ISO/IEC 27019:2017 provides guidance for process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage, distribution of electric power, gas, oil, heat; and for the control of associated supporting processes.
Challenges of Security for Energy Sector
Many companies in the energy utilities sector are facing continuous challenges related to security management:
- New emerging threats for critical infrastructures;
- Growing number of cyber-attacks and data breaches;
- Toughening of the regulatory environment;
- Continuous urge for energy companies to modernize and rationalize their regulatory, legal, and compliance practices;
- Building a strong Information Security Management System.
How SCM Helps You Implement ISO 27019
The Standards Compliance Manager supports the information security management guidelines of ISO 27019 based on ISO/IEC 27002 for process control systems specific to the energy utility industry. It covers security compliance assessment, risk management, performance control, and monitoring all in one place.
ISO 27019 Implementation Workflow
Before implementing ISO 27019, it is necessary for companies to conduct a risk assessment to see if there are any additional country- and/or company-specific requirements they have to comply with. Our solution allows uploading the specific required regulations and immediately starting working with them.
Further, you are able to choose the appropriate controls:
- Specific for ISO 27019;
- Additional controls depending on the risk appetite of your company.
Benefits of Using Infopulse SCM for ISO 27019 Compliance
- Holistic approach to creating and maintaining an ISMS according to ISO 27001 and ISO 27019;
- Instant access to an extensive standard database and risk management recommendations;
- Regular updates of the latest versions of standards available;
- Effective coordination of assets according to your business objectives;
- Extensive risk management system: adaptable catalog of threats specific to an individual organization.
Users who have been working with ISO 27001 will benefit from quick and easy adaptation of an existing ISMS to ISO 27019:
- Ability to add and review Inventory analysis with controls and requirements;
- Possibility to work with and enhance any threat catalogs, requirements and controls specific to your company;
- Visual distinctions of the added controls (with a tag “Energy”).
Infopulse SCM will help you to establish a robust ISMS to comply with the ISO 27001 and ISO 27019.
Effective and easy-to-use IT security management system based on the latest standards and regulations — from planning and establishing the security concept to certification.