AESCSF framework and resources
The Australian Energy Sector Cyber Security Framework (AESCSF) has been developed through collaboration with industry and government stakeholders, including the Australian Energy Market Operator (AEMO), Australian Cyber Security Centre (ACSC), Cyber and Infrastructure Security Centre (CISC), and representatives from Australian energy organisations.
The AESCSF leverages recognised industry frameworks such as the US Department of Energy’s Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) and the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), and references global best-practice control standards (e.g. ISO/IEC 27001, NIST SP 800-53, COBIT, etc.). The AESCSF also incorporates Australian-specific control references, such as the ACSC Essential 8 Strategies to Mitigate Cyber Security Incidents, the Australian Privacy Principles (APPs), and the Notifiable Data Breaches (NDB) scheme.
AESCSF 2022 Resource Downloads:
-
19/04/2022
The 2022 AESCSF Overview
592.41 KB -
19/04/2022
The 2022 AESCSF Framework Core
156.7 KB -
19/04/2022
The 2022 AESCSF Electricity Criticality Assessment Tool (E-CAT)
471.82 KB -
19/04/2022
The 2022 AESCSF Gas Criticality Assessment Tool (G-CAT)
595.79 KB -
19/04/2022
The 2022 Liquid Fuels Criticality Assessment Tool (L-CAT)
470.86 KB -
19/04/2022
The 2022 AESCSF Education Workshop Pack
3.06 MB -
19/04/2022
The 2022 Guidance material for low criticality organisations
625.43 KB -
19/04/2022
The 2022 AESCSF Quick Reference Guide
268.83 KB -
19/04/2022
The 2022 AESCSF Lite Framework
5.04 MB -
19/04/2022
The 2022 AESCSF Glossary
593.34 KB