Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.RA-01.4: To ensure that organisation's operations are not adversely affected by the testing process, performance/load testing and penetration testing on the organisation’s systems shall be carried out with care. |
|
ID.RA-01.4 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p65 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that performance/load testing and penetration testing are conducted carefully to avoid disrupting operations or compromising system stability, especially in environments with business-critical or safety-critical systems. To achieve this goal, the organisation should: - Establish and Maintain Test Programs Test programs for performance/load testing and penetration testing should be tailored to the organisation’s size, complexity, and maturity, including OT-specific constraints. - Use Controlled Testing Environments Penetration testing should be conducted in isolated or controlled environments where possible to prevent unintended impacts on live OT systems. - Engage Qualified Ethical Hackers Experienced ethical hackers should be used to perform penetration testing, particularly in complex or sensi- tive OT environments. - Validate Security Measures Post-Test After testing, security controls should be revalidated to confirm that defences remain effective and no unin- tended changes have occurred. **Distinction from ID.RA-01.5 (CyFun® Important)** While ID.RA-01.4 focuses on testing activities such as penetration and load testing, which are typically planned, infrequent, and often conducted in controlled environments, ID.RA-01.5 addresses the safe exe- cution of vulnerability scanning, which is more frequent, often automated, and must be carefully managed to avoid unintended disruptions in live OT systems. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that performance/load testing and penetration testing are conducted carefully to avoid disrupting operations or compromising system stability, especially in environments with business-critical or safety-critical systems. To achieve this goal, the organisation should:</p><ul><li>Establish and Maintain Test Programs Test programs for performance/load testing and penetration testing should be tailored to the organisation’s size, complexity, and maturity, including OT-specific constraints.</li><li>Use Controlled Testing Environments Penetration testing should be conducted in isolated or controlled environments where possible to prevent unintended impacts on live OT systems.</li><li>Engage Qualified Ethical Hackers Experienced ethical hackers should be used to perform penetration testing, particularly in complex or sensi- tive OT environments.</li><li>Validate Security Measures Post-Test After testing, security controls should be revalidated to confirm that defences remain effective and no unin- tended changes have occurred.</li></ul><p><strong>Distinction from ID.RA-01.5 (CyFun® Important)</strong></p><p>While ID.RA-01.4 focuses on testing activities such as penetration and load testing, which are typically planned, infrequent, and often conducted in controlled environments, ID.RA-01.5 addresses the safe exe- cution of vulnerability scanning, which is more frequent, often automated, and must be carefully managed to avoid unintended disruptions in live OT systems.</p></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that performance/load testing and penetration testing are conducted carefully to avoid disrupting operations or compromising system stability, especially in environments with business-critical or safety-critical systems. To achieve this goal, the organisation should: - Establish and Maintain Test Programs Test programs for performance/load testing and penetration testing should be tailored to the organisation’s size, complexity, and maturity, including OT-specific constraints. - Use Controlled Testing Environments Penetration testing should be conducted in isolated or controlled environments where possible to prevent unintended impacts on live OT systems. - Engage Qualified Ethical Hackers Experienced ethical hackers should be used to perform penetration testing, particularly in complex or sensi- tive OT environments. - Validate Security Measures Post-Test After testing, security controls should be revalidated to confirm that defences remain effective and no unin- tended changes have occurred. *Distinction from ID.RA-01.5 (CyFun® Important)* While ID.RA-01.4 focuses on testing activities such as penetration and load testing, which are typically planned, infrequent, and often conducted in controlled environments, ID.RA-01.5 addresses the safe exe- cution of vulnerability scanning, which is more frequent, often automated, and must be carefully managed to avoid unintended disruptions in live OT systems. |
|
A general note, for any purpose. |
The goal of this control is to ensure that performance/load testing and penetration testing are conducted carefully to avoid disrupting operations or compromising system stability, especially in environments with business-critical or safety-critical systems. To achieve this goal, the organisation should: • Establish and Maintain Test Programs Test programs for performance/load testing and penetration testing should be tailored to the organisation’s size, complexity, and maturity, including OT-specific constraints. • Use Controlled Testing Environments Penetration testing should be conducted in isolated or controlled environments where possible to prevent unintended impacts on live OT systems. • Engage Qualified Ethical Hackers Experienced ethical hackers should be used to perform penetration testing, particularly in complex or sensi- tive OT environments. • Validate Security Measures Post-Test After testing, security controls should be revalidated to confirm that defences remain effective and no unin- tended changes have occurred. Distinction from ID.RA-01.5 (CyFun® Important) While ID.RA-01.4 focuses on testing activities such as penetration and load testing, which are typically planned, infrequent, and often conducted in controlled environments, ID.RA-01.5 addresses the safe exe- cution of vulnerability scanning, which is more frequent, often automated, and must be carefully managed to avoid unintended disruptions in live OT systems. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.RA-01.4 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Penetration and load testing |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
To ensure that organisation's operations are not adversely affected by the testing process, performance/load testing and penetration testing on the organisation’s systems shall be carried out with care. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1