IT and ICS Security Assurance

Consultant | Training | Solutions
Fedco International, PT.

Welcome to Fedco - IT and ICS Security Consultant

ICS Standard, Policy & Procedure Management

The Good Governance in ICS Security

"Good policy governance will be reflected in clearly defined procedure, and implemented properly as a need to ensure the sustainable business operations and optimize the performance"

Standard

A technical standard is an established norm or requirement in regard to technical systems. It is usually a formal document that establishes uniform engineering or technical criteria, methods, processes and practices

Policy

Security policy is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. For systems, the security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people

Procedure

Detail technical guidelines to govern the day to day operations by adhering to the company standard and security policy. The purpose of having written procedure is to ensure the deployment of the requirement is implemented in the environment

Policy and Business Conduct

As an organization, company should realize the essential of having clear defined policy on their organization. This policy will be the soul of so many aspects that will guide the whole business conduct. Focus on the cyber security perspective, the policy on this aspect should govern all related entities within the company, regarding the core security guidelines for the organization. Security policy should also govern people (as the core player) and system (as the security object)

Technical Coverage

Technical and behaviour should be captured on the security policy coverage. As an example, the removable media policy.  The threat of being infected by malicious code that spread out by the contaminated removable media can put the organization in danger situation. Another example is related to the behaviour control on how to interact with the high level data classification (confidential and private). What is the best practice that should be deployed to the people each time they interact with these types of datas

What We Offer

ICS Security Company Standard Design & Development

Technical assistance and consultation to design and develop the company standard to govern the ICS security assurance based on existing industrial standards, best practices, technical recommendation and specific corporate guidelines. The ICS security program framework can be included in this standard, while the more detail requirement can be covered in specific ICS security program guidelines

ICS Security Policy Design & Development

Technical assistance and consultation to strategize and develop the ICS security policy within the corporation align with the existing company general policy and IT security policy. The ICS security policy is considered as the top level guidelines to govern the ICS security assurance across the company, while the detail step by step of daily activities will be covered in ICS security procedure

ICS Security Procedure Design & Development

Technical assistance and consultation to strategize and develop the ICS security procedure adhere to the company standard and ICS security policy in order to cover the detail activities related to the ICS security assurance in day to day operations

The ICS Standard, Policy and Procedure Design & Development is the soul of the ICS security assurance continual improvement cycle. This is the guidelines of the whole ICS security activities within the boundary, and therefore it should be made available prior to moving to the next phase, ICS Security Implementation

Develop Now

We provide the ICS Security Standard, Policy and Procedure strategic planning, design and development as the fundamental references to deploy the ICS security assurance