ICS Cybersecurity Gap Assessment

A good starting point in any ICS cybersecurity program is to perform a gap assessment to understand how your organization's existing operational and technical cybersecurity practices compare to industry regulations, standards and best practices such as:

ACC Guidance for Addressing Cyber Security

API 1164

AWWA Process Control System Security Guidance

CFATS Risk-Based Performance Standards (RBPS-8)

CSA Z246.1-09

ISA/IEC 62443-2-1 (formerly ISA 99.02.01)

ISA/IEC 62443-3-3

ISA TR84.00.09

NEI 08-09


NIST SP800-82

NIST Cybersecurity Framework

NRC Reg Guide 5.71

TSA Pipeline Security Guidelines

aeSolutions has performed numerous ICS cybersecurity gap assessments through a combination of interviews with key personnel and examination of drawings, configurations, polices, and procedures. Based upon our experience, we can also provide feedback relative to how your organization compares to industry peers. Often times an ICS Cybersecurity Gap Assessment is performed in conjunction with an ICS Cybersecurity Vulnerability Assessment.