Professional Documents
Culture Documents
Revision 1
1 NP Factory, Ltd.
2 Plant Floor
6 Implementation
7 Nathan Pocock
8 https://our.intranet/path/to/document.docx
I-ISMS
Industrial Information System
Revision 1 (28)
Management System
1 Security
2 PRIVATE
NP Factory, Ltd.
[Company Address]
Plant Floor
I-ISMS
704-491-5840
Manager Pocock
1 Executive Summary
2 A framework for storing information about the various security controls that exist within the facility for
3 providing physical and electronic security.
4 Revision History
1 Contents
2 1 Instructions 5
3 2 Overview 6
4 3 Security controls 6
8 Figures
10
2 Instructions
2 1. Read the Overview to gain a simple understanding of the need for this document
3 2. Modify the Security controls below
4 3. Adjust the security columns in the Security Controls Matrix below and then complete the table.
5 4. Add, edit, and remove table entries and categories as necessary.
3 Overview
1 There are many ways to protect both physical and electronic assets. This document contains a list of
2 security controls in use by NP Factory, Ltd.
3 A security control can be something physical, such as a lock/key, or something electronic like a
4 login/password, or key-card etc.
4 Security controls
6 Physical:
7 o Lock/Key:................................for doors, windows, cabinets, cages, panels, etc.
8 Electronic:
9 o Login (username/password)...for access to computers, networks, and software
10 o Anti-virus................................protection from malware threats
11 o Firewall...................................protection from network-based threats
12 o IDS/IPS...................................protection from advanced anomalies
13 o File access permissions.........protection from unauthorized access of file system
14 o MAC filtering...........................filtering based on network adapter MAC address
15 o IP filtering...............................port and address filtration
16 Policy/Rules.......................................rules defined in documents
Rules / Policy
Switch / MAC
Login / code
File access
Lock / key
Anti-virus
<other 1>
<other 2>
Firewall
IP Filter
IDS/IPS
PHYSICAL ENVIRONMENT CONTROLS
Plant floor access (doors, windows, vents, emergency escape, etc.) X
Offices within the plant floor X
Filing, cabinet systems, and desk drawers etc. X
Storage rooms X
Computer systems, servers, and networked industrial devices etc. X
Computer storage racks and/or rooms X X
Rules / Policy
Switch / MAC
Login / code
File access
Lock / key
Anti-virus
<other 1>
<other 2>
Firewall
IP Filter
IDS/IPS
COMPUTER SYSTEM CONTROLS
General usage X X X X X
Authorized user access only X
Detection of unauthorized access X X X
Detection of unauthorized data-changes X X
Patch management X
Application hardening (whitelisting, blacklisting, etc.) X X X
Backup drives, devices, and/or other media X X
Rules / Policy
Switch / MAC
Login / code
File access
Lock / key
Anti-virus
<other 1>
<other 2>
Firewall
IP Filter
IDS/IPS
Unauthorized access to/from the network and/or internet X X X
Other applications… X X X X
Backup (settings, configuration, data, etc.) X