Operational resilience and cyber security is the foundation of critical infrastructure protection. Dr. Jim Kennedy, the chief consulting officer of Cyber/Critical Infrastructure Security Services for SecuritySolutions, has outlined a process to aid critical infrastructure operations, utilizing the CIPP Risk Management Framework coupled with an effective governance model, in addressing cyber security, business continuity and resiliency needs.
The CIPP Risk Management Framework is comprised of a series of process steps that include setting security goals; identifying assets, systems, networks, and functions; assessing risks; prioritizing mitigation efforts; implementing mitigations strategies and protective programs; measuring effectiveness; and finally, starting back at the beginning.
You can read about the full scope of his process here.