scope:

This standard applies to TfL and LU staff, as well as Third Parties, when performing or overseeing O&M activities on SSR Operational Systems and Assets.

This standard refers to the Cyber Security Protection measures applied to all London Underground (LU) Operational Systems and Assets supporting the SSR network.

The control measures and requirements set out within this document must be applied to each Operational System or Asset and must be maintained and updated through the life of the syste

Purpose

This document sets out the requirements for implementing and maintaining Cyber Security Protection to support Operations & Maintenance (O&M) on the Sub-Surface Railway (SSR).

It details the requirements for implementing, maintaining and improving Cyber Security Controls and operational processes for limiting or containing the impact of potentially disruptive Cyber Security Events.

This document complements the requirements detailed within the SSR Operational Technology Cyber Security Governance Standard S1754 (under development), Detection Standard S1750 and Response and Recovery Standard S1753.