The audit was carried out from 8 to 12 February 2021.
The objective of the audit was to verify how the company follows up the management of risk associated with data security for the industrial ICT systems. The purpose of this type of audit is to verify the processes and systems used by the participant to ensure the follow-up of these systems and how this is accomplished on each individual facility. We also wanted to verify if there is a correlation between overarching procedures and the follow-up of the systems at the facility.
The audit identified regulatory non-conformities. The description of these conditions is exempt from public disclosure, with reference to the Freedom of Information Act section 24, paragraph 3. Accordingly, they do not appear under non-conformities and improvement points in the audit report.
What happens next?
We have asked Maersk Drilling Norge to report on how the non-conformities will be addressed. The deadline for feedback is set at 30 April 2021.