IT and ICS Security Assurance

Consultant | Training | Solutions
Fedco International, PT.

Welcome to Fedco - IT and ICS Security Consultant

ICS Security Asset Management

Industrial Control System (ICS) Asset Management

The starting point of the whole ICS Security Assurance
The ICS Asset Management is consist of four (4) segments of activities as integrated unit. These 4 activities will give the final output called Asset Inventory Management documentation (including some gap findings against the documented list & practice vs. the real condition of the assessed asset

Asset Characterization

It is important to characterize the Industrial Control System (ICS) asset into some of categories, such as based on the criticality level, mobility, hardware/software, etc. For example, an asset that categorized as critical will have different treatment with the lower criticality asset. The asset inventory documentation will be the main output from this activity

Asset Consolidation

The activities that covered by this segment are Asset Verification & Validation and Asset Critical Spare Part Management. The core goal by doing these activities is to get the real mapping between Asset Inventory document against the existing asset condition, in order to generate a valid and verified master document regarding Asset Inventory Database

Criticality Management

The criticality management is covering the activity to manage the asset based on its criticality level (the criticality level is defined by using ICS security risk assessment method - covered by Risk Management). The strategic planning & maintenance for the asset will then driven by the criticality result, more critical system will have more concern compare to the lower one.

Change Management

This segment is covering the systemic practice for interfacing with the asset, such as changing/adding/deleting/backup/restore against the asset. The ownership and custodianship roles will need to be in place with the procedural practice to ensure the change management of an asset is controlled, managed, audited and reported.

Asset Management Documentation

The Asset Management Documentation will be the final graad output from the ICS Security Asset Management process. This document will contain the updated, verified and validated Asset Inventory Database regarding assessed ICS environment object. It will also included with the account management and gap findings between listed inventories against the actual condition.

The Asset Management Documentation will be used as the reference point for the next ICS Security Assurance activities: Risk Management and ICS Security Assessment

Need Help?

We provide the ICS Security Asset Management covering the 4 core activities to come up with the final Asset Management Documentation