ISO/IEC 27019

A standard is reviewed every 5 years
Stage: 90.92 (To be revised). Will be replaced by
(Under development) ISO/IEC FDIS 27019. ISO/IEC 27019 specifies guidelines and provides a framework for establishing, implementing, maintaining, and continuously improving an information security management system (ISMS) for process control systems in the energy sector. It addresses the unique requirements and risks associated with industrial control systems (ICS) and ensures that these systems are protected from cyber threats. The standard includes controls for risk assessment, physical security, incident management, and compliance with regulatory requirements.