site-logo
site-logo
site-logo
Hero Bg

Remediation Guide

ANSSI OT/ICS Security
Evidence-Based Quantifiable Assessment Checklist 

Does Your OT Environment Actually Know Where It Stands? 

Most industrial organizations have some form of cybersecurity policy in place. But when a regulator shows up, or a PLC behaves unexpectedly at 2 a.m., the real question isn't whether documentation exists - it's whether any of it would hold up under scrutiny. 

OT and ICS environments carry a level of operational consequence that IT environments simply don't. A misconfigured firewall rule, an unpatched HMI, or an unsupervised vendor remote session can cascade into physical damage, production loss, and safety incidents. The stakes are high enough that "we think we're compliant" is no longer an acceptable answer for any CISO, operations director, or plant security manager. 

That's precisely why Shieldworkz developed this ANSSI OT/ICS Security Evidence-Based Assessment Checklist - a structured, quantifiable tool that replaces assumption with proof. 

Why this Remediation Guide matters 

The ANSSI (Agence nationale de la sécurité des systèmes d'information) framework is one of the most rigorous and practically structured approaches to industrial cybersecurity available today. With the release of the ANSSI Industrial Systems Cybersecurity Detailed Measures v2.0 in November 2025 and the ANSSI Industrial Systems Classification Method v2.0 in March 2025, the framework now explicitly aligns with IEC 62443 Security Levels (SL-1 through SL-4) - making it a globally relevant benchmark, not just a European regulatory requirement. 

What makes ANSSI different from a generic compliance checklist is its classification-first approach. Every industrial system must first be assigned one of four cybersecurity classes - C1 (Basic) through C4 (Vital) - before any measure is applied. This means requirements are proportionate to actual risk. A water treatment facility classified C3 operates under different obligations than a low-impact C1 system, and the controls enforced at each level reflect that difference. 

For organizations operating under NIS2, the alignment runs even deeper. The ten security domains in this checklist map directly to the NIS2 Article 21 risk management measures, allowing a single assessment to satisfy dual regulatory obligations.

Why It Is Important to Download This Remediation Guide 

Cyber threats targeting OT infrastructure have evolved significantly. Nation-state-level threat actors are now actively targeting industrial control systems across energy, water, manufacturing, and transportation sectors. Threat actors that once focused on IT environments have developed OT-specific toolkits capable of interfering with PLCs, manipulating process values, and surviving network isolation attempts. 

At the same time, regulatory pressure has accelerated. NIS2 is now transposed and enforceable across EU member states. Operators of essential services who cannot demonstrate a structured cybersecurity posture face significant exposure - both financial and operational. 

This checklist gives security leaders and compliance teams a defensible, evidence-anchored methodology to demonstrate exactly where they stand - before a regulator or an attacker forces the question.

Key Takeaways from the ANSSI OT/ICS Security Assessment Checklist 

Ten security domains covered end-to-end, from Governance and Asset Inventory through to Physical Security, Incident Response, and Supply Chain Risk - each with specific checklist items, required evidence types, and audit methods. 

A five-point scoring scale tied directly to ANSSI cybersecurity classes, so every score translates to a meaningful compliance level (C1 through C4) and an IEC 62443 Security Level equivalent. 

Evidence-first methodology: no score above 3 can be awarded without a tangible, dated artefact. Verbal assurances and informal observations don't count - because they won't survive regulatory inspection. 

OT-specific controls that reflect real industrial constraints: passive-only vulnerability scanning to avoid crashing PLCs, patch deferral processes with compensating control documentation, and JIT remote access frameworks that account for vendor maintenance realities. 

Regulatory dual-use: the ten domains directly map to NIS2 Article 21, enabling organizations to satisfy ANSSI class requirements and NIS2 reporting obligations through a single assessment cycle. 

A structured remediation roadmap with priority coding - P1 (address within 30 days) through P4 (12 months) - giving security teams a clear, sequenced action plan rather than an undifferentiated list of gaps. 

CISO board presentation guidance built into the guide, including how to frame composite scores, quantify exposure in financial terms, and present a defensible roadmap that executives can act on. 

Supply chain and third-party controls including SBOM requirements for C3/C4 systems, contractor physical access management, and software integrity verification procedures - reflecting the reality that OT supply chains are long-lived and complex. 

How Shieldworkz Supports Your OT/ICS Security Journey 

Shieldworkz brings deep, hands-on OT security expertise across global industrial environments - from energy and utilities to manufacturing, oil and gas, and critical infrastructure. We go beyond documentation. Our team operates an industrial-specific Security Operations Center (ISOC) and maintains one of the world's most extensive OT and IoT threat intelligence networks, giving our assessments real-world threat context that a spreadsheet-based audit cannot provide. Here's how Shieldworkz helps organizations put this assessment into practice: 

Structured ANSSI-aligned OT security assessments conducted by certified OT security specialists, using passive discovery methods that don't disrupt live industrial operations 

Gap remediation planning with prioritized roadmaps, interim compensating controls, and owner-assigned action items ready for board-level reporting 

OT-native SOC integration, connecting your IDS/NDR alerts, SIEM log sources, and process anomaly detection into a monitored security operations function with OT-trained analysts 

NIS2 dual-compliance support, helping organizations meet both ANSSI class requirements and Article 21 reporting obligations through a single, efficient assessment programme 

IEC 62443 alignment advisory, supporting organizations building toward formal SL-2, SL-3, or SL-4 certification 

Supply chain security reviews, including vendor risk assessments, SBOM analysis, and contractual security clause development 

Tabletop exercises and forensic readiness planning designed specifically for OT environments, where containment actions must preserve operational safety alongside security objectives 

Get Your Free Copy & Talk to Our Experts 

The ANSSI OT/ICS Security Evidence-Based Assessment Checklist is available as a free download for OT security leaders, CISOs, compliance managers, and operations directors who are serious about knowing - and proving - where their industrial cybersecurity posture actually stands. 

Fill out the form to download the full ANSSI OT/ICS Security Assessment Checklist (ANSSI Detailed Measures v2.0 aligned). Book a free consultation with a Shieldworkz OT security specialist. Get a preliminary readiness review for your environment based on your ANSSI class. 

Download your copy today!

Get our free ANSSI OT/ICS Security Evidence-Based Quantifiable Assessment Checklist and make sure you’re covering every critical control in your industrial network