Back to Playbook
Preview Mode
Get Fillable Version
SAMPLE PREVIEW
SAMPLE PREVIEW
SAMPLE PREVIEW
SAMPLE PREVIEW
SAMPLE PREVIEW
SAMPLE PREVIEW
SAMPLE PREVIEW
Tiered RBAC Matrix
Reference: IACS UR E27 §4.2.1 (Access Control Selection)
Doc ID: TAG-OT-REG-02
Issue Date: Feb 2026
Rev: 1.0
Issue Date: Feb 2026
Rev: 1.0
1. ASSET IDENTIFICATION
| System Name: | [Asset Name] | Asset Category: | [ ] CAT II [ ] CAT III |
2. PERMISSION MAPPING
Define the specific capabilities for each user role on this system.
| Function / Capability | Operator | Engineer | Admin / OEM |
|---|---|---|---|
| View Alarms & Telemetry | [ ] Allow | [ ] Allow | [ ] Allow |
| Acknowledge Alarms | [ ] Allow | [ ] Allow | [ ] Allow |
| Change Setpoints / Limits | [ ] Deny | [ ] Allow | [ ] Allow |
| Modify Control Logic / PLC | [ ] Deny | [ ] Deny | [ ] Allow |
| Network Config / Firmware | [ ] Deny | [ ] Deny | [ ] Allow |
3. AUTHENTICATION REQUIREMENTS
MFA Required: [ ] Yes [ ] No (Method: ____________________)
Session Timeout: ________ Minutes
Password Rotation: [ ] Quarterly [ ] Annually [ ] After Service
Session Timeout: ________ Minutes
Password Rotation: [ ] Quarterly [ ] Annually [ ] After Service
Document Created By:
Name & Date
Approved for CSMS:
Cyber Security Officer Signature
Unlock Tiered RBAC Matrix
Get the full editable TAG-OT-REG-02 and our IACS-compliant IAM playbook.
Buy the Full Playbook Bundle