Integrating Cyber-Informed Engineering into Enterprise Risk Management
- West Yost Associates, Davis, CA (United States)
- Idaho National Laboratory (INL), Idaho Falls, ID (United States)
This document supports the application of Cyber-Informed Engineering (CIE) within the context of Enterprise Risk Management (ERM) to enhance cyber-resilience. It highlights that many critical infrastructure organizations use ERM to manage business risks and emphasizes the importance of evaluating critical systems and assets. The proposed approach can be adopted independently of formal ERM processes and offers a starting point for integrating CIE alongside existing or new ERM practices. Both CIE and ERM are iterative, and their alignment fosters continuous improvement and supports the engineering and operations cultures of an organization.
- Research Organization:
- Idaho National Laboratory (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- USDOE Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
- DOE Contract Number:
- AC07-05ID14517
- OSTI ID:
- 2480935
- Report Number(s):
- INL/MIS--24-81692-Rev000
- Country of Publication:
- United States
- Language:
- English
Similar Records
Integrating Cyber-Informed Engineering into Process Automation
Adapting Traditional Hazards Analysis Methods to Address Cyber Risks
On the Application of Cyber-Informed Engineering (CIE)
Technical Report
·
Mon Sep 29 20:00:00 EDT 2025
·
OSTI ID:3006948
Adapting Traditional Hazards Analysis Methods to Address Cyber Risks
Technical Report
·
Mon Sep 29 20:00:00 EDT 2025
·
OSTI ID:3012810
On the Application of Cyber-Informed Engineering (CIE)
Conference
·
Fri Nov 29 23:00:00 EST 2024
·
OSTI ID:2467509