Self Assessment

Process Safety and Cyber Security

Answer these fifteen simple "yes or no" questions. We'll provide you with a score and a summary assessment to assist you with determining if you're on the right track to achieving a continuously safe and secure operation.

We will not sell, trade, share or transfer this information to any third parties.

  1. E-mail Address:
  2. Does your company perform annual Cyber Security assessments to document the number of systems, connections, and security gaps?

  3. Does your organization understand how Process Safety and Cyber Security are related in your plant(s)?

  4. Does your organization's overall Process Safety and Cyber Security protection plan include People, Processes and Technology?

  5. For new systems do all project vendors understand their part in your plant-wide Cyber Security and Process Safety plan?

  6. Does your organization comply with any Safety or Security frameworks? E.G. IEC-62443, AWWA G430, NIST 800-53/82, NERC CIP v5, ISO 27001:2013, IEC 61511, ISA S 84?

  7. Does your Process Safety and Cyber Security plan ensure external vendors follow your protection strategy during the Design / Build / Implementation phases?

  8. Are both Cyber Security AND Process Safety measures installed during the build phase and checked as part of the FAT? Are they checked during the SAT?

  9. Do you test and document both Cyber Security measures AND Industrial Process Safety measures during plant commissioning?

  10. Does your organization periodically test your Cyber Security AND Process Safety measures and develop improvement plans as needed?

  11. Are applicable Cyber Security AND Process Safety Standards for plant system components verified and up to date?

  12. Does your organization regularly perform Cyber Security maintenance activities? Operating System / Application Patching, Endpoint Security Updates, Incident Response planning

  13. When you change your process do you re-evaluate your Process Safety AND Cyber Security measures?

  14. When a project is complete do you perform a Process Safety and Cyber Security lessons learned analysis and use best practices for new projects?

  15. Does your organization continuously monitor for Cyber Security related events such as failed logins, unauthorized removable media, malware infections?

  16. Does your organization conduct bi-annual disaster recovery process review and testing?