Breakfast. 7:00 a.m. 8:00 a.m.
|
|
- Alexia Brown
- 5 years ago
- Views:
Transcription
1 Breakfast 7:00 a.m. 8:00 a.m.
2 Opening Announcements NERC 2015 Standards and Compliance Spring Workshop April 3, 2015
3 NERC Antitrust Compliance Guidelines It is NERC s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or that might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that unreasonably restrains competition. 2 RELIABILITY ACCOUNTABILITY
4 Public Announcement Participants are reminded that this meeting is public. Notice of the meeting was posted on the NERC website and widely distributed. The notice included the number for dial-in participation. Participants should keep in mind that the audience may include members of the press and representatives of various governmental authorities. 3 RELIABILITY ACCOUNTABILITY
5 General Announcements Westin-Meeting Wi-Fi Code: NERCWB 4 RELIABILITY ACCOUNTABILITY
6 Today s Agenda 8:15 9:15 a.m.: Overview of Stakeholder Guidance on Standards Associated with Risk Elements 9:15 9:30 a.m.: Legal and Regulatory Update 9:30 10:45 a.m.: CIP Cyber Security Standards 10:45 11:00 a.m.: Break 11:00 11:30 a.m.: 2015 and Beyond 11:30 Noon: Miscellaneous Q&A and Closing Remarks 5 RELIABILITY ACCOUNTABILITY
7 6 RELIABILITY ACCOUNTABILITY
8 Guidance on Standards Associated with Risk Elements Marisa Hecht, Senior Advisor, Compliance Assurance Ed Kichline, Senior Counsel, Associate Director of Enforcement 2015 Standards & Compliance Spring Workshop April 3, 2015
9 Overview Purpose Background What are Risk Elements? Risk Elements Development Process Compliance Monitoring and Enforcement Program (CMEP) Implementation Plan 2015 Risk Elements Webinar Series Focus on COM-002-2, Requirement R2 2 RELIABILITY ACCOUNTABILITY
10 Purpose Educate stakeholders on role of Risk Elements in compliance monitoring Introduce webinar series that will provide helpful best practices regarding standards and requirements associated with Risk Elements 3 RELIABILITY ACCOUNTABILITY
11 Background Annual Implementation Plan tailored to risk-based approach to CMEP Replacement of a static, one-size-fits-all list of Reliability Standards, Actively Monitored List (AML) Risk focus areas AML Audit Scope Monitoring plan reflects risk focus areas and Inherent Risk Assessment (IRA) and Internal Controls Evaluation (ICE) processes Removal of six-year audit cycles Three-year cycles remain for BA, RC, and TOP Regional Entities (REs) will determine compliance oversight plan for other registered entities o Use existing CMEP tools 4 RELIABILITY ACCOUNTABILITY
12 What are Risk Elements? First step in Risk-based Compliance Oversight Framework Identification and prioritization of enterprise-wide risks Potential impact to the reliability of the Bulk Power System (BPS) Risk Elements map to Reliability Standards Replace prior actively monitored lists REs also consider Region-specific risks 5 RELIABILITY ACCOUNTABILITY
13 What are Risk Elements? Risk-based Compliance Oversight Framework (Framework) 6 RELIABILITY ACCOUNTABILITY
14 What are Risk Elements? Assessment of Risk Elements occurs at least annually Revised as needed Supports Regional assessment of risks Input into the annual ERO CMEP Implementation Plan 7 RELIABILITY ACCOUNTABILITY
15 Risk Elements Development Process Steps to identify risks outlined in the Risk Elements Guide Includes areas of focus and associated Reliability Standards 8 RELIABILITY ACCOUNTABILITY
16 Risk Elements Development Process Collect the ERO Enterprise data. Develop a matrix and prioritize reliability risks. Identify an effective body of Reliability Standards related to the risks. Select a sub-set of risks for additional focus based on significance and existence of Reliability Standards for that risk Identify the specific Requirements related to their management of risk. Consider additional factors and remove Requirements not appropriate for additional focus Review functional entities to determine their importance to the remaining Requirements Consider Requirements and functional entities remaining and determine if any additional guidance should be provided to CEAs Post Implementation Plan in September each year. 9 RELIABILITY ACCOUNTABILITY
17 CMEP Implementation Plan Purpose Annual operating plan for NERC and the REs Implementation of risk-based approach for CMEP activities NERC release on or about September 1 of preceding year REs submit Regional IPs on or about October 1 NERC reviews and posts revised IP in November to include RE IPs RE IPs subject to review and approval by NERC Updates occur throughout implementation year, as needed 10 RELIABILITY ACCOUNTABILITY
18 CMEP Implementation Plan CMEP IP provides details on: ERO Enterprise s Risk-based Compliance Oversight Framework Prioritized list of Enterprise-wide risk focus areas o Map to associated Reliability Standards o Do not include all potential risks to BPS o REs consider local risks and circumstances within regional footprint Guidance on Regional Risk Assessments Enforcement activities o Compliance exceptions o Self-logging program 11 RELIABILITY ACCOUNTABILITY
19 Regional CMEP Implementation Plans Consider ERO Enterprise risk focus areas Risks identified in the ERO CMEP IP Regional risks Explain how regional risks were identified Including why risk elements in the ERO CMEP IP are not included 12 RELIABILITY ACCOUNTABILITY
20 Key Takeaways Regional IPs provide further detail on risk focus areas and compliance oversight plans REs tailor compliance oversight plans for registered entities REs are at varying stages of implementing IRA and ICE processes NERC oversight and continued training will help ensure consistency 13 RELIABILITY ACCOUNTABILITY
21 2015 Risk Elements Nine areas of focus for 2015 consideration 1. Infrastructure maintenance 2. Uncoordinated protection systems 3. Protection systems misoperations 4. Workforce capability 5. Monitoring and situational awareness 6. Long term planning and system analysis 7. Threats to cyber systems 8. Human error 9. Extreme physical events 14 RELIABILITY ACCOUNTABILITY
22 Webinar Series Highlights one Risk Element Provides training on associated standards Third Thursday of every month starting in April Starts at 1 pm Eastern 15 RELIABILITY ACCOUNTABILITY
23 Webinar Series Subject Date Uncoordinated Protection Systems April 16, 2015 Monitoring and Situational Awareness May 21, 2015 Infrastructure Maintenance June 18, 2015 Protection System Misoperation July 16, 2015 Workforce Capability August 20, 2015 Long Term Planning and System Analysis September 17, 2015 Extreme Physical Events October 15, 2015 Threats to Cyber Systems November 19, RELIABILITY ACCOUNTABILITY
24 Webinar Series 17 RELIABILITY ACCOUNTABILITY
25 Resources 2015 ERO CMEP IP located on NERC website at: tive/final_2015%20cmep%20ip_v7_ pdf Risk Elements Guide for Development of the 2015 CMEP IP located at: tive/final_riskelementsguide_ pdf RAI website for activities and updates: Initiative.asp 18 RELIABILITY ACCOUNTABILITY
26 2015 Risk Element: Human Error Marisa Hecht, Senior Advisor, Compliance Assurance Ed Kichline, Senior Counsel, Associate Director of Enforcement Spring 2015 Standards & Compliance Workshop April 3, 2015
27 2015 Risk Element: Human Error 20 RELIABILITY ACCOUNTABILITY
28 2015 Risk Element: Human Error Inputs ERO Priorities: RISC Updates and Recommendations Organizational or management challenges contribute to operational error Communication errors ERO Top Priority Reliability Risks report Human error appropriately addressed Need for continued attention 21 RELIABILITY ACCOUNTABILITY
29 2015 Risk Element: Human Error Communications Effective communication reduces errors Clear communications enable effective operations COM standards developed to address communications Operating Committee developed best practices for communications 22 RELIABILITY ACCOUNTABILITY
30 2015 Risk Element: Human Error COM Top Violated Serious Risk Standards (by date of filing) 23 RELIABILITY ACCOUNTABILITY
31 2015 Risk Element: Human Error COM-002-2, Requirement R2 24 RELIABILITY ACCOUNTABILITY
32 2015 Risk Element: Human Error Three-part Communication Emergency vs. Routine Operations When reliability matters, ensure effective communication Routine Operating Instructions Considerations Expected use Introductory phrase Script Internal Procedures or Policies Who When How 25 RELIABILITY ACCOUNTABILITY
33 2015 Risk Element: Human Error Common Challenges Sender/receiver identification Distracted receiver Too much information or multiple actions Not enough information No explicit verification of receiver s understanding Clarification not requested Receiver acting before communication is complete Receiver not using tools (e.g. writing down) to remember Too quiet or poor enunciation 26 RELIABILITY ACCOUNTABILITY
34 2015 Risk Element: Human Error Best Practices Clear policies and procedures Elements of effective communication Etiquette Opening phrase Acknowledgement Content Training Performance Assessment Aids to Communication 27 RELIABILITY ACCOUNTABILITY
35 2015 Risk Element: Human Error Controls Example Feedback to operators on improving 3 part communication Shift supervisor regularly listens to the tapes to verify 3 part communication All directives recorded on tapes Operator consoles have a visual reminder to use 3 part communication Operators use 3 part communication for all information exchange and not just directives Operators trained regularly on 3 part communication 28 3 part communication process is clearly established RELIABILITY ACCOUNTABILITY
36 2015 Risk Element: Human Error Examples of Documentation Related to R2 Processes, procedures, or job description that direct need for three-part communication Evidence of implementation (e.g., training curriculum, training records) Summary of incidents where directives were issued Evidence of internal controls E.g., periodic monitoring of voice communications and feedback to personnel) Sample audio recordings Sample system operator logs Verify three-part communications 29 RELIABILITY ACCOUNTABILITY
37 2015 Risk Element: Human Error COM Update Requires the following: Documented communications protocols Training Assessment of adherence to protocols and effectiveness Three-part communication for Operating Instruction during Emergency Adopted by NERC Board of Trustees May 7, 2014 Filed at FERC May 14, 2014 Effective date 12 months after regulatory approval or after Board adoption, as applicable 30 RELIABILITY ACCOUNTABILITY
38 Resources Registration for Risk Elements Webinar Series: Operating Committee - Verbal Communications Industry Practices: Approved_COM-002-2%20Guideline_ _For%20Posting_w%20line%20numbers_Clean_Version%202.pdf 31 RELIABILITY ACCOUNTABILITY
39 32 RELIABILITY ACCOUNTABILITY
40 Legal & Regulatory Update Andrew Wills, NERC Associate Counsel 2015 Standards and Compliance Spring Workshop April 3, 2015
41 Cyber Security Standards: Version 5 Revisions Scott Mix, CISSP Spring 2015 Standards and Compliance Workshop April 3, 2015
42 Overview of Development Activities The Team Standard Drafting Team (SDT) appointed to address these revisions in Project Maggy Powell, Exelon Philip Huff, AECC David Revill, GTC Jay Cribb, Southern Company Forrest Krigbaum, BPA David Dockery, AECI Greg Goodrich, NYISO Christine Hasha, ERCOT Steve Brain, Dominion Scott Saunders, SMUD 2 RELIABILITY ACCOUNTABILITY
43 CIP Standards Version 5 CIP *: BES Cyber Asset and BES Cyber System Categorization CIP-003-6**: Security Management Controls CIP-004-6**: Personnel and Training CIP-005-5: Electronic Security Perimeter(s) CIP-006-6: Physical Security of BES Cyber Systems CIP-007-6**: Systems Security Management * - Changed Devices to Systems in background section ** - Developed as version 7 3 RELIABILITY ACCOUNTABILITY
44 CIP Standards Version 5 CIP-008-5: Incident Reporting and Response Planning CIP-009-6: Recovery Plans for BES Cyber Assets and Systems CIP-010-2***: Configuration Management and Vulnerability Assessments CIP-011-2***: Information Protection *** - Developed as version 3 4 RELIABILITY ACCOUNTABILITY
45 Overview of Development Activities Key Objectives Four directive areas One year filing deadline Outreach during development and comment period 5 RELIABILITY ACCOUNTABILITY
46 FERC Final Rule Issued November 3, 2013 Effective February 3, 2014 Four directives: Identify Assess and Correct language Communication Networks Low Impact BES Cyber Systems Transient Devices First two had one-year deadline Filing deadline February 3, RELIABILITY ACCOUNTABILITY
47 Identify, Assess, and Correct FERC preferred to not have compliance language included within technical requirement SDT responded by deleting language from 17 requirements RAI (Risk-based Compliance Monitoring and Enforcement) concepts replaced need for IAC language 7 RELIABILITY ACCOUNTABILITY
48 Communication Networks FERC Directed creation of definition of communication networks and requirements to address issues: Locked wiring closets Disconnected or locked spare jacks Protection of cabling by conduit or cable trays 8 RELIABILITY ACCOUNTABILITY
49 Communication Networks SDT responded by adding CIP-006 Part 1.10 to address protections of non programmable components of communication networks that are inside an ESP, but outside of a PSP SDT also modified CIP-007 Part 1.2 to address unused physical ports on nonprogrammable communication components and devices at high and medium impact Control Centers Formal definition determined by SDT to be unnecessary at this time 9 RELIABILITY ACCOUNTABILITY
50 Transient Devices Described in Final Rule as devices connected for less than 30-days (USB, laptop, etc) FERC directed modifications to address the following concerns: Device authorization Software authorization Security patch management Malware prevention Unauthorized physical access Procedures for connecting to different impact level systems 10 RELIABILITY ACCOUNTABILITY
51 Transient Devices SDT developed two additional definitions Removable Media Transient Cyber Assets Added CIP-010 Requirement R4 dealing with issue Detailed requirements in attachment and measures in a separate attachment Separated into three areas: o Transient Cyber Assets managed by Responsible Entity o Transient Cyber Assets managed by other parties o Removable Media Modified CIP-004 Part 2.1 to address training on risks associated with Transient Cyber Assets and Removable Media 11 RELIABILITY ACCOUNTABILITY
52 Transient Cyber Assets Transient Cyber Asset: A Cyber Asset that (i) is capable of transmitting or transferring executable code, (ii) is not included in a BES Cyber System, (iii) is not a Protected Cyber Asset (PCA), and (iv) is directly connected (e.g., using Ethernet, serial, Universal Serial Bus, or wireless, including near field or Bluetooth communication) for 30 consecutive calendar days or less to a BES Cyber Asset, a network within an ESP, or a PCA. Examples include, but are not limited to, Cyber Assets used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes. 12 RELIABILITY ACCOUNTABILITY
53 Transient Cyber Assets (continued) Removable Media: Storage media that (i) are not Cyber Assets, (ii) are capable of transferring executable code, (iii) can be used to store, copy, move, or access data, and (iv) are directly connected for 30 consecutive calendar days or less to a BES Cyber Asset, a network within an ESP, or a Protected Cyber Asset. Examples include, but are not limited to, floppy disks, compact disks, USB flash drives, external hard drives, and other flash memory cards/drives that contain nonvolatile memory. 13 RELIABILITY ACCOUNTABILITY
54 Low Impact BES Cyber Systems FERC concerned with lack of objective criteria for evaluating Low Impact protections Introduces unacceptable level of ambiguity and potential inconsistency into the compliance process Open to alternative approaches the criteria NERC proposes for evaluating a responsible entities protections for Low impact facilities should be clear, objective and commensurate with their impact on the system, and technically justified. No detailed inventory required list of locations / Facilities OK 14 RELIABILITY ACCOUNTABILITY
55 Low Impact BES Cyber Systems (continued) SDT maintained all low impact requirements in CIP-003 Low-only entities only need to comply with CIP-002 and CIP- 003 Added CIP-003 Part 1.2 dealing with security policy for low impact BES Cyber Systems Added Attachments dealing with the technical requirement and measures Kept four original areas 15 RELIABILITY ACCOUNTABILITY
56 Low Impact BES Cyber Systems (continued) Security Awareness reinforce, at least every 15 calendar months, cyber security practices Incident Response Modeled from medium impact 5 elements (of 9: collapsed process requirements and update requirements together; no documentation of deviations or specific record retention but still need to demonstrate compliance) Physical Security control physical access based on need 16 RELIABILITY ACCOUNTABILITY
57 Low Impact BES Cyber Systems (continued) Electronic Security Two new definitions LERC and LEAP Similar to but different from ERC and EAP concepts at medium & high permit only necessary inbound and outbound bi-directional routable protocol access authentication for all Dial-up Connectivity Seven reference model drawings showing LERC & LEAP in Guidelines and Technical Basis section 17 RELIABILITY ACCOUNTABILITY
58 Low Impact BES Cyber Systems (continued) Low Impact External Routable Connectivity (LERC): Direct user-initiated interactive access or a direct device-to-device connection to a low impact BES Cyber System(s) from a Cyber Asset outside the asset containing those low impact BES Cyber System(s) via a bi-directional routable protocol connection. Pointto-point communications between intelligent electronic devices that use routable communication protocols for time-sensitive protection or control functions between Transmission station or substation assets containing low impact BES Cyber Systems are excluded from this definition (examples of this communication include, but are not limited to, IEC GOOSE or vendor proprietary protocols). 18 RELIABILITY ACCOUNTABILITY
59 Low Impact BES Cyber Systems (continued) Low Impact BES Cyber System Electronic Access Point (LEAP): A Cyber Asset interface that controls Low Impact External Routable Connectivity. The Cyber Asset containing the LEAP may reside at a location external to the asset or assets containing low impact BES Cyber Systems. 19 RELIABILITY ACCOUNTABILITY
60 Low Impact BES Cyber Systems (continued) 20 RELIABILITY ACCOUNTABILITY
61 Low Impact BES Cyber Systems (continued) 21 RELIABILITY ACCOUNTABILITY
62 Low Impact BES Cyber Systems (continued) 22 RELIABILITY ACCOUNTABILITY
63 Low Impact BES Cyber Systems (continued) 23 RELIABILITY ACCOUNTABILITY
64 Low Impact BES Cyber Systems (continued) 24 RELIABILITY ACCOUNTABILITY
65 Low Impact BES Cyber Systems (continued) 25 RELIABILITY ACCOUNTABILITY
66 Low Impact BES Cyber Systems (continued) 26 RELIABILITY ACCOUNTABILITY
67 Implementation Plan Phased implementation plan: IAC no change (4/1/16) Communication Networks 9 months after the effective date of the standard Transient Devices 9 months after the effective date of the standard Low Impact o Latter of 4/1/17 or 9 months after the effective date of the standard for policy, plan, security awareness, and response o Latter of 9/1/18 or 9 months after the effective date of the standard for physical and electronic security 27 RELIABILITY ACCOUNTABILITY
68 Current Status NERC Board approved responses to IAC and Communication Networks directives on November 13, 2014 NERC Board approved responses to Low Impact and Transient Device directives on February 12, 2015 Board action adjusted version numbers to -6 and -3 All four directive areas filed with FERC on February 13, 2015 (10- day extension granted due to scheduled NERC board meeting) FERC must go through its approval process 28 RELIABILITY ACCOUNTABILITY
69 Project Development History: CIP Version 5 Revisions page: References Critical-Infrastructure-Protection-Version-5-Revisions.aspx CIP Version 5 Transition page: 29 RELIABILITY ACCOUNTABILITY
70 Questions Scott Mix, CISSP
71 Break 10:45 a.m. 11:00 a.m.
72 2015 & Beyond Valerie Agnew, NERC Senior Director of Standards Ryan Stewart, NERC Manager of Standards Development Marisa Hecht, NERC Senior Advisor of Compliance Assurance 2015 Standards and Compliance Spring Workshop April 3, 2015
73 Closing Remarks Q&A
Critical Infrastructure Protection (CIP) Version 5 Revisions. Standard Drafting Team Update Industry Webinar September 19, 2014
Critical Infrastructure Protection (CIP) Version 5 Revisions Standard Drafting Team Update Industry Webinar September 19, 2014 Administrative Items NERC Antitrust Guidelines It is NERC s policy and practice
More informationCIP V5 Updates Midwest Energy Association Electrical Operations Conference
CIP V5 Updates Midwest Energy Association Electrical Operations Conference May 2015 Bob Yates, CISSP, MBA Principal Technical Auditor ReliabilityFirst Corporation Agenda Cyber Security Standards Version
More informationProject Modifications to CIP Standards. Technical Conference April 19, 2016 Atlanta, GA
Project 2016-02 Modifications to CIP Standards Technical Conference April 19, 2016 Atlanta, GA Agenda Welcome Steven Noess NERC Antitrust Compliance Guidelines and Public Announcement* - Al McMeekin Logistics
More informationProject CIP Modifications. Webinar on Revisions in Response to LERC Directive August 16, 2016
Project 2016-02 CIP Modifications Webinar on Revisions in Response to LERC Directive August 16, 2016 Administrative Items NERC Antitrust Guidelines It is NERC s policy and practice to obey the antitrust
More informationImplementation Plan. Project CIP Version 5 Revisions 1. January 23, 2015
Implementation Plan Project 2014-02 CIP Version 5 Revisions January 23, 2015 This Implementation Plan for the Reliability Standards developed as part of Project 2014 02 CIP Version 5 Revisions replaces
More informationImplementation Plan. Project CIP Version 5 Revisions. January 23, 2015
Implementation Plan Project 2014-02 CIP Version 5 Revisions January 23, 2015 This Implementation Plan for the Reliability Standards developed as part of Project 2014-02 CIP Version 5 Revisions replaces
More informationNERC-Led Technical Conferences
NERC-Led Technical Conferences NERC s Headquarters Atlanta, GA Tuesday, January 21, 2014 Sheraton Phoenix Downtown Phoenix, AZ Thursday, January 23, 2014 Administrative Items NERC Antitrust Guidelines
More informationProject Modifications to CIP Standards
Project 2016-02 Modifications to CIP Standards Virtualization and other Technology Innovations Presenters Jay Cribb, Southern Company Steve Brain, Dominion Energy Forrest Krigbaum, Bonneville Power Administration
More informationUnofficial Comment Form Project Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i)
Unofficial Comment Form Project 2016-02 Modifications to CIP Standards Requirements for Transient Cyber Assets CIP-003-7(i) Do not use this form for submitting comments. Use the electronic form to submit
More informationMeeting Notes Project Modifications to CIP Standards Drafting Team June 28-30, 2016
Meeting Notes Project 2016-02 Modifications to CIP Standards Drafting Team June 28-30, 2016 Exelon Chicago, IL Administrative 1. Introductions / Chair s Remarks The meeting was brought to order by S. Crutchfield
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationStandard Development Timeline
CIP-003-67(i) - Cyber Security Security Management Controls Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Description of Current Draft
More information1. Post for 45-day comment period and pre-ballot review. 7/26/ Conduct initial ballot. 8/30/2010
Standard CIP 011 1 Cyber Security Protection Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 June 2, 2014
Federal Energy Regulatory Commission Order No. 791 June 2, 2014 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently proposed
More informationCYBER SECURITY POLICY REVISION: 12
1. General 1.1. Purpose 1.1.1. To manage and control the risk to the reliable operation of the Bulk Electric System (BES) located within the service territory footprint of Emera Maine (hereafter referred
More informationSummary of FERC Order No. 791
Summary of FERC Order No. 791 On November 22, 2013, the Federal Energy Regulatory Commission ( FERC or Commission ) issued Order No. 791 adopting a rule that approved Version 5 of the Critical Infrastructure
More informationCritical Infrastructure Protection Version 5
Critical Infrastructure Protection Version 5 Tobias Whitney, Senior CIP Manager, Grid Assurance, NERC Compliance Committee Open Meeting August 9, 2017 Agenda Critical Infrastructure Protection (CIP) Standards
More informationConsideration of Issues and Directives Federal Energy Regulatory Commission Order No. 791 January 23, 2015
Federal Energy Regulatory Commission Order No. 791 January 23, 2015 67 and 76 67. For the reasons discussed below, the Commission concludes that the identify, assess, and correct language, as currently
More informationPhysical Security Reliability Standard Implementation
Physical Security Reliability Standard Implementation Attachment 4b Action Information Background On March 7, 2014, the Commission issued an order directing NERC to submit for approval, within 90 days,
More informationModifications to TOP and IRO Standards
Modifications to TOP and IRO Standards Jason Smith, Southwest Power Pool Industry Webinar July 22, 2016 NERC Antitrust Guidelines It is NERC's policy and practice to obey the antitrust laws to avoid all
More informationIndustry Webinar. Project Modifications to CIP-008 Cyber Security Incident Reporting. November 16, 2018
Industry Webinar Project 2018-02 Modifications to CIP-008 Cyber Security Incident Reporting November 16, 2018 Agenda Presenters Standard Drafting Team NERC Staff - Alison Oswald Administrative Items Project
More informationCritical Cyber Asset Identification Security Management Controls
Implementation Plan Purpose On January 18, 2008, FERC (or Commission ) issued Order. 706 that approved Version 1 of the Critical Infrastructure Protection Reliability Standards, CIP-002-1 through CIP-009-1.
More informationThis draft standard is being posted for an initial comment and ballot. The draft includes modifications to meet the directives of FERC Order No. 791.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationCIP Cyber Security Security Management Controls. A. Introduction
CIP-003-7 - Cyber Security Security Management Controls A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-7 3. Purpose: To specify consistent and sustainable security
More informationProject CIP Modifications
Project 2016-02 CIP Modifications Webinar on Standard Drafting Team Considerations for the Use of Virtualization in the CIP Environment March 21, 2017 Agenda Administrative Items Antitrust and Disclaimers
More informationProject CIP Modifications
Project 2016-02 CIP Modifications Webinar on Standard Drafting Team Considerations for the Use of Virtualization in the CIP Environment April 18, 2017 Administrative Items NERC Antitrust Guidelines It
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 3 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-5.1 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the BES from individuals
More informationStandard CIP-006-4c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-4c 3. Purpose: Standard CIP-006-4c is intended to ensure the implementation of a physical security
More informationCIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security System Security Management 2. Number: CIP-007-5 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in
More informationStandard CIP 005 4a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-4a 3. Purpose: Standard CIP-005-4a requires the identification and protection of the Electronic Security Perimeter(s)
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationTitle. Critical Infrastructure Protection Getting Low with a Touch of Medium. CanWEA Operations and Maintenance Summit 2018.
Critical Infrastructure Protection Getting Low with a Touch of Medium Title CanWEA Operations and Maintenance Summit 2018 January 30, 2018 George E. Brown Compliance Manager Acciona Wind Energy Canada
More informationStandard Development Timeline
CIP 003 7 Cyber Security Security Management Controls Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard
More informationDesigning Secure Remote Access Solutions for Substations
Designing Secure Remote Access Solutions for Substations John R Biasi MBA, CISA, CISSP October 19, 2017 Agenda Brief Biography Interactive Remote Access Dial-Up Access Examples Transient Devices Vendor
More informationCIP Cyber Security Personnel & Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-6 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric
More informationSupply Chain Cybersecurity Risk Management Standards. Technical Conference November 10, 2016
Supply Chain Cybersecurity Risk Management Standards Technical Conference November 10, 2016 Agenda Opening remarks Review conference objectives and ground rules Standards project overview Discuss draft
More informationStandard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard is adopted by the NERC Board of Trustees (Board).
More informationPage 1 of 15. Applicability. Compatibility EACMS PACS. Version 5. Version 3 PCA EAP. ERC NO ERC Low Impact BES. ERC Medium Impact BES
002 5 R1. Each Responsible Entity shall implement a process that considers each of the following assets for purposes of parts 1.1 through 1.3: i. Control Centers and backup Control Centers; ii. Transmission
More informationStandard CIP-006-3c Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3c 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security
More informationStandards Authorization Request Form
Standards Authorization Request Form When completed, email this form to: sarcomm@nerc.com NERC welcomes suggestions to improve the reliability of the bulk power system through improved reliability standards.
More informationCIP Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-6 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and
More informationStandard CIP 007 4a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4a 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for
More informationProject Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives
Project 2014-02 - Cyber Security - Order No. 791 Identify, Assess, and Correct; Low Impact; Transient Devices; and Communication Networks Directives Violation Risk Factor and Justifications The tables
More informationCIP Technical Workshop
CIP Technical Workshop Scott R, Mix, CISSP, NERC CIP Technical Manager Nick Santora, CISSP, CISA, GISP, CIP Cybersecurity Specialist Tobias R. Whitney, Manager, CIP Compliance March 4, 2014 Agenda Welcome
More informationAnalysis of CIP-006 and CIP-007 Violations
Electric Reliability Organization (ERO) Compliance Analysis Report Reliability Standard CIP-006 Physical Security of Critical Cyber Assets Reliability Standard CIP-007 Systems Security Management December
More informationCIP Cyber Security Configuration Management and Vulnerability Assessments
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationProject CIP Modifications
Project 2016-02 CIP Modifications Webinar on Standard Drafting Team Considerations for the Use of Virtualization in the CIP Environment July 19, 2017 Agenda Opening Remarks and Introduction of Presenters
More informationQuébec Reliability Standards Compliance Monitoring and Enforcement Program Implementation Plan Annual Implementation Plan
Québec Reliability Standards Compliance Monitoring and Enforcement Program Implementation Plan 2017 Annual Implementation Plan Effective Date: January 1, 2017 Approved by the Régie: December 1, 2016 Table
More informationCompliance: Evidence Requests for Low Impact Requirements
MIDWEST RELIABILITY ORGANIZATION Compliance: Evidence Requests for Low Impact Requirements Jess Syring, CIP Compliance Engineer MRO CIP Low Impact Workshop March 1, 2017 Improving RELIABILITY and mitigating
More informationCyber Security Standards Drafting Team Update
Cyber Security Standards Drafting Team Update Michael Assante, VP & Chief Security Officer North American Electric Reliability Corp. February 3, 2008 Overview About NERC Project Background Proposed Modifications
More informationImplementing Cyber-Security Standards
Implementing Cyber-Security Standards Greg Goodrich TFIST Chair, CISSP New York Independent System Operator Northeast Power Coordinating Council General Meeting Montreal, QC November 28, 2012 Topics Critical
More informationCyber Security Supply Chain Risk Management
Cyber Security Supply Chain Risk Management JoAnn Murphy, SDT Vice Chair, PJM Interconnection May 31, 2017 FERC Order No. 829 [the Commission directs] that NERC, pursuant to section 215(d)(5) of the FPA,
More informationCyber Threats? How to Stop?
Cyber Threats? How to Stop? North American Grid Security Standards Jessica Bian, Director of Performance Analysis North American Electric Reliability Corporation AORC CIGRE Technical Meeting, September
More informationStandard CIP 005 2a Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2a 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationStandard CIP Cyber Security Critical Cyber Asset Identification
Standard CIP 002 1 Cyber Security Critical Cyber Asset Identification Standard Development Roadmap This section is maintained by the drafting team during the development of the standard and will be removed
More informationSGAS Low Impact Atlanta, GA September 14, 2016
SGAS Low Impact Atlanta, GA September 14, 2016 Lisa Wood, CISA, Security+, CBRA, CBRM Compliance Auditor Cyber Security Western Electricity Coordinating Council Slide 2 Agenda Low Impact Case Study Overview
More informationThis section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective.
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Description of Current Draft
More informationBILLING CODE P DEPARTMENT OF ENERGY FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]
This document is scheduled to be published in the Federal Register on 07/22/2015 and available online at http://federalregister.gov/a/2015-17920, and on FDsys.gov BILLING CODE 6717-01-P DEPARTMENT OF ENERGY
More informationNORTH AMERICAN ELECTRIC RELIABILITY CORPORATION
NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION NARUC Energy Regulatory Partnership Program The Public Services Regulatory Commission of Armenia and The Iowa Utilities Board Janet Amick Senior Utility
More informationDRAFT. Cyber Security Communications between Control Centers. March May Technical Rationale and Justification for Reliability Standard CIP-012-1
DRAFT Cyber Security Communications between Control Centers Technical Rationale and Justification for Reliability Standard CIP-012-1 March May 2018 NERC Report Title Report Date I Table of Contents Preface...
More informationCIP Configuration Change Management & Vulnerability Assessments
CIP-010-2 Configuration Change Management & Vulnerability Assessments FRCC Spring RE Workshop April 17-18, 2018 Objective Change Management to prevent unauthorized modifications to Bulk Electric Systems
More informationA. Introduction 1. Title: 2. Number: 3. Purpose: 4. Applicability: 4.1. Functional Entities: Balancing Authority Distribution Provider
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationIndustry Webinar. Project Single Points of Failure. August 23, 2018
Industry Webinar Project 2015-10 Single Points of Failure August 23, 2018 Agenda Presenters Standard Drafting Team o Chair, Jonathan Hayes, SPP o Vice Chair, Delyn Kilpack, LGE-KU NERC Staff o Latrice
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationAdditional 45-Day Comment Period September Final Ballot is Conducted October/November Board of Trustees (Board) Adoption November 2014
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationLow Impact BES Cyber Systems. Cyber Security Security Management Controls CIP Dave Kenney
Low Impact BES Cyber Systems Cyber Security Security Management Controls CIP-003-6 Dave Kenney November 9, 2016 Presentation Agenda Outreach Observations/Audit Approach Cyber Security Awareness Physical
More informationStandard CIP Cyber Security Physical Security
A. Introduction 1. Title: Cyber Security Physical Security of Critical Cyber Assets 2. Number: CIP-006-3 3. Purpose: Standard CIP-006-3 is intended to ensure the implementation of a physical security program
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationStandard CIP Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-2 3. Purpose: Standard CIP-005-2 requires the identification and protection of the Electronic Security Perimeter(s)
More informationCIP Cyber Security Physical Security of BES Cyber Systems
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationEEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1,
EEI Fall 2008 Legal Conference Boston, Massachusetts Stephen M. Spina November 1, 2008 www.morganlewis.com Overview Reliability Standards Enforcement Framework Critical Infrastructure Protection (CIP)
More informationLesson Learned CIP Version 5 Transition Program CIP : Communications and Networking Cyber Assets Version: October 6, 2015
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1: Communications and Networking Cyber Assets Version: October 6, 2015 Authorized by the Standards Committee on October 29, 2015 for posting as
More informationCyber Security Reliability Standards CIP V5 Transition Guidance:
Cyber Security Reliability Standards CIP V5 Transition Guidance: ERO Compliance and Enforcement Activities during the Transition to the CIP Version 5 Reliability Standards To: Regional Entities and Responsible
More informationHang on it s going to be a wild ride
AGA/EEI Utility Internal Auditor's Training Course Washington, DC August 26, 2015 Hang on it s going to be a wild ride There are no NERC CIP Babel Fish "The Babel fish is small, yellow, leech-like, and
More informationUnofficial Comment Form Project Modifications to CIP Standards Virtualization in the CIP Environment
Unofficial Comment Form Project 2016-02 Modifications to CIP Standards Virtualization in the CIP Environment Do not use this form for submitting comments. Use the electronic form to submit comments on
More informationStandard CIP Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-4 3. Purpose: Standard CIP-007-4 requires Responsible Entities to define methods, processes, and procedures for securing
More informationCOM Operating Personnel Communications Protocols. October 31, 2013
COM-002-4 Operating Personnel Communications Protocols October 31, 2013 Agenda Introductory Remarks: Mark Lauby Project 2007 02 Background COM 002 4 Requirements Implementation Plan Compliance VSL/VRF
More informationReliability Standard Audit Worksheet 1
Reliability Standard Audit Worksheet 1 CIP-006-6 Cyber Security Physical Security of BES Cyber Systems This section to be completed by the Compliance Enforcement Authority. Audit ID: Registered Entity:
More informationStandard COM Communication and Coordination
A. Introduction 1. Title: Communication and Coordination 2. Number: COM-002-3 3. Purpose: To ensure Emergency communications between operating personnel are effective. 4. Applicability 4.1. Reliability
More informationAdditional 45-Day Comment Period and Ballot November Final Ballot is Conducted January Board of Trustees (Board) Adoption February 2015
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationImplementation Plan for Version 5 CIP Cyber Security Standards
Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 17, 2012 Note: On September 17, 2012, NERC was alerted that some references in the Initial Performance of Certain Periodic
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationFebruary 25, 2015 VIA ELECTRONIC FILING
February 25, 2015 VIA ELECTRONIC FILING David Erickson President and Chief Executive Officer Alberta Electric System Operator 2500, 330-5 Avenue SW Calgary, Alberta T2P 0L4 RE: North American Electric
More informationCyber Security Incident Report
Cyber Security Incident Report Technical Rationale and Justification for Reliability Standard CIP-008-6 January 2019 NERC Report Title Report Date I Table of Contents Preface... iii Introduction... 1 New
More informationDraft CIP Standards Version 5
Draft CIP Standards Version 5 Technical Webinar Part 2 Project 2008-06 Cyber Security Order 706 Standards Drafting Team November 29, 2011 Agenda Opening Remarks John Lim, Consolidated Edison, Chair V5
More informationCIP Cyber Security Physical Security of BES Cyber Systems
A. Introduction 1. Title: Cyber Security Physical Security of BES Cyber Systems 2. Number: CIP-006-5 3. Purpose: To manage physical access to BES Cyber Systems by specifying a physical security plan in
More informationMulti-Region Registered Entity Coordinated Oversight Program
Multi-Region Registered Entity Coordinated Oversight Program Ken McIntyre, Vice President and Director of Standards and Compliance Compliance Committee Open Meeting February 7, 2018 Coordinated Oversight
More informationProject Modifications to BAL Frequency Response and Frequency Bias Setting. Industry Webinar December 18, 2018
Project 2017-01 Modifications to BAL-003-1.1 Frequency Response and Frequency Bias Setting Industry Webinar December 18, 2018 Administrative Items North American Electric Reliability Corporation (NERC)
More informationNB Appendix CIP NB-0 - Cyber Security Personnel & Training
This appendix establishes modifications to the FERC approved NERC standard CIP-004-5.1 for its specific application in New Brunswick. This appendix must be read with CIP-004-5.1 to determine a full understanding
More informationNew Brunswick 2018 Annual Implementation Plan Version 1
New Brunswick Energy and Utilities Board Reliability Standards, Compliance and Enforcement Program New Brunswick 2018 Annual Implementation Plan Version 1 December 28, 2017 Table of Contents Version History...
More informationCIP Cyber Security Security Management Controls. Standard Development Timeline
Standard Development Timeline This section is maintained by the drafting team during the development of the standard and will be removed when the standard becomes effective. Development Steps Completed
More informationPurpose. ERO Enterprise-Endorsed Implementation Guidance
Lesson Learned CIP Version 5 Transition Program CIP-002-5.1 Requirement R1: Impact Rating of Generation Resource Shared BES Cyber Systems Version: January 29, 2015 Authorized by the Standards Committee
More informationA. Introduction. Page 1 of 22
The Background, VRF/VSLs, and Guidelines and Technical Basis Sections have been removed for this informal posting. The Project 2016-02 is seeking comments around the concept of the Requirement/Measure
More informationDraft CIP Standards Version 5
Draft CIP Standards Version 5 Technical Webinar Part 1 Project 2008-06 Cyber Security Order 706 Standards Drafting Team November 15, 2011 Agenda Opening Remarks John Lim, Consolidated Edison, Chair V5
More informationCIP Version 5 Evidence Request User Guide
CIP Version 5 Evidence Request User Guide Version 1.0 December 15, 2015 NERC Report Title Report Date I Table of Contents Preface... iv Introduction... v Purpose... v Evidence Request Flow... v Sampling...
More information