• Available Formats
    • Availability
    • Priced From ( in USD )
    • Secure PDF

      Secure PDF Files

      Secure PDF files include digital rights management (DRM) software. DRM is included at the request of the publisher, as it helps them protect their copyright by restricting file sharing. In order to read a Secure PDF, you will need to install the FileOpen Plug-In on your computer. The FileOpen Plug-In works with Adobe Reader and other viewers. Visit FileOpen to see the full list.

        What you can do with a Secure PDF:
      • Print
      • Search
      • Highlight
      • Bookmark
      Please note that some publishers - including BOMA, IADC and ICML - do not allow printing of their documents.

    • Immediate download
    • $355.00
    • Add to Cart
    • Printed Edition
    • Ships in 1-2 business days
    • $355.00
    • Add to Cart
    • Printed Edition + PDF
    • Immediate download
    • $480.00
    • Add to Cart

Customers Who Bought This Also Bought


About This Item


Full Description

This is the third edition of CSA Z246.1, Security management for petroleum and natural gas industry systems. It supersedes the previous editions published in 2013 and 2009.

This Standard uses the concept of a security management program, and in particular risk management, to address security issues. This Standard provides a performance-based approach for use by the operator to establish governance, conduct planning, implement and improve security operations (including detection and mitigation practices), and refine the security management program through change management and audit processes. This approach allows users to apply this Standard across the petroleum and natural gas industry.

This Standard is one of several security risk management tools. Operators should work with other industries, as well as governmental agencies, in order to effectively manage the security of their energy infrastructure. A security management program should complement existing programs and should consider the risks and criticality of the assets being protected. Therefore, this Standard should be read in conjunction with other security legislation, safety legislation, best practices, policies, standards, and applicable codes (e.g., CSA Z662, CAN/CSA-ISO 31000, and CSA Z1600). In particular, this Standard is aligned with CSA Z246.2, Emergency preparedness and response for the petroleum and natural gas industry systems, to both support a continual improvement process and to develop sound risk-based management processes.

This Standard specifies criteria for establishing a security management program for petroleum and natural gas industry systems to ensure security threats and associated risks are identified and managed. This Standard provides mitigation and response processes and procedures to prevent and minimize the impact of security incidents that could adversely affect people, the environment, assets, and economic stability.

This Standard applies to all petroleum and natural gas industry systems (as illustrated in Figures 2 and 3), including

a) pipeline systems handling

i) oil;

ii) gas;

iii) oil-field water;

iv) liquid products;

v) multi-phase fluids;

vi) slurries; and

vii) system supports, including

1) meter stations;

2) compressor stations;

3) pump stations;

4) tank farms;

5) terminals; and

6) all assets that support Items 1) to 5);

b) liquefied natural gas (LNG) production, storage, and handling facilities;

c) storage of hydrocarbons in underground formations;

d) petrochemical installations, including

i) refineries;

ii) gas processing plants;

iii) liquefied petroleum gas plants;

iv) synthetic natural gas plants; and

v) coal gasification plants;

e) oil and gas exploration, development, production, treatment, processing, and storage operations not covered in Items a) to d);

f) oil sands facilities: and

g) petroleum and natural gas wells.

Offshore petroleum and natural gas activity, petroleum and LNG tankers, and customers piping systems are outside the scope of this Standard.

Note: See Figures 2 and 3.
The requirements of this Standard are applicable to all operators, regardless of the size or number of their assets.

In this Standard, "shall" is used to express a requirement, i.e., a provision that the user is obliged to satisfy in order to comply with the standard; "should" is used to express a recommendation or that which is advised but not required; and "may" is used to express an option or that which is permissible within the limits of the Standard.

Notes accompanying clauses do not include requirements or alternative requirements; the purpose of a note accompanying a clause is to separate from the text explanatory or informative material.

Notes to tables and figures are considered part of the table or figure and may be written as requirements.

Annexes are designated normative (mandatory) or informative (non-mandatory) to define their application.

Document History

  1. CSA Z246.1-17


    Security management for petroleum and natural gas industry systems

    • Most Recent
  2. CSA Z246.1-13

    Security management for petroleum and natural gas industry systems

    • Historical Version
  3. CSA Z246.1-09

    Security management for petroleum and natural gas industry systems, Includes Update No. 1 (2010)

    • Historical Version