Australian Energy Sector Cyber Security Framework (AESCSF)
By : 6clicks
The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector. The AESCF includes 282 requirements across 11 domains and 37 subdomains.
In stock
Details
This download includes the AESCSF requirements only so there are no mapped questions. Use this download if you just want the provisions and you want to create your own question set.
The AESCSF is the Cyber Security Framework prepared by the Australian Energy Market Operator (AEMO) in conjunction with the Australian Cyber Security Centre (ACSC), Critical Infrastructure Centre (CIC), and the Cyber Security Industry Working Group (CSIWG) to enhance cyber security across the energy sector.
The AESCF includes 282 requirements across 11 domains and 37 subdomains (that may be applicable depending on your desired Maturity Level and Security Profile), which are:
- ACM: Asset, Change and Configuration Management
- ACM-1: Manage Asset Inventory
- ACM-2: Manage Asset Configuration
- ACM-3: Manage Changes to Assets
- ACM-AP: Anti-Patterns
- CPM: Cyber Security Program Management
- CPM-1: Establish Cyber Security Program Strategy
- CPM-2: Sponsor Cyber Security Program
- CPM-3: Establish and Maintain Cyber Security Architecture
- CPM-4: Perform Secure Software Development
- CPM-AP: Anti-Patterns
- EDM: Supply Chain and External Dependencies Management
- EDM-1: Identify Dependencies
- EDM-2: Manage Dependency Risk
- IAM: Identity and Access Management
- IAM-1: Establish and Maintain Identities
- IAM-2: Control Access
- IAM-AP: Anti-Patterns
- IR: Event and Incident Response, Continuity of Operations
- IR-1: Detect Cyber Security Events
- IR-2: Escalate Cyber Security Events and Declare Incidents
- IR-3: Respond to Incidents and Escalated Cyber Security Events
- IR-4: Plan for Continuity
- IR-AP: Anti-Patterns
- ISC: Information Sharing and Communications
- ISC-1: Share Cyber Security Information
- RM: Risk Managemet
- RM-1: Establish Cyber Security Risk Management Strategy
- RM-2: Manage Cyber Security Risk
- RM-AP: Anti-Patterns
- SA: Situational Awareness
- SA-1: Perform Logging
- SA-2: Perform Monitoring
- SA-3: Establish and Maintain a Common Operating Picture (COP)
- SA-AP: Anti-Patterns
- TVM: Threat and Vulnerability Management
- TVM-1: Identify and Respond to Threats
- TVM-2: Reduce Cyber Security Vulnerabilities
- TVM-AP: Anti-PatternsWM: Workforce Management
- WM-1: Assign Cyber Security Responsibilities
- WM-2: Control the Workforce Life Cycle
- WM-3: Develop Cyber Security Workforce
- WM-4: Increase Cyber Security Awareness
- WM-AP: Anti-Patterns
- APM: Australian Privacy Management
- APM-1: Manage Personal Information and Privacy
- APM-AP: Anti-Patterns
Getting Started
Click "Book a demo" and our team will provide you with an overview of our content library within the 6clicks GRC platform.Resources
.png)
More Information
| Jurisdiction | Australia |
|---|---|
| Type | Laws or related obligations |