scope:

Purpose

The primary purpose of a cybersecurity risk assessment is to help organizations understand, control, and mitigate many forms of cyber risk. The objective of this document is to provide a starting point for asset and organization cybersecurity risk assessment questions that end users and personnel responsible for procurements can inquire of NEMA member companies.

These questions are meant to be at a high level and applicable across the seven major U.S. markets that NEMA member companies serve:

• Building Systems

• Building Infrastructure

• Lighting Systems

• Industrial Products & Systems

• Utility Products & Systems

• Transportation Systems

• Medical Imaging

The document will also include references to existing risk assessment guidelines and templates that go into further detail.