compliance

North American Reliability Corp. (NERC) Critical Infrastructure Protection (CIP) Software Minimum Requirements:
- Coordinated management of compliance across all legal entities and functional roles.
- Relational database which serves as system of record for legal entities, functional roles and corresponding NERC and regional standards, requirements and measures, ISOtariffs, etc.
- Configurable tasks, roles and statuses.
- Automated task assignment and tracking based on regional and NERC audit schedules.

Download Free SAS70 Outsourcing Project Implementation Contracts Evaluation Checklist

Purpose
This section describes in simple terms the purpose of the evaluation, how it relates to the customer, and the benefits the organization will receive from the evaluation process. It is essential that you use common terminology relevant to the organization to ensure that this material is understood.

Methodology
This section describes the methodology that will be used to conduct the evaluation. This is a good place to emphasize the IEM as a standard methodology to conduct technical INFOSEC evaluations, developed and approved by the National Security Agency. This section includes the phases, processes, and steps to be used during the evaluation.

Scope
This section is a detailed demonstration of the level of effort, boundaries, and limitations of the evaluation. Appropriate assumptions are a critical part of the scoping process. The scope section provides a detailed listing of known assumptions affecting the evaluation. Assumptions are critical in demonstrating an understanding of the customer environment and detailing how that environment will affect the evaluation. The types of assumptions may include number of physical locations, number and type of systems, number and type of networks, relevant POC information, information about scheduling of the technical scans and conducting the 10 baseline IEM activities, and any associated constraints that can be listed as assumptions.

Roles and responsibilities of customer staff

Download free IT Strategic Direction Audit Checklist. This strategic audit checklist used to review the technological infrastructure plan during IT strategic management. This checklist also review the policies, procedures

Directories are public or private stores containing essential identifying information typically used in daily enterprise activities. Many application providers capitalize on directories offering integration into existing directories to extend their application’s functionality. Network operating systems also house vital network information, such as users and computers, within directories.

Lightweight Directory Access Protocol (LDAP) is a directory standard founded on the legacy X.500 directory. LDAP’s initial implementations provided gateway services between X.500 directory servers and clients. While LDAP was initially created to meet this requirement, it became clear that a parting from the cumbersome X.500 directory standard was needed to simplify deployments. In 1994, LDAP was transformed into a directory specification with its own database and structuring conventions.