This repository showcases a specialized Information Security Management System (ISMS) framework designed for the unique rigors of the energy sector. In an environment where IT (Information Technology) and OT (Operational Technology) converge, security documentation must prioritize both data integrity and physical process safety.
This project demonstrates the ability to translate high-level international standards into actionable technical controls for critical infrastructure.
This repository is built around four core pillars of industrial security governance:
The Governance Foundation. Defines the overarching security mandate for the organization, aligning corporate objectives with ISO 27001 requirements and industrial safety protocols.
Identity & Asset Integrity. A risk-based framework for managing logical and physical access. It focuses on the “Principle of Least Privilege” across corporate networks and SCADA/DCS environments.
Operational Resiliency. A technical “Safety-First” guide for containing digital threats. It provides a structured path for mobilization, containment, and recovery without compromising plant safety.
The Audit Trail. Defines the requirements for documenting the implementation and monitoring of security controls. This ensures a “living” ISMS that is always audit-ready.
This repository contains sanitized, high-level templates designed for professional demonstration. It is not specific to any entity and contains no proprietary operational data or sensitive infrastructure details.
Maintained by: Akili Gallimore Focus: Industrial GRC & Technical Security Writing