Participants' handling of ICT security

From 2 May to 16 June 2017, we conducted an audit of the participants' handling of ICT security. The audit was directed at operators with fields and plant in operation and owners with facilities in possession of an Acknowledgement of Compliance (AoC).

Published: 17 October 2017

Cyber security

Over a number of years, the PSA has been monitoring the industry's work to safeguard IT systems that manage processes, monitor potential gas leaks or fires and perform safe shutdowns for plant and facilities.

Objective

The objective of the audit was to investigate the approach of operators and owners to risk assessment, protection, follow-up and surveillance of ICT security for the industrial security and control systems.

Result

Through this series of meetings, we gained knowledge of the various challenges in the industry relating to:

Risk assessments
ICT architecture for the industrial security and control systems and links to other systems
Passive safeguards for the industrial security and control system networks
Monitoring, analysis and response
Incident reporting
Own audits and reviews

Parts of the audit report are exempt from public disclosure, with ref. to the Freedom of Information Act Section 24, para 3

The audit report concludes with an English summary.

Additional information is not available in English

Contact

What are you looking for?

All regulations

Acts

Amendments and consultations

PDFs of regulations

Previous versions of the regulations

All regulations

Acts

Amendments and consultations

PDFs of regulations

Previous versions of the regulations

Audit reports

Investigation reports

Consents

Acknowledgements of Compliance (AoC)

Notices about orders

Audit reports

Investigation reports

Consents

Acknowledgements of Compliance (AoC)

Notices about orders

All subjects

Trends in risk level (RNNP)

Terms and expressions

Main issue 2025: Artificial intelligence is also a risk factor

All subjects

Trends in risk level (RNNP)

Terms and expressions

Main issue 2025: Artificial intelligence is also a risk factor

Upcoming events

Previous events

Upcoming events

Previous events

What is tripartite collaboration?

Who is responsible for safety?

Safety Forum

Regulatory Forum

What is tripartite collaboration?

Who is responsible for safety?

Safety Forum

Regulatory Forum

Who is Havtil?

Our organisation

Q&A: Understanding the Norwegian regime

International collaboration

Job vacancies

Who is Havtil?

Our organisation

Q&A: Understanding the Norwegian regime

International collaboration

Job vacancies

Contact persons

Reporting to Havtil

Requests for access

Notify us

Contact persons

Reporting to Havtil

Requests for access

Notify us

Participants' handling of ICT security

Objective

Result

Attachments

Tilsynsrapport - Aktørenes håndtering av IKT sikkerhet (PDF)

Contact

Eileen Brundtland

Related content