178 Handbook of SCADA/Control Systems Security
ii. Concept of operations document for systems. This document details the
purpose of each system (what is the purpose of the system, what does
do/provide?):
a. How it fullls that purpose—how does it tick?
b. Component dependencies on other components—what parts of the
system rely on the external systems and interdependencies?
c. Other parts of the system, what do they rely on them for and how?
e. List of mandatory requirements
i. This component should detail exactly what mandatory requirements
the organization is required by legislation, to meet. Attach copies of the
relevant parts of the legislation.
ii. This should also show in a matrix, how you have met each regulation
in enough ...