<
 
 

Security Audit and Assessment for Utilities

Decades ago, SCADA (Supervisory Control and Data Acquisition) systems were implemented in public and private utilities with little foresight to security. With the rapid advancements in computer networks and the constant threat of terrorism, auditing those systems has become a vital part of national security.

Anitian has extensive experience in performing pre-accreditation audits and assessments for public utilities to become compliant with the North American Electric Reliability Council's (NERC) Critical Infrastructure Protection (CIP) standards. Our audit consists of the following general components.

  • Risk Analysis
    Review your organization's exposure to known threats.

  • GAP Analysis
    Determine the existing state of your organization and security challenges.

  • Policy and procedure review
    Review of all organization security policies and procedures for compliance with CIP standards.

  • Security assessment
    Assess networks, systems and access for security weaknesses.

  • SCADA Systems Assessment
    Analyze SCADA systems for security compliance, isolation, and protection.

  • Standards Adherence
    Analyze business against established standards using Anitian's exclusive Industry Security Maturity ProfilesTM.

  • Overall Compliance Analysis
    Review organization for compliance with CIP standards.

  • Remediation Reporting
    Report results of audit and develop remediation measures.

  • Implement Security Improvements
    Architect and implement necessary security improvements.

  • Train & Educate Staff
    Educate staff on proper security practices and procedures.

  • Certify compliance
    Assess the effectiveness of security measures and certify their proper use.

  • Monitoring
    On-going monitoring and validation to ensure compliance.

The result is a comprehensive report on the security health of your organization and SCADA systems.  Anitian's reports are clear, well-organized, and written in clear language.  We provide step by step procedures and suggestions on eliminating or mitigating any problems.

For additional information, please contact our sales team at info@anitian.com to set up an free, no-obligation meeting.

Services

> Services Home

> Overview

> Audit & Assessment

  - Risk Assessments

  - Penetration Testing

  - Compliance

 > Remediate & Optimize

   - Identity Management

   - Policy Development

   - Network Engineering

   - Systems Integration

   - Training & Education

   - Technical
     Documentation

> Monitor & Govern

   - Validation & Reporting

   - Managed Security

   - SecureLink for Small
     Business

   - Incident Response
     & Forensics

   - Emergency Response

 

  
 

All material in this web site is copyright © 1995-2006, Anitian Corporation. All Rights Reserved Worldwide
Please read our copyright and privacy policy page for more information.