• Home
  • Australian Energy Sector Cyber Security Framework (AESCSF) Question Set
Australian Energy Sector Cyber Security Framework (AESCSF) Question Set

Australian Energy Sector Cyber Security Framework (AESCSF) Question Set

By : 6clicks
The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector. The AESCF includes 282 requirements across 11 domains and 37 subdomains (that may be applicable depending on your desired Maturity Level and Security Profile)
In stock

Details

This download includes the AESCSF requirements along with a question set that will help you perform an assessment. The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector.

The AESCF includes 282 requirements across 11 domains and 37 subdomains (that may be applicable depending on your desired Maturity Level and Security Profile)

  • ACM: Asset, Change and Configuration Management
  • ACM-1: Manage Asset Inventory
  • ACM-2: Manage Asset Configuration
  • ACM-3: Manage Changes to Assets
  • ACM-AP: Anti-Patterns
  • CPM: Cyber Security Program Management
  • CPM-1: Establish Cyber Security Program Strategy
  • CPM-2: Sponsor Cyber Security Program
  • CPM-3: Establish and Maintain Cyber Security Architecture
  • CPM-4: Perform Secure Software Development
  • CPM-AP: Anti-Patterns
  • EDM: Supply Chain and External Dependencies Management
  • EDM-1: Identify Dependencies
  • EDM-2: Manage Dependency Risk
  • IAM: Identity and Access Management
  • IAM-1: Establish and Maintain Identities
  • IAM-2: Control Access
  • IAM-AP: Anti-Patterns
  • IR: Event and Incident Response, Continuity of Operations
  • IR-1: Detect Cyber Security Events
  • IR-2: Escalate Cyber Security Events and Declare Incidents
  • IR-3: Respond to Incidents and Escalated Cyber Security Events
  • IR-4: Plan for Continuity
  • IR-AP: Anti-Patterns
  • ISC: Information Sharing and Communications
  • ISC-1: Share Cyber Security Information
  • RM: Risk Managemet
  • RM-1: Establish Cyber Security Risk Management Strategy
  • RM-2: Manage Cyber Security Risk
  • RM-AP: Anti-Patterns
  • SA: Situational Awareness
  • SA-1: Perform Logging
  • SA-2: Perform Monitoring
  • SA-3: Establish and Maintain a Common Operating Picture (COP)
  • SA-AP: Anti-Patterns
  • TVM: Threat and Vulnerability Management
  • TVM-1: Identify and Respond to Threats
  • TVM-2: Reduce Cyber Security Vulnerabilities
  • TVM-AP: Anti-PatternsWM: Workforce Management
  • WM-1: Assign Cyber Security Responsibilities
  • WM-2: Control the Workforce Life Cycle
  • WM-3: Develop Cyber Security Workforce
  • WM-4: Increase Cyber Security Awareness
  • WM-AP: Anti-Patterns
  • APM: Australian Privacy Management
  • APM-1: Manage Personal Information and Privacy
  • APM-AP: Anti-Patterns

Getting Started

Enter your getting started instructions here

More Information

More Information
Jurisdiction Australia
Type Assessment

Discover the latest GRC news, apps, and exclusive promotions with our e-newsletter.

PC, iOS, and Android

Want to feature your app or content here?

Become a 6clicks vendor and get all support, and resources you’ll need to become the vendor your clients can’t live without.

Sign in or become a Vendor today

Although 6clicks reviews each vendor in the 6clicks Marketplace, we can’t provide any guarantees. It’s up to you to assess the performance, quality and suitability of any app, content or service provider before proceeding. For our full terms and conditions click the link below.

Privacy  | Terms  | Copyright © 2022 6clicks