The audit was prompted by a new, companywide, cybersecurity policy based on the ISA99 standard for industrial control systems. “Until the early 2000s, control systems and devices were essentially ...