Computer security as a discipline is challenged by increasing threat vectors targeting a dynamic technological environment. This publication establishes guidance addressing the challenge of applying computer security measures to instrumentation and control (I&C) systems at nuclear facilities. The measures are intended to protect these I&C systems throughout their entire lifecycles against malicious acts perpetrated by threat actors. The technical basis and methodologies for the application of these computer security measures are considered. The publication also addresses the application of such measures to the development, simulation and maintenance environments of these I&C systems. In addition, account is taken of developments in human factors engineering and nuclear safety. This Technical Guidance references and takes into account other Safety Guides and IAEA Nuclear Security Series publications that provide guidance relating to I&C design.