DERUUA

Industrial IT/OT audit calculator

Spend just a few minutes to check how much time and money is needed for a security audit of industrial IT and OT of your enterprise
Industrial system levels according to ISA/IEC 62443 are listed below. They are slightly different from the Purdue model. It is not necessary to fill in all the fields, and neither are precise numbers needed. For each level that requires a security audit, please indicate the asset (device, system) vendors, the approximate number of assets and asset models (types of assets).
Level 0 - Physical Process
Asset typeVendor names (comma separated)How many different device models are there?Approximate number of assets
sensors
actuators
motors
other physical-level assets
Level 1 - Basic control
Asset typeVendor names (comma separated)How many different device models are there?Approximate number of assets
softstarter drives
VFD drives
PID regulators
PLC, RTU
other basic control assets
Level 2 - Supervisory control
Asset typeVendor names (comma separated)How many different device models are there?Approximate number of assets
HMI touch panels
HMI PC
engineering workstations
other supervisory control assets
Level 3 - Site operations
Asset typeVendor names (comma separated)How many different device models are there?Approximate number of assets
DB servers
file servers
application servers (web, report, etc.)
domain controllers
HMI servers
industrial DMZ proxy servers
industrial DMZ DB replication servers
industrial DMZ remote gateways
industrial DMZ patch management
other site operations assets
Level 4 - Enterprise systems (business planning and logistics)
Asset typeVendor names (comma separated)How many different device models are there?Approximate number of assets
database servers
application servers
file servers
email clients
supervisor desktops
other site business and logistics assets
Ethernet networks
Fieldbus networks
cross-zone connections/conduits
other enterprise network assets
ISMS maturity level

The higher the maturity level, the lower the audit cost. Choose 80-100%, if your organization has an ISO 27001 or similar certificate, otherwise use our ISO 27001 Compliance self-assessment master:

Your company type


Your email:





Industrial IT/OT security home.

Who we are, what we do and what offer.


Our certificates:

(ISC)2
CISSP
Offensive Security
OSCP
ISACA
CISA
CISM
Microsoft
PECB
LPTP
Qualys
PECB
LPTP
BSI
LPTP
BSI