Gå til hovedinnhold

Audit of the participants' handling of ICT security

From 2 May to 16 June 2017, we conducted an audit of the participants' handling of ICT security. The audit was directed at operators with fields and plant in operation and owners with facilities in possession of an Acknowledgement of Compliance (AoC).


Over a number of years, the PSA has been monitoring the industry's work to safeguard IT systems that manage processes, monitor potential gas leaks or fires and perform safe shutdowns for plant and facilities.

Objective
The objective of the audit was to investigate the approach of operators and owners to risk assessment, protection, follow-up and surveillance of ICT security for the industrial security and control systems.

Result
Through this series of meetings, we gained knowledge of the various challenges in the industry relating to:

  • Risk assessments
  • ICT architecture for the industrial security and control systems and links to other systems
  • Passive safeguards for the industrial security and control system networks
  • Monitoring, analysis and response
  • Incident reporting
  • Own audits and reviews

Parts of the audit report are exempt from public disclosure, with ref. to the Freedom of Information Act Section 24, para 3
 

Eileen Brundtland, Press contact
Email: eileen.brundtland@ptil.no | +47 51 87 35 12