 21: Add guidance on re-evaluation of security countermeasures, when triggered by external events and/or audit and assessments.

16 ISA–The Instrumentation, Systems, and Automation Society Annexes n Include a typical “business case” as a separate annex n Annex B: l This section is empty in the current release l More examples and guidance on audit and vulnerability assessment processes l Include checklists as examples l This may be the appropriate place to relocate material from section 9 l Make some general statements about appropriate content

17 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Annex C: Supplier Practices l we need to be challenged to “raise the bar” on the security of products offered. l PCSRF is doing this, as is CIDX; do we have to do so also? l How do we hold suppliers accountable? l This topic may be big enough for another working group?

18 ISA–The Instrumentation, Systems, and Automation Society Meeting Schedule and Plans n Regular conference calls l Set up ASAP l Start with weekly or bi-weekly and move to monthly

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.