SecAware materials

SecAware logo

~3-page information security policy template on industrial IT.


This policy elaborates on the cybersecurity requirements for industrial IT systems. networks and devices (also known as ‘operational IT’).


Given our dependence on IT for operational, health and safety, and environmental protection reasons, information security is vital consideration for industrial IT systems monitoring and controlling various items of plant and machinery.


Traditionally, industrial IT has largely been the domain of Production/Operations Management, Engineering, Facilities etc., whereas IT Department handles corporate IT systems, networks, office automation etc.  IT/cybersecurity functions that are too deeply embedded within the IT Department may have little to no involvement with industrial IT, potentially opening a substantial control gap that needs to be bridged.


Supplied as an MS Word document, readily customised for your organisation's specific situation.

Industrial IT policy