AESCSF Question Set: Aus. Energy Sector Cybersecurity

By : 6clicks
The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector. The AESCF includes 282 requirements across 11 domains and 37 subdomains (that may be applicable depending on your desired Maturity Level and Security Profile)
In stock

Details

This download includes the AESCSF requirements along with a question set that will help you perform an assessment. The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector.

The AESCF includes 282 requirements across 11 domains and 37 subdomains (that may be applicable depending on your desired Maturity Level and Security Profile)

  • ACM: Asset, Change and Configuration Management
  • ACM-1: Manage Asset Inventory
  • ACM-2: Manage Asset Configuration
  • ACM-3: Manage Changes to Assets
  • ACM-AP: Anti-Patterns
  • CPM: Cyber Security Program Management
  • CPM-1: Establish Cyber Security Program Strategy
  • CPM-2: Sponsor Cyber Security Program
  • CPM-3: Establish and Maintain Cyber Security Architecture
  • CPM-4: Perform Secure Software Development
  • CPM-AP: Anti-Patterns
  • EDM: Supply Chain and External Dependencies Management
  • EDM-1: Identify Dependencies
  • EDM-2: Manage Dependency Risk
  • IAM: Identity and Access Management
  • IAM-1: Establish and Maintain Identities
  • IAM-2: Control Access
  • IAM-AP: Anti-Patterns
  • IR: Event and Incident Response, Continuity of Operations
  • IR-1: Detect Cyber Security Events
  • IR-2: Escalate Cyber Security Events and Declare Incidents
  • IR-3: Respond to Incidents and Escalated Cyber Security Events
  • IR-4: Plan for Continuity
  • IR-AP: Anti-Patterns
  • ISC: Information Sharing and Communications
  • ISC-1: Share Cyber Security Information
  • RM: Risk Managemet
  • RM-1: Establish Cyber Security Risk Management Strategy
  • RM-2: Manage Cyber Security Risk
  • RM-AP: Anti-Patterns
  • SA: Situational Awareness
  • SA-1: Perform Logging
  • SA-2: Perform Monitoring
  • SA-3: Establish and Maintain a Common Operating Picture (COP)
  • SA-AP: Anti-Patterns
  • TVM: Threat and Vulnerability Management
  • TVM-1: Identify and Respond to Threats
  • TVM-2: Reduce Cyber Security Vulnerabilities
  • TVM-AP: Anti-PatternsWM: Workforce Management
  • WM-1: Assign Cyber Security Responsibilities
  • WM-2: Control the Workforce Life Cycle
  • WM-3: Develop Cyber Security Workforce
  • WM-4: Increase Cyber Security Awareness
  • WM-AP: Anti-Patterns
  • APM: Australian Privacy Management
  • APM-1: Manage Personal Information and Privacy
  • APM-AP: Anti-Patterns

Getting Started

Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.

More Information

More Information
Jurisdiction Australia
Type Assessment