Textkörper
 

Workshop ISO/IEC 27019 according to certification scheme of the IT security catalogue for energy network operators

Together with the BSI, the BNetzA has drawn up the IT security catalogue for energy network operators in accordance with § 11 Paragraph 1a of the Energy Industry Act (EnWG). According to the catalogue, all electricity and gas network operators must introduce and have certified an information security management system (ISMS) by 31 January 2018, based on the ISO/IEC 27001 standard extended by specific aspects of network control.

In addition to the contents of ISO 27001 including Annex A and ISO 27002, the requirements of ISO 27019 must also be checked for relevance and, if necessary, implemented accordingly.

Die ISO 27019 spezifiziert die Anforderungen des Anhangs A der ISO 27001 betreffend der Sicherheitsanforderungen für Steuerungssysteme der Energieversorgung. In einzelnen Bereichen geht sie sogar über die Vorgaben der ISO 27001 hinaus.

In unserem Workshop "ISO/IEC 27019 gemäß Zertifizierungsschema des IT-Sicherheitskatalogs für Energienetzbetreiber" werden die Sicherheitsanforderungen der ISO 27019 im Detail betrachtet und es werden Hinweise gegeben, wie diese entsprechend den Vorgaben des IT-Sicherheitsgesetz für die Energiewirtschaft im Rahmen einer Zertifizierung umzusetzen sind.

ISO 27019 specifies the requirements of Annex A of ISO 27001 concerning the safety requirements for control systems of power supply. In some areas, it even goes beyond the requirements of ISO 27001.

In our workshop "ISO/IEC 27019 according to the certification scheme of the IT security catalogue for energy network operators", the security requirements of ISO 27019 are examined in detail and information is given on how these can be implemented within the framework of certification in accordance with the requirements of the IT security law for the energy industry.

<none>