ISO/IEC 27019
ISO/IEC 27019:2017 - Energy utility industry
Extension of ISO/IEC 27002 specific to the energy utility industry: generation, transmission, distribution, storage. Defines additional controls for process control systems and the Process Control Domain (PCD) that manages the energy infrastructure.
- 01Extension of the ISMS to the Process Control Domain (PCD)
- 02Segregation between corporate IT, process IT and control systems
- 03Hardening and monitoring of SCADA / DMS / EMS systems
- 04Lifecycle management of legacy assets with operational constraints
- 05Resilience and continuity of critical energy processes
For energy utilities and operators in the sector, MON5 passively observes SCADA/DMS/EMS traffic, recognises sector-specific protocols (IEC 61850, DNP3, IEC 60870-5-104), identifies missing segregation between PCD and corporate IT and monitors legacy assets without requiring invasive installations on PLCs/RTUs.
- →Energy protocol recognition (IEC 61850, DNP3, IEC 60870-5-104)
- →PCD / IT / OT segregation map
- →Asset inventory on RTU, PLC, IED, gateway
- →Anomaly detection compatible with operational constraints on legacy systems
- →Evidence for ENE-specific controls of the extended Annex A
Let's figure out what you really need.
Show us the OT perimeter and the regulations you need to cover: we will tell you what MON5 documents directly, where complementary work is needed, and which tier to start from - no hard selling.