Wednesday 4 August 2010

Security standard certification

Secure Embedded Device Security Assurance Certification accepted as ANSI Pilot Accreditation Program

The American National Standards Institute (ANSI) and the ANSI-ASQ National Accreditation Board (ANAB)/ACLASS brand have launched a formal pilot accreditation program based on the requirements of the ISA Security Compliance Institute (ISCI) ISASecure™ Embedded Device Security Assurance (EDSA) certification program.

ISASecure recognizes and promotes cyber-secure products and practices for industrial automation suppliers and operational sites. A new agreement between ISCI, ANSI, and ACLASS establishes ANSI/ACLASS as the Accreditation Body for organizations that provide product certifications in accordance with the ISASecure EDSA conformance scheme as well as ISO/IEC Guide 65, General Requirements for Bodies Operating Product Certification Systems.

"This announcement is a major milestone in the ISCI ISASecure EDSA certification program,” stated Andre Ristaino, ISCI managing director. "With our device certification requirements and lab accreditation requirements complete, we can now accredit labs to international standards to provide certification services. The ANSI/ACLASS accreditation requirement supports our goal to operate a credible, globally recognized certification program.”

Third-party accreditation by ANSI/ACLASS enhances the credibility and value of the ISASecure process by attesting to the competence and qualification of certification bodies and laboratories, offering them a significant distinction from their competitors in the marketplace.

Companies desiring to become an accredited ISASecure EDSA certification body and/or laboratory should visit the ANSI website, for a description of the ISASecure EDSA program and information on accreditation requirements, fees, and the application process. The 30-day open period to apply for accreditation under the pilot program begins on 2 August 2010, and ends on 1 September 2010.

“The industry’s vision to set up a globally recognized security assessment program for our automation control systems is being realized through ISCI,” explained Ivan Susanto, manager PCN & SCADA security of Chevron and ISCI board vice-chairman. “This program establishes a clearly articulated baseline level of security for automation controls bearing the ISASecure certification. It will simplify procurement processes for many companies because it provides clarity for control systems suppliers on security requirements and we, as asset owners, can build our security effort on top of the ISASecure certification baseline.”

“ANSI/ACLASS are proud to be selected by ISCI as accreditor for a program that contributes to the safety and security of systems controlling critical infrastructure,” stated Lane Hallenbeck, ANSI vice president for accreditation services.

The ANSI/ACLASS accreditation program will be implemented in accordance with all relevant international standards, including ISO/IEC 17011, Conformity Assessment – General Requirements for Accreditation Bodies accrediting conformity assessment bodies. The ANSI/ACLASS program will assess the competence of Chartered Certification Bodies and Laboratories against the requirements of the international standards ISO/IEC Guide 65 and ISO/IEC 17025, General requirements for the competence of testing and calibration laboratories, as well as the International Accreditation Forum (IAF) Mandatory Document for the Application of ISO/IEC Guide 65, and the additional requirements as specified by the ISASecure EDSA certification program.

No comments:

Post a Comment