Presentation is loading. Please wait.

Presentation is loading. Please wait.

ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 Planning for TR#2 Second Edition Long Beach Meeting April 28, 2004.

Published bySophie Sherman Modified over 8 years ago

Similar presentations

Presentation on theme: "ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 Planning for TR#2 Second Edition Long Beach Meeting April 28, 2004."— Presentation transcript:

1 ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 Planning for TR#2 Second Edition Long Beach Meeting April 28, 2004

2 2 ISA–The Instrumentation, Systems, and Automation Society Ground Rules n Two hours and an 80+ page document l stay focused, identify and record actions, and move on n Points requiring analysis or discussion will be taken offline n Our objective is to get commitment to produce a revised document l consistent with our plans for 6 month cycle l we need names!

3 3 ISA–The Instrumentation, Systems, and Automation Society Agenda n Introductions & confirm participation(0:15) n Review suggested improvements(1:00) n Brainstorm additional opportunities(0:20) n Identify leads for major sections(0:15) n Plans for ongoing meetings(0:10) n Adjourn11:30 Sharp

4 4 ISA–The Instrumentation, Systems, and Automation Society Introductions

5 5 ISA–The Instrumentation, Systems, and Automation Society Suggested Improvements (From Bob Webb: March 19) n General Topics for attention n Additional clarity n Improvements by section n Annexes

6 6 ISA–The Instrumentation, Systems, and Automation Society Topics for Attention n Make the document of more practical use by providing examples, checklists, etc. n More information on components “attached” to M&CS: l e.g., historians, optimizers, supervisory systems n Personnel and personnel policies l aligned with TR #1

7 7 ISA–The Instrumentation, Systems, and Automation Society Additional Clarity n Better description or definition of policies, procedures, programs, etc. n More in depth treatment of existing network security functions and features during inventory and assessment phase n Addition of more details on configuration management and change control

8 8 ISA–The Instrumentation, Systems, and Automation Society Improvements by Section n Section 10.2: Comprehensive treatment of steps to address vulnerabilities n Section 19: Addition of guidance on routine security reporting and analysis n Section 20: Addition of guidance on periodic audit and compliance measures n Section 21: Add guidance on re-evaluation of security countermeasures, when triggered by external events and/or audit and assessments.

9 9 ISA–The Instrumentation, Systems, and Automation Society Annexes n Annex A: General cleanup n Annex B: More examples and guidance on audit and vulnerability assessment processes l Include checklists as examples l This may be the appropriate place to relocate material from section 9 l Make some general statements about appropriate content n Annex C: Addition of guidance on steps suppliers and consultants should be using to protect themselves and their clients. n Include a typical “business case” as a separate annex

10 10 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 6: Developing a program (18 pages) l creating a program vs. extending an existing program (IT and process safety) l policies vs. standards l functional or performance characteristics with security implications n Section 7: Define Risk Goals (1 page) l related to the question of “what’s different” l expand with examples l may be appropriate to combine with section 6, or more appropriately, section 9

11 11 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 8: System Assessment (6 pages) l include safety instrumented systems and burner management systems l go back to introduction to make sure that the basic reference model is well described and understood; know the scope n Section 9: Conduct Risk Assessment & Gap Analysis (12 pages) l should the specifics of this section be placed in an annex? current version is 12 pages l focus on general principles in the text

12 12 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 10: Select Countermeasures (5 pages) l reference change mgmt in TR1 n Section 11: Procure Countermeasures l build vs. buy l this is where compromises have to be made l the only step listed is “create spec”, but there are other steps, such as evaluate alternatives

13 13 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 12: Define Test Plans (3 pages) l x n Section 13: Test Countermeasures l x

14 14 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Sections 14 & 15: Integration Test l x n Sections 16 & 17: Validation Test l x

15 15 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 18: Finalize Operations Measures l Management of changes is referenced in 18.3; is this similar to that in 10.3? l section 18.4 says to establish audit frequency; may want frequency not be public n Section 19: Reporting and Analysis l x

16 16 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Section 20: Audit & Compliance l x n Section 21: Re-Evaluation l x

17 17 ISA–The Instrumentation, Systems, and Automation Society Additional Improvements n Annex C: Supplier Practices l we need to be challenged to “raise the bar” on the security of products offered. l PCSRF is doing this, as is CIDX; do we have to do so also? l How do we hold suppliers accountable? l This topic may be big enough for another working group?

18 18 ISA–The Instrumentation, Systems, and Automation Society Meeting Schedule and Plans n Regular conference calls l Frequency? l Length?

Download ppt "ISA–The Instrumentation, Systems, and Automation Society SP99 Work Group 2 Planning for TR#2 Second Edition Long Beach Meeting April 28, 2004."

Similar presentations

Radiopharmaceutical Production

Radiopharmaceutical Production
Internal Control–Integrated Framework

Internal Control–Integrated Framework
ISO 9001:2000 Documentation Requirements

ISO 9001:2000 Documentation Requirements
Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.

Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.
More CMM Part Two : Details.

More CMM Part Two : Details.
Quality Improvement/ Quality Assurance Amelia Broussard, PhD, RN, MPH Christopher Gibbs, JD, MPH.

Quality Improvement/ Quality Assurance Amelia Broussard, PhD, RN, MPH Christopher Gibbs, JD, MPH.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Workplace Safety and Health Program

Workplace Safety and Health Program
Quality Assurance/Quality Control Policy

Quality Assurance/Quality Control Policy
project management office(PMO)

project management office(PMO)
RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.

RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.
Prepared by Long Island Quality Associates, Inc. ISO 9001:2000 Documentation Requirements Based on ISO/TC 176/SC 2 March 2001.

Prepared by Long Island Quality Associates, Inc. ISO 9001:2000 Documentation Requirements Based on ISO/TC 176/SC 2 March 2001.
FPSC Safety, LLC ISO 14001 4.5.4 AUDIT.

FPSC Safety, LLC ISO AUDIT.
A Review ISO 9001:2015 Draft What’s Important to Know Now

A Review ISO 9001:2015 Draft What’s Important to Know Now
RJC Certification - (COP 9) Bribery and Facilitation Payments Training Module – March 2014.

RJC Certification - (COP 9) Bribery and Facilitation Payments Training Module – March 2014.
Seafood HACCP Alliance for Training and Education Chapter 10 Principle 6: Establish Verification Procedures.

Seafood HACCP Alliance for Training and Education Chapter 10 Principle 6: Establish Verification Procedures.
Chicagoland IASA Spring Conference

Chicagoland IASA Spring Conference

Similar presentations

Ads by Google