DeltaV Services App User Guide - Basic Cybersecurity Assessment

SEQ-PSS-GBL-216
DeltaV Services App User Guide for the Rev F4 – Page 1 of 40

Basic Cybersecurity Assessment (BCA)
Emerson Automation Solutions

Service Management Office
DeltaV Services App User Guide for the

Document Information
Initiative: Service Execution & Quality Management
Business Unit: Process Systems & Solutions
Name: DeltaV Services App User Guide for Basic Cybersecurity Assessments
SMO Document Number: SEQ-PSS-GBL-216
DeltaV Sercvices App – User Guide for Basic Cybersecurity
Document File Name:
Assessment.pdf
Document Status: Preliminary
Revision: F4
Emerson – Confidential and Proprietary

SEQ-PSS-GBL-216
Revision History
Rev Description Date Developed By

F1 Initial revision and release 9/25/2107 R. Gorskie
F2 Section 7 added to the User Guide 11/21/2017 C. Huertas
Added Section 3.1: Check your Support
F3 02/07/2018 Nilesh Kandharkar
Company in SMS
New release 6.1/1.0 documentation
F4 04/01/2020 R. Gorskie
changes/additions.
This product and/or service is expected to provide an additional layer of protection to your DeltaV system to help avoid certain types of undesired
actions. This product and/or service represents only one portion of an overall DeltaV system security solution. Emerson does not warrant that
the product and/or service or the use of the product and/or service protects the DeltaV system from cyber-attacks, intrusion attempts,
unauthorized access, or other malicious activity (“Cyber Attacks”). Emerson shall not be liable for damages, non-performance, or delay caused
by a Cyber Attack. Users are solely and completely responsible for their control system security, practices and processes, and for the proper
configuration and use of the security products.
© Emerson 2020. All rights reserved. Unauthorized duplication, in whole or in part, is prohibited. Trademarks
identified in this document are owned by one of the Emerson group of companies. All other trademarks or
registered trademarks remain the property of their respective owners. Unless otherwise agreed to in writing by
the parties, any information provided in this document is confidential or proprietary and may not be used or
disclosed without the expressed written permission of Emerson.
Emerson Automation Solutions

1100 W Louis Henna Blvd.– Building 1
Round Rock, TX 78681-7430 USA
T +1 (512) 832-3020
F +1 (512) 908-4177
www.Emerson.com
Emerson - Confidential and Proprietary
SEQ-PSS-GBL-216
Table of Contents
1 INTRODUCTION .....................................................................................................................................................5
1.1 PURPOSE ................................................................................................................................................................ 5
1.2 TARGET GROUP ....................................................................................................................................................... 5
1.3 PRE-ASSESSMENT PREPARATION INSTRUCTIONS ............................................................................................................. 5
2 BASIC CYBERSECURITY ASSESSMENT MODULE DASHBOARDS ...............................................................................6
3 GENERAL CYBERSECURITY ASSESSMENT QUESTIONNAIRE DATA ENTRY INSTRUCTIONS .....................................12
4 CREATING A NEW BASIC CYBERSECURITY ASSESSMENT REQUEST .......................................................................16
4.1 CHECK YOUR SUPPORT COMPANY IN SMS .................................................................................................................. 16
4.2 ENTERING DATA INTO THE “DELTAV BASIC CYBERSECURITY ASSESSMENT” MODULE ........................................................... 17
4.3 ENTERING DATA INTO THE “VENDOR AGNOSTIC BASIC CYBERSECURITY ASSESSMENT” MODULE ........................................... 22
5 SUBMITTING A BASIC CYBERSECURITY ASSESSMENT FOR EVALUATION ..............................................................28
6 BASIC CYBERSECURITY ASSESSMENT REPORT DELIVERY .....................................................................................30
6.1 SYNCHING THE FINAL CUSTOMER REPORT TO GUARDIAN/SMS....................................................................................... 31
7 HOW TO ACCESS THE CYBERSECURITY QUESTIONNAIRE FOR AN ASSESSMENT IN COMPLETED STATUS .............33
8 ERROR MESSAGE SUMMARY ...............................................................................................................................35
9 SETTINGS OPTIONS .............................................................................................................................................37

SEQ-PSS-GBL-216
Table of Figures
Figure 1. DeltaV Services App showing the Basic Cybersecurity Assessment Module button........... 6
Figure 2. Basic Cybersecurity Assessment Module Dashboard ........................................................ 7
Figure 3. New Basic Cybersecurity Assessment Button .................................................................... 8
Figure 4. Basic Cybersecurity Assessment Button ............................................................................ 8
Figure 5. Vendor Agnostic Cybersecurity Assessment Confirmation ................................................. 9
Figure 6. Initial New Vendor Agnostic Cybersecurity Assessment Screen ...................................... 10
Figure 7. Contact Support Request Button...................................................................................... 11
Figure 8. Basic Cybersecurity Assessment Requests “In-Progress” Section ................................... 11
Figure 9. Basic Cybersecurity Assessment Requests “Submitted” Section ..................................... 12
Figure 10. Basic Cybersecurity Assessment Requests “Completed” Section .................................. 12
Figure 11. Basic Cybersecurity Assessment Questionnaire Navigation Pane ................................. 13
Figure 12. Entering Individual Question/Response Data ................................................................. 14
Figure 13. Selecting Information from a Drop-Down List ................................................................. 14
Figure 14. Adding Additional Information (Optional) ........................................................................ 15
Figure 15. Steps to Update Support Company in SMS ................................................................... 16
Figure 16. Creating a New DeltaV Basic Cybersecurity Assessment .............................................. 17
Figure 17. Inserting a System ID..................................................................................................... 17
Figure 18. Entering Required Requestor Information Data .............................................................. 18
Figure 19. Entering Required Header Information Data .................................................................. 19
Figure 20. Customer Information Data Entry ................................................................................... 20
Figure 21. Start of Assessment Questionnaire ................................................................................ 21
Figure 22. Initial New Vendor Agnostic Assessment Screen ........................................................... 22
Figure 23. Start of Vendor Agnostic Assessment Questionnaire ..................................................... 23
Figure 24. Section 0 of the Vendor Agnostic Assessment Questionnaire ........................................ 24
Figure 25. Answering Questions in the Vendor Agnostic Assessment Questionnaire ..................... 25
Figure 26. Answering Questions in the Vendor Agnostic Assessment Questionnaire ..................... 26
Figure 27. A Completed Vendor Agnostic Assessment Questionnaire ............................................ 27
Figure 28. Submitting BCA information for report generation .......................................................... 28
Figure 29. Recently Submitted Cybersecurity Assessment Status .................................................. 29
Figure 30. Automatic Status Updating............................................................................................. 30
Figure 31. Your Completed Assessments List ................................................................................ 31
Figure 32. Steps to Synch Final Report to SMS .............................................................................. 32
Figure 33. Steps to access a Completed Cybersecurity Assessment .............................................. 34
Figure 34. Steps to View the Section Scores .................................................................................. 34

SEQ-PSS-GBL-216
1 INTRODUCTION
1.1 Purpose
DeltaV Services App – Basic Cybersecurity Assessment (BCA) Module is used
to execute the evaluation of the DeltaV System(s) at the customer plant across
multiple system dimensions. Using the BCA Module, the Services Engineers can:
a. Complete the Basic Cybersecurity Assessment Questionnaire
b. Upload the BCA Data needed to conduct the evaluation
c. Request and Receive the Basic Cybersecurity Assessment Customer Report
d. Post final pdf document to SMS
1.2 Target Group

DeltaV Services App- Basic Cybersecurity Assessment Module is available to all
service engineers, from Emerson offices as well as Local Business Partners. Service
Engineers and Service Managers will have different levels of access to the module.
On the App Dashboard, Service Managers can see the progress (and access at any
time) of all the BCA’s created/completed by their Service Engineers.
Both Service Engineers and Service Managers with access to the DeltaV Services
App, can create a new BCA for a given system, if the system is supported by the
same Support Company for which the user is registered in Service Management
System (SMS).
1.3 Pre-Assessment Preparation Instructions

Prior to attempting your first Basic Cybersecurity Assessment with your customer,
you are required to review the following videos, all created to support a successful
customer engagement. Along with a general introduction to this effort, each of the 7
sections of the BCA are reviewed, in a question-by-question format, with suggestions
on what/where to get the information needed to answer the question by using the
customer’s own DeltaV System. Prior to the Site Visit, take the following courses in
the Global Learning Center (GLC):
Once you’re logged in to GLC, do a search for: Basic Cybersecurity Assessment

Training Series (Learning Plan) to find these videos:
Section 0 Review: Effective Use of the Basic Cybersecurity Assessment
Section 1 Review: Network Security
Section 2 Review: Workstation Hardening

SEQ-PSS-GBL-216
Section 3 Review: User Account Management

Section 4 Review: Patch & Security Management
Section 5 Review: Physical Security - Perimeter Protection
Section 6 Review: Security Monitoring & Risk Assessment
Section 7 Review: Data Management
Section 8 (NEW): Required Update for Users Previously Certified Under v5.0*
Section 9 (NEW): Required video update for the use of the new Vendor
Agnostic version of the Basic Cybersecurity Assessment.
* For those previously certified under the v5.0, use the Section 8 video to update your
certification to v6.0.
Additionally, you should have read and are familiar with the following document(s):
DeltaV Cybersecurity Manual v5.0.0 (January 2019)
2 BASIC CYBERSECURITY ASSESSMENT MODULE

DASHBOARDS
Figure 1. DeltaV Services App showing the Basic Cybersecurity Assessment

Module button

SEQ-PSS-GBL-216
The Basic Cybersecurity Assessment Module Dashboard is where you track the
status of the BCA’s that you have created. If you have a Service Manager access to
the App, then you will be able to see all the BCA’s created/in progress/completed by
the Service Engineers under your supervision.
Figure 2. Basic Cybersecurity Assessment Module Dashboard

SEQ-PSS-GBL-216
At the top of this screen, there is a selection bar that reads: DeltaV Systems. This
bar will allow you to select either a standard DeltaV Basic Cybersecurity Assessment
or a Vendor-Agnostic Basic Cybersecurity Assessment.
a. Click on the top box labelled DeltaV Systems, and the following screen will
appear:
Figure 3. New Basic Cybersecurity Assessment Button
The next screen will ask whether this assessment is for an assessment of a DeltaV
control system or for a Vendor-agnostic control system assessment.
b. By selecting the DeltaV Systems option, you will see the following screen:
Figure 4. Basic Cybersecurity Assessment Button
With an active connection to the internet, simply enter the DeltaV system I.D. for the
system to be assessed and then select “Update System from SMS”. The system will
gather the data for that system and pre-populate any information required. You will
then be advanced to the first data entry screen (see section 4.2 for the next steps).
For specific instructions on entering data for a new DeltaV assessment, please see
Section 4.2.

SEQ-PSS-GBL-216
c. By selecting the Vendor Agnostic Systems option, you will see the following
screen to confirm your selection of “Vendor Agnostic:
Figure 5. Vendor Agnostic Cybersecurity Assessment Confirmation
Select the “Create Vendor Agnostic Assessment” button to verify that this is
what you want to do. No active connection to the internet is required for the
Vendor Agnostic version as all data will come from the customer, none from SMS
however, you must start the assessment process on-line.
For specific instructions on entering data for a new Vendor Agnostic

Cybersecurity Assessment, please see Section 4.3.
d. The initial New Vendor Agnostic Assessment data entry screen appears.
Ensure that all data marked with an “*” has been filled in, then press the save
button. This will start the assessment registration process and you can now work
without on-line connection to the Services App.

SEQ-PSS-GBL-216
Figure 6. Initial New Vendor Agnostic Cybersecurity Assessment Screen
Note: For specific instructions on entering data for a New Vendor Agnostic
assessment, please see Section 3.3.
Should you have rather submitted a DeltaV assessment instead of a Vendor

Agnostic assessment, then select cancel and it will return to the main menu.
e. “Contact Support” button: If you have any issue with the BCA Module, press on
the “Contact Support” button and fill out all the fields to let the Admins know the
issue you are experiencing and press the “Send” button to complete (see box 1).
Select the “App Issue” button if the issue is with the app itself but choose the
“Basic Cybersecurity Issue” button if it is a specific issue with using the BCA data
entry.

SEQ-PSS-GBL-216
Figure 7. Contact Support Request Button
f. Download CS User Guide link: We have posted within the App this BCA user
guide that will help you understand how to utilize the module functionality.
g. Export to File button: Allows you to export all the information visible in the
Cybersecurity Home page to a .csv file that can be opened in excel to keep
metrics on your BCA’s activity.
h. In Progress Cybersecurity Assessments Section: List of all the BCA’s currently

under execution. For the BCA’s in this section the Cyber Assessment
questionnaire is being responded by the customer, there are still question without
a response and the requestor has not submitted the information to generate a
BCA report.
Figure 8. Basic Cybersecurity Assessment Requests “In-Progress” Section

SEQ-PSS-GBL-216
i. Submitted Cybersecurity Assessments Section: List of all the BCA’s submitted

by the user. For the BCA’s listed in this section, all the information has been sent
correctly to Lifecycle Services team and the user only must wait for the report to
be delivered back.
Figure 9. Basic Cybersecurity Assessment Requests “Submitted” Section
j. Completed Cybersecurity Assessments Section: List of all the BCA’s

completed and delivered to the requestor. For the BCA’s listed in this section, the
BCA report can be downloaded from the App.
Figure 10. Basic Cybersecurity Assessment Requests “Completed” Section
3 GENERAL CYBERSECURITY ASSESSMENT

QUESTIONNAIRE DATA ENTRY INSTRUCTIONS
Once the initial data entry has been added to the BCA, the App will take you to the
Basic Cybersecurity Assessment Questionnaire which has been divided into 7
vectors (sections) and each section must have all the questions answered to submit
to Lifecycle Services for analysis.
All questions need to be answered in consultation with your customer and you must
select the appropriate response from the individual drop-down menu selections.
Start by selecting the first section “<” (see box 1).

SEQ-PSS-GBL-216
Figure 11. Basic Cybersecurity Assessment Questionnaire Navigation Pane
Select the “Response” box for the first question to open the drop-down responses for
this question.

SEQ-PSS-GBL-216
Figure 12. Entering Individual Question/Response Data
For questions within each section, select a response from the drop-down menu using
the radio button to indicate your choice and then press on “Submit” button.
Figure 13. Selecting Information from a Drop-Down List

SEQ-PSS-GBL-216
In some cases, the initial question may (see box 2) have an option for additional
information, and if so, another data entry selection box will open (see box 3) allowing
you to optionally add comments for a question.
Figure 14. Adding Additional Information (Optional)
As soon as you finish answering all the questions from one of the sections, the App
will proceed to the next section.

SEQ-PSS-GBL-216
4 CREATING A NEW BASIC CYBERSECURITY

ASSESSMENT REQUEST
4.1 Check your Support Company in SMS
Before starting, it is crucial to make sure that your Support Company in SMS is same
as assigned to the DeltaV system for which you are creating the new DeltaV
Cybersecurity Assessment Request.
In order to check your Support Company in SMS, follow the steps as shown in the
next image:
Figure 15. Steps to Update Support Company in SMS

SEQ-PSS-GBL-216
4.2 Entering Data into the “DeltaV Basic Cybersecurity

Assessment” Module
Press on “New Cybersecurity Assessment” button (see box 4).
Figure 16. Creating a New DeltaV Basic Cybersecurity Assessment
Enter the DeltaV System ID for which you are requesting the Basic Cybersecurity
Assessment (see box 5). App will establish connection with SMS and populate the
customer information. For this first step, direct connection to Emerson Network or via
VPN is needed. Press the “Update System from SMS” button to retrieve the data
from SMS (see box 6). The screen will show some action circles while the data is
retrieved. Do this before going to the customer site.
Figure 17. Inserting a System ID

SEQ-PSS-GBL-216
If the System ID requested is not in the SMS database or the System ID is not
associated with your LBP or FSO, you will receive an error message. In the case of
any message, you cannot continue without correcting the error.
If the Customer information retrieved from SMS is not current, you can change it in
the App, since those are editable fields. There several data entry screens associated
with getting started on a new DeltaV Basic Cybersecurity Assessment. Complete all
the mandatory fields for BCA Customer Information and BCA Requester Information
(see box 7) and then press the “NEXT” button.
Note: There are mandatory fields required to progress to the next step, indicated by
an “*” next to the field name (see red box highlight above).
When data entry is complete, depress the “Next” button to proceed (see box 8).
Figure 18. Entering Required Requestor Information Data

SEQ-PSS-GBL-216
After pressing on NEXT button, you will be presented with the navigation pane (top
left) where you will enter information required for completion of the BCA. Start with
selecting the Header Information selection (see box 9). Complete the required data
entry for this page and depress “Next” to continue to the next step (see box 10).
10
Figure 19. Entering Required Header Information Data

SEQ-PSS-GBL-216
After selecting Next, you will need to select Customer Information from the header
pane (see box 11). Complete the required data entry for this page and depress
“Next” to continue to the next step (see box 12).
11
12
11
1
Figure 20. Customer Information Data Entry

SEQ-PSS-GBL-216
Finally, after selecting “Next”, you will be taken to the Cyber Assessment Overview
page. Select “Cybersecurity Assessment” from the header pane (see box 13).
You are now ready to begin the next phase of the assessment process with your
customer as you will now begin to ask and answer the individual questions from the
Questionnaire (see box 14).
When you select the top arrow, the questions and selectable answers will appear,
section by section. When a major section is complete, you will be advanced to the
next section and so on… until the questionnaire has been completed.
13
14
Figure 21. Start of Assessment Questionnaire

SEQ-PSS-GBL-216
4.3 Entering Data into the “Vendor Agnostic Basic Cybersecurity

Assessment” Module
From the initial Vendor Agnostic Assessment screen, select Save and you will be
taken to the first data entry section, Section 0.
Figure 22. Initial New Vendor Agnostic Assessment Screen

SEQ-PSS-GBL-216
You are now ready to begin the next phase of the assessment process with your
customer as you will now begin to ask and answer the individual questions from the
Questionnaire (see box 15). Use the right arrow key to migrate to the new set of
questions.
15
5
Figure 23. Start of Vendor Agnostic Assessment Questionnaire

SEQ-PSS-GBL-216
For a Vendor Agnostic Assessment, the information generally available for a

DeltaV System ID from SMS is not available, so you must enter that data. Section 0
provides a template for the information required to complete the assessment. You
must provide answers to all questions to proceed to the next section (box 16).
Simply click on the right arrow for each question and provide the information
required. Starting with the first question, when answered, press “Submit” to
automatically proceed to the next question.
16
Figure 24. Section 0 of the Vendor Agnostic Assessment Questionnaire

SEQ-PSS-GBL-216
For each question (blue box) enter the data required in the response box (brown
box), then press Submit. The response should show up in the response box (Green
box) and the next question should be promoted to the blue box. Continue until the
last question has been answered and submitted, and you will be automatically
advanced to the next set of questions and answers.
Figure 25. Answering Questions in the Vendor Agnostic Assessment

Questionnaire

SEQ-PSS-GBL-216
Proceed to answer these questions in the same way until all questions in the
assessment have been answered.
Figure 26. Answering Questions in the Vendor Agnostic Assessment

Questionnaire

SEQ-PSS-GBL-216
As a section is completed, a check mark will appear (blue box) and a sub-section
score (green box) will be posted.
Figure 27. A Completed Vendor Agnostic Assessment Questionnaire

SEQ-PSS-GBL-216
5 SUBMITTING A BASIC CYBERSECURITY

ASSESSMENT FOR EVALUATION
After all the 7 sub-sections has been completed, then you can press on “Submit”
button (see box 17) to send the responses of the customer in order to generate the
Basic Cybersecurity Assessment Report.
18
17
Figure 28. Submitting BCA information for report generation
A verification screen pops up (see box 18). Hit “YES” to complete submitting the
information. After that action, the app will send you back to the Cybersecurity home
page where you will see that the report passed from “In Progress Cybersecurity
Assessment” section to “Submitted Cybersecurity Assessments” section.

SEQ-PSS-GBL-216
Figure 29. Recently Submitted Cybersecurity Assessment Status
After submitting the BCA information, wait for 1-3 business days to receive the report
in the App.

SEQ-PSS-GBL-216
6 BASIC CYBERSECURITY ASSESSMENT REPORT

DELIVERY
Lifecycle Service Team is now going to analyse and review all the information that
you have submitted through the App and will complete a Basic Cybersecurity
Assessment Report for you for your customer’s system.
After Lifecycle Services team process the report, the App’s status of the BCA passes
from Submitted to Completed.
Figure 30. Automatic Status Updating

SEQ-PSS-GBL-216
In order to download the Completed BCA Report, press on the right arrow symbol to
the right and download it. Save it in a convenient location in your PC.
Figure 31. Your Completed Assessments List
Please remember that this report will be sent to you in Word format, allowing you to
make any changes to fit your organization. Please remember to only submit the final
report in PDF format to your customer!
6.1 Synching the Final Customer Report to Guardian/SMS.

Once you have submitted the assessment request, Lifecycle Services will process
the information uploaded, analyse the data and generate a report. The report is then
sent back to the requestor, in Word format. This is so that you can add information (if
required) or modify the report to more closely match the customer’s system. Once
you are ready to present the report to the customer, you MUST convert the Word
document into a PDF document before you transmit to the customer.
The Basic Cybersecurity Assessment App now provides for the easy posting of the
final PDF report to SMS. This “synching” process must be done by the requestor of
the assessment and must be submitted in PDF format.

SEQ-PSS-GBL-216
Figure 32. Steps to Synch Final Report to SMS
In order to post to SMS, the final file must be in PDF format. Posting the final PDF
to SMS will allow us to fully discuss the results (as presented by you) when we
discuss further with you and your customer. The posting will also allow the
comparison of last year’s assessment to any current assessment for “progress”
purposes. The final PDF should have any and all changes made by you to the report
and then posted to SMS.

SEQ-PSS-GBL-216
7 HOW TO ACCESS THE CYBERSECURITY

QUESTIONNAIRE FOR AN ASSESSMENT IN
COMPLETED STATUS
In order to access all the questions and responses of your completed Cybersecurity
Assessments, please follow these steps:
1. Press on the Completed Assessments Button (Box 19)
2. Use the filters to find the Assessment according to your information needs (Box
20)
3. Press on the Assessment of your interest and access the questions and answers
(Box 21)
19
7
20
21

SEQ-PSS-GBL-216
Figure 33. Steps to access a Completed Cybersecurity Assessment
Each section of the Completed Assessment shows the score obtained according to
responses of the customer
Figure 34. Steps to View the Section Scores

SEQ-PSS-GBL-216
8 ERROR MESSAGE SUMMARY

• Error for System ID not assigned to your Impact Partner Territory or FSO
The System ID entered for this Cybersecurity Request does not belong to your FSO
or Impact Partner region.
Please do the following:

• Please re-check the System ID entered.
• Ensure that the customer site is in your territory, as reported in SMS.
• Error for Incomplete Questionnaire Data
There are one or more questions still unanswered within the

Questionnaire that must be answered before you can submit
the request.
Return to the Cybersecurity Assessment Overview and scan

down the page to see that all questions in each section have
been answered. In the example below, there are questions that
need answers in the Section 3. User Account Management. Go
to the section that does not have the green checkmarks and
provide the missing answers. Simply click on the “>” to go to
those questions.

SEQ-PSS-GBL-216
• Error for Missing Data Entry
This error flashes to indicate that a required field has no data entry.
Please do the following: Provide the missing data to progress forward.
• Error for Completed Assessment
Prior to marking a request complete, the finalized report must
Please upload the final report prior to indicating that the

assessment has been completed.

SEQ-PSS-GBL-216
9 SETTINGS OPTIONS
• There is a viewing few options that can be set within the BCA app and can be
accessed from within the app using the button located at the upper right-hand
corner of the app screen.
By selecting the “three dots” button, the screen opens to the right side of the page
revealing the following options menu:

SEQ-PSS-GBL-216
• Releases:
General information concerning releases to this application.
• Switch Moule:
The ability to switch between other apps can be accessed here.

SEQ-PSS-GBL-216
• Toggle Dark Theme:
Toggle between the “dark” version and the “light” version.
• Messages:
If there are any messages posted, you can view them here.

SEQ-PSS-GBL-216
• Diagnostics:
General diagnostic information is available by selecting each of these option buttons.
• About:
General information about the app.
**** END OF DOCUMENT ****

DeltaV Services App User Guide - Basic Cybersecurity Assessment

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DeltaV Services App User Guide - Basic Cybersecurity Assessment

Uploaded by

Copyright:

Available Formats

SEQ-PSS-GBL-216

DeltaV Services App User Guide for the Rev F4 – Page 1 of 40

Emerson Automation Solutions

DeltaV Services App User Guide for the

Emerson – Confidential and Proprietary

Rev Description Date Developed By

Emerson Automation Solutions

Emerson – Confidential and Proprietary

Emerson – Confidential and Proprietary

a. Complete the Basic Cybersecurity Assessment Questionnaire

b. Upload the BCA Data needed to conduct the evaluation

c. Request and Receive the Basic Cybersecurity Assessment Customer Report

d. Post final pdf document to SMS

1.2 Target Group

1.3 Pre-Assessment Preparation Instructions

Once you’re logged in to GLC, do a search for: Basic Cybersecurity Assessment

Emerson – Confidential and Proprietary

Section 3 Review: User Account Management

DeltaV Cybersecurity Manual v5.0.0 (January 2019)

2 BASIC CYBERSECURITY ASSESSMENT MODULE

Figure 1. DeltaV Services App showing the Basic Cybersecurity Assessment

Emerson – Confidential and Proprietary

Figure 2. Basic Cybersecurity Assessment Module Dashboard

Emerson – Confidential and Proprietary

Figure 3. New Basic Cybersecurity Assessment Button

Figure 4. Basic Cybersecurity Assessment Button

Emerson – Confidential and Proprietary

Figure 5. Vendor Agnostic Cybersecurity Assessment Confirmation

For specific instructions on entering data for a new Vendor Agnostic

Emerson – Confidential and Proprietary

Figure 6. Initial New Vendor Agnostic Cybersecurity Assessment Screen

Should you have rather submitted a DeltaV assessment instead of a Vendor

Emerson – Confidential and Proprietary

Figure 7. Contact Support Request Button

h. In Progress Cybersecurity Assessments Section: List of all the BCA’s currently

Figure 8. Basic Cybersecurity Assessment Requests “In-Progress” Section

Emerson – Confidential and Proprietary

i. Submitted Cybersecurity Assessments Section: List of all the BCA’s submitted

Figure 9. Basic Cybersecurity Assessment Requests “Submitted” Section

j. Completed Cybersecurity Assessments Section: List of all the BCA’s

Figure 10. Basic Cybersecurity Assessment Requests “Completed” Section

3 GENERAL CYBERSECURITY ASSESSMENT

Emerson – Confidential and Proprietary

Figure 11. Basic Cybersecurity Assessment Questionnaire Navigation Pane

Emerson – Confidential and Proprietary

Figure 12. Entering Individual Question/Response Data

Figure 13. Selecting Information from a Drop-Down List

Emerson – Confidential and Proprietary

Figure 14. Adding Additional Information (Optional)

Emerson – Confidential and Proprietary

4 CREATING A NEW BASIC CYBERSECURITY

Figure 15. Steps to Update Support Company in SMS

Emerson – Confidential and Proprietary

4.2 Entering Data into the “DeltaV Basic Cybersecurity

Figure 16. Creating a New DeltaV Basic Cybersecurity Assessment

Figure 17. Inserting a System ID

Emerson – Confidential and Proprietary

Figure 18. Entering Required Requestor Information Data

Emerson – Confidential and Proprietary

Figure 19. Entering Required Header Information Data

Emerson – Confidential and Proprietary

Figure 20. Customer Information Data Entry

Emerson – Confidential and Proprietary

Figure 21. Start of Assessment Questionnaire

END OF DOCUMENT