Method Functional Safety
What is the Cyber Security Lifecycle?
About the Cyber Security Lifecycle
How do i start?
I am new to this, how do I start?

IACS Change Management Procedures

As part of ongoing risk management, robust Change Management procedures are required to ensure that the defined IACS scope is not subject to uncontrolled modifications which could reduce the effectiveness of implemented security countermeasures or introduce new vulnerabilities.

IACS cyber security Change Management procedures can be introduced into an existing corporate Change Management System or defined specifically within an organisation’s Cyber Security Management System (CSMS).

The concept of like-for-like replacement, common in plant equipment and safety system asset management, needs to be expanded for IACS assets to avoid introduction of security risks from existing (but previously disabled) and new functionality e.g. web server capability implemented by the manufacturer during product line development. In addition to matching manufacturer and model numbers, a replacement IACS asset must be identical to the asset it is replacing in terms of:

  • Software version
  • Patch status
  • Firmware version (if applicable)
  • Configuration (by the end user)

The possibility of unwittingly introducing security risks due to dependencies on external suppliers highlights the need for organisations to understand their IACS asset supply chain and manage the risk from external suppliers as part of the CSMS.

Cyber Security Lifecycle

Cyber Security Lifecycle
OT Cyber Security
OT Cyber Security
Cyber Security Lifecycle

Contact =Method Consultants

You can contact =Method below:

p: +44 (0)1462 713313


Contact us online

E: T: 44 (0)1462 713313. W:

LinkedinMethod Functional Safety member of InstMC

Functional Safety + Process Safety + Cyber Security + Compliance Assessment + Competency Register + Software Solutions = Method Safety and Security

Address: Method Cyber Security Ltd. Method House, Davis Crescent, Hitchin, SG5 3RB
Phone: +44 (0)1462 713313 Email: Website:

Terms and Conditions | Privacy Policy. Registered In England 08453480. VAT No. GB 96 3453 69. Site © Copyright Method Cyber SecurityLtd 2024