CSA Z246.1-2017 pdf free download

CSA Z246.1-2017 pdf free download.Security management for petroleum and natural gas industry systems.
d) Center For Chemical Process Safety (CCPS), (an American Institute of Chemical Engineers — AIChE — Technological Community), Security Vulnerability Enterprise Screening Tool.
e) Center for Chemical Process Safety — “Guidelines for Analyzing and Managing the Security Vulnerabilities of Fixed Chemical Sites”.
f) US Dept. of Justice/Sandia National Laboratories — Security Risk Assessment Methodology for Chemical Facilities”.
g) AGA and INGAA — “Security Guidelines: Natural Gas Industry, Transmission and Distribution”.
h) ANS(/ASIS SPC. 1, Organizational Resilience: Security, Preparedness, and Continuity Management Systems — Requirements with Guidance for Use Standard.
I) ASIS Risk Assessment Guideline.
5.3 Asset characterization
5.3.1
The operator shall develop and implement a documented evaluation process for determining criticality of assets.
This process shall
a) be reviewed at regular intervals and updated as necessary when assets are added or modified;
b) identify assets and ascertain the impact to the operator if any asset were to be damaged or destroyed; and
c) include criteria to establish levels of consequence.
5.3.2
Asset characterization should
a) identify and address any contractual and legal requirements;
b) consider time factors if certain assets become more important at different times during the year due to weather, turnarounds, and other regularly occurring events;
c) identify any critical interdependencies (e.g., other supporting assets or services);
d) be harmonized with the operator’s business continuity program and disaster recovery plan; and
e) consider the worst-case scenario.
5.4 Threat assessment
5.4.1
The operator shall develop and implement a documented process to identify current and potential threats that could result in the loss of or damage to an asset. The threat assessment shall consider available and relevant information from both internal and external sources.
5.4.2
The threat assessment should consider
a) presence and identification of a potential adversary;
b) capability of an adversary to carry out a threat based on an assessment and evaluation of the nature of the threat and degree of sophistication needed to carry out the threat (e.g., specific training, financial support, and industry expertise);
c) intentions as to whether the threat has been stated or implied and belief that the threat is real;
d) history of a similar threat occurring to another similar operation within the same industry or region;
e) asset attractiveness;CSA Z246.1-2017 pdf free download.