ICS-CERT Control Systems Recommended Practices
ICS-CERT offers a list of recommended practices aimed at helping industry understand and prepare for ongoing and emerging control systems cybersecurity issues, vulnerabilities, and mitigation strategies. ICS-CERT works with control systems manufacturers, service providers, researchers, and end users to ensure that the recommended practices are vetted by industry subject matter experts prior to publication. Recommended practices cover topics such as defense-in-depth strategies, cyber forensics, and incident response and are updated on a routine basis to account for emerging issues and practices.
https://ics-cert.us-cert.gov/Introduction-Recommended-Practices