Energy industry
Efficient, sustainable, future-oriented: developing the energy industry of tomorrow.
Legal compliance and impetus for further development
The future of energy supply – and many other areas – is dependent on functioning information and communication technology.
It is not always easy for operators and companies to find their way through the maze of different norms and standards. At the same time, the existing standards offer very good implementation aids on the way to becoming safer and better as a company. As a long-standing certification partner, CIS draws on extensive expertise and offers system certifications as part of the ISO 27000 series (ISO 27019 – especially for energy suppliers).
However, the sub-standard ISO 27019 is the add-on to ISO 27001 specifically for the energy sector, addressing security measures for control and monitoring systems in the areas of generation, transmission and distribution of electricity, gas and heat, as well as supporting IT security processes and technologies. Certification provides the assurance that appropriate measures have been taken to ensure a secure energy supply.
ISO 27019 - Security measures for energy suppliers
ISO 27019 provides energy suppliers with an internationally recognised standard for the further development of corporate security measures to protect energy supply systems.
The standard builds on ISO 27001 and ISO 27002 and can therefore be easily integrated into a new or existing information security management system (ISMS) in accordance with ISO 27001. Concretisations and extensions of ISO 27002, taking into account the risk-oriented approach of ISO 27001, enable the targeted further development of existing security measures to protect energy supply systems in the company.
Energy Industry Act (EnWG §11)
Legislative compliance and impetus for the further development of the security of energy supply networks and energy systemsEnWG §11 paragraph 1a, EnWG §11 paragraph 1b
In the Energy Industry Act (EnWG), the German legislator defines the obligation to operate a secure energy supply network or secure energy systems. This is based on ISO 27001, ISO 27019 and the security catalogue in accordance with EnWG §11 1a and EnWG §11 1b. Operators of energy supply networks and/or energy systems that fall under this law are obliged to provide evidence of corresponding implementation by an accredited company.
How do management systems ensure IT resilience in the energy industry?
In the energy industry, the protection of critical infrastructures is of central importance. ISO 27019 supplements the general ISO 27001 standard with industry-specific requirements for energy suppliers and thus creates the basis for an effective information security management system (ISMS). Legal requirements such as the IT Security Act 2.0 demand that companies in the energy sector not only take technical security measures, but also provide evidence of systematic and documented security management. An ISMS aligned with ISO 27019 helps to ensure compliance, minimise risks and guarantee continuous security of supply – a decisive contribution to IT resilience in the energy sector.
Your advantages
Information security for data centres with CIS
- Our certification and training go hand in hand and cover both system security and employee awareness
- Industry focus: specialisation in business continuity for critical infrastructure companies
- Certification readiness: We make you fit for the audit
- Experienced consultants & tried-and-tested tools
- Whether first steps in the ISMS or preparation for an audit – we accompany you from the first ACTUAL analysis to successful certification
Request
We are delighted that you are interested in our services. We will be happy to send you further information. Please provide us with the following information:
