Critical infrastructure operator security plan   ________________________________

Optionally, technical assistance for the identification and negotiation ICN / ICE;

  1. Audit on the general risk management and security risk management in particular;

  2. Technical assistance for the establishment or, where appropriate, updating the risk management process to the specific ICN / ICE

  3. Identification of assets belonging to the ICN / ICE designated;

  4. Auditing means control risks in relation to critical assets;

  5. Risk assessment and vulnerability ICN / ICE of responsibility; formalization and negotiation with public authority responsible; will take into account risk scenarios plausible in the context of gradual alert;

  6. Develop a risk treatment plan, supported where appropriate by cost-benefit analysis; selecting security measures will be based on audit results from no.4 and the relevant regulations in the areas of physical security, information security and protection of classified information, emergency management and crisis and continuity, fire safety, cyber security, personal security, security management;

  7. Develop an action plan for protection and security of ICN / ICE; it will consider gradual response;

  8. Formalizing PSO;

  9. Optionally, the framework for the necessary organizational support tasks on protection ICN / ICE;

  10. Optionally, impact assessment studies (inter) dependence degree of resilience.