Presentation is loading. Please wait.

Presentation is loading. Please wait.

Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2007 ISA ISA 99 WG4 Technical Requirements Organization and.

Published byVanessa Greer Modified over 9 years ago

Similar presentations

Presentation on theme: "Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2007 ISA ISA 99 WG4 Technical Requirements Organization and."— Presentation transcript:

1 Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2007 ISA ISA 99 WG4 Technical Requirements Organization and Logistics

2 2April 2007Copyright © 2007 ISA Topics Charter –Audience –Success Criteria –Framework WG4 Deliverables List Task Groups WG4 Sharepoint organization

3 3April 2007Copyright © 2007 ISA Charter - Audience suppliers of products or services employed in Industrial Automation and Control systems asset owners who require assistance or guidance in specifying security requirements for Industrial Automation and Control systems system integrators that combine products into an IACS other standards and practices groups (e.g. ISA 100) ISA Security Compliance Institute and other certification bodies security professionals from outside of Manufacturing or Operations who wish to understand these special needs other groups such as regulators, auditors

4 4April 2007Copyright © 2007 ISA Charter – Success Criteria

5 5April 2007Copyright © 2007 ISA Charter - Framework Part 4 builds on the models from Part 1 Part 4 builds on the security program from Part 2 Assume both Parts 2 and 3 have been implemented by asset owners The entry point for 99.04 is the allocation to Zones/Conduits and Target Security Level (SLTarget) However, include enough information from Part 1 re Zones/Conduits and Security Levels to provide the context for Part 4 Develop a mechanism to determine the individual SL for a product and the overall SL for a system Security Requirements for devices, subsystems and systems will be distinguished by SL Part 4 would meet SL at a point in time; Part 3 work processes (e.g. patch management) would maintain that SL Vendors are expected to document the security "out of the box" and the means to achieve the desired SL ISA Security Compliance Institute certifies products to a security level System or device must be tested by the vendor at its highest SL Acceptance Tests must be completed at the Target SL (Part 2) Asset Owner are expected to enable the security capabilities offered by the vendor for the desired SL

6 6April 2007Copyright © 2007 ISA WG4 Deliverables List DocumentTitleTask Group ISA-99.03.01Target Security LevelsTG2 ISA-99.03.02System Security Compliance MetricsTG3 ISA-TR99.03.xxMapping ISA99 Foundational Requirements to NIST SP 800-53 TG4 ISA-99.03.03Protection of Data at Rest (preliminary)TG5

7 7April 2007Copyright © 2007 ISA Task Group 1 – WG4 Leadership WG4 Co-ChairsJohan Nye, Kevin Staggs WG4 SecretaryFreemon Johnson WG4 EditorDennis Holstein ScopeWG4 Technical Requirements overall leadership WG4 General Meetings Weekly, Thursday, 13:00-14:00 Eastern Time

8 8April 2007Copyright © 2007 ISA Task Group 2 – Security Zones and Levels TG LeaderRahul Bhojani TG ScopeDevelop the work process to allocate Security Zones and Conduits, and determine the Target Security Level for each. TG DeliverablesISA-99.03.01 Target Security Levels Primary Users Asset owner Security system architect System integrator System providers including 3 rd party outsources TG MeetingsWeekly, Tuesdays 11:00-12:00 Eastern Time Target PublicationMid 2009

9 9April 2007Copyright © 2007 ISA Task Group 3 – Security Metrics TG LeaderTBD TG ScopeDefines measurable system security metrics that are context specific TG DeliverablesISA-99.03.02 System Security Compliance Metrics Primary Users Asset owner Security system architect System integrator ISA Compliance Institute System providers including 3rd party outsources TG MeetingsNone Target PublicationMid 2010

10 10April 2007Copyright © 2007 ISA Task Group 4 – Foundational Requirements TG LeadersFreemon Johnson, Keith Stouffer TG ScopeMap ISA99 Foundational Requirements to NIST 800- 53 TG DeliverablesISA-TR99.03.?? Mapping ISA99 Foundational Requirements to NIST SP 800-53 Primary UsersStandards Committees Security Compliance Institute TG2 – Security Zones and Levels TG MeetingsWednesdays, 11:00-12:00, Eastern Target PublicationMid 2009

11 11April 2007Copyright © 2007 ISA Task Group 5 – Derived Requirements TG LeadersKevin Staggs (interrim) TG Scope Normative specification of security requirements including rationale and supporting use cases based on example reference models. Includes detailed description of domains including their zones and conduits TG DeliverablesISA-TR99.03.xx TBD Primary Users Asset owner Security system architect System integrator ISA Compliance Institute System, subsystem and component providers including 3rd party outsources TG MeetingsWeekly, Wednesdays 13:00-14:00 Eastern Time Target Publication2009 through 2012

12 12April 2007Copyright © 2007 ISA Sharepoint – WG4 Shared Documents TG1 – WG4 General –Meetings –WG4-TG1-Notes-yyyymmdd –(2008-10) Houston folder (agenda, minutes, presentations) –Governance (e.g. Charter) TG2 – Security Zones and Levels TG3 – System Security Metrics TG4 – Foundational Requirements TG5 – Derived Requirements –Meetings –WG4-TG5-Notes-yyyymmdd –Include keywords in the document –Drafts –ISA-99.03.99-D9-E9 –A folder for each draft, including all edits, voting results, and comments –Final –Final released version of the standard –Supporting –Everything else

13 13April 2007Copyright © 2007 ISA Questions

Download ppt "Standards Certification Education & Training Publishing Conferences & Exhibits 1Copyright © 2007 ISA ISA 99 WG4 Technical Requirements Organization and."

Similar presentations

May 2010 Slide 1 SG Communications Boot Camp Matt Gillmore 03/07/11.

May 2010 Slide 1 SG Communications Boot Camp Matt Gillmore 03/07/11.
Technical update on ISO 9001:2015 Colin MacNee Duncan MacNee Limited

Technical update on ISO 9001:2015 Colin MacNee Duncan MacNee Limited
ISA 99 Technical Requirements Situation assessment as seen by Dennis Holstein, Lead Editor 13 November 20081ISA99WG04.

ISA 99 Technical Requirements Situation assessment as seen by Dennis Holstein, Lead Editor 13 November 20081ISA99WG04.
Project Mangement Chapter 4 Framework for Project Management.

Project Mangement Chapter 4 Framework for Project Management.
IAEA International Atomic Energy Agency Responsibility for Radiation Safety Day 8 – Lecture 4.

IAEA International Atomic Energy Agency Responsibility for Radiation Safety Day 8 – Lecture 4.
Getting Started in Systems Analysis and Design

Getting Started in Systems Analysis and Design
October 3, 20031 Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Specialists in Service Oriented Application Modernization April, 2011 Presented by Steve Olding

Specialists in Service Oriented Application Modernization April, 2011 Presented by Steve Olding
1 Quality Management Standards. 2 THE ISO 9000 FAMILY ISO 9000: 2005 Identifies the fundamentals and vocabulary for Quality Management Systems (QMS) ISO.

1 Quality Management Standards. 2 THE ISO 9000 FAMILY ISO 9000: 2005 Identifies the fundamentals and vocabulary for Quality Management Systems (QMS) ISO.
1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev. 12-16-11)

1 DCS860A Emerging Technology Physical layer transparency in Cloud Computing (rev )
TEMPUS ME-TEMPUS-JPHES

TEMPUS ME-TEMPUS-JPHES
SECURITY SIG IN MTS 28 TH JANUARY 2015 PROGRESS REPORT Fraunhofer FOKUS.

SECURITY SIG IN MTS 28 TH JANUARY 2015 PROGRESS REPORT Fraunhofer FOKUS.
This work is licensed under a Creative Commons Attribution 3.0 Unported LicenseCreative Commons Attribution 3.0 Unported License (CC-BY). Project Management.

This work is licensed under a Creative Commons Attribution 3.0 Unported LicenseCreative Commons Attribution 3.0 Unported License (CC-BY). Project Management.
Federal IT Security Professional - Manager FITSP-M Module 1.

Federal IT Security Professional - Manager FITSP-M Module 1.
A Review ISO 9001:2015 Draft What’s Important to Know Now

A Review ISO 9001:2015 Draft What’s Important to Know Now
Chicagoland IASA Spring Conference

Chicagoland IASA Spring Conference
ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 TR#2 “Second Edition” Long Beach Meeting April 28, 2004.

ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 TR#2 “Second Edition” Long Beach Meeting April 28, 2004.
ISO 9001:2015 Revision overview December 2013

ISO 9001:2015 Revision overview December 2013
ISO 9001:2015 Revision overview - General users

ISO 9001:2015 Revision overview - General users
COBIT®. COBIT - Control Objectives for Information and related Technology C OBI T was initially created by the Information Systems Audit & Control Foundation.

COBIT®. COBIT - Control Objectives for Information and related Technology C OBI T was initially created by the Information Systems Audit & Control Foundation.

Similar presentations

Ads by Google