27001/2:2013 framework for Information Assets of OT/ICS
I am working with leading oil and gas Company ***. I saw you several webinars on online video portals. I appreciate your clear understanding about the ISMS through ISO 27001/2: 2013 framework.
I want to know your opinion whether the 27001/2: 2013 framework is applicable for Information Assets of OT/ICS (Operation Technology/Industrial Control Systems) such as SCADA, DCS etc..
Your reply in this regard may be valuable to us for protection of our Information Assets of OT/ICS.
Assign topic to the user
ISO 27001 was designed to be used by organizations of any size and industry, so it can be applied to Information Assets of OT/ICS, however, please note that ISO 27001 and ISO 27002 do not go deep on technological details, so you should also consider using them together with other frameworks that provide technical implementation details, like NIST publications.
These articles will provide you a further explanation about ISO 27001, ISO 27002, and NIST publications:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- A quick guide to ISO 27001 controls from Annex A https://advisera.com/27001academy/iso-27001-controls/
- How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/
These materials will also help you regarding ISO 27001:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- ISO 27001 Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jan 26, 2021