Table of Contents

Foreword
0 Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Structure of the document
5 Information security policies
6 Organization of information security
7 Human resource security
8 Asset management
9 Access control
10 Cryptography
11 Physical and environmental security
12 Operations security
13 Communications security
14 System acquisition, development and maintenance
15 Supplier relationships
16 Information security incident management
17 Information security aspects of business continuity
  management
18 Compliance
Annex A (normative) - Energy utility industry specific
        reference control objectives and controls
Bibliography

Abstract

This document provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes.

General Product Information

Published
Document Type	Standard
Status	Current
Publisher	International Organization for Standardization
Pages
ISBN
Committee	ISO/IEC JTC 1
Supersedes	ISO/IEC TR 27019 : 2013