Nuclear I&C is a critical infrastructure with strict requirements on safety and availability and therefore needs also due consideration of cyber threats. This standard, based on the security controls defined in ISO/IEC 27002, reflects the special security control requirements for nuclear I&C. The original ISO/IEC 27002 requirements are either modified, detailed or completed, wherever deemed necessary from a nuclear I&C perspective. Additional nuclear I&C specific security controls that are not identified in ISO/IC 27002 but deemed necessary are also added.