NERC CIP

Download Free North American Reliability Corp (NERC) Critical Infrastructure Protection (CIP) standards or simply NERC/CIP is a set of Cyber Security Framework standard that force of by law by the Federal Energy Regulatory Commission (FERC). This standard consist of several domain such as:

CIP-001-1 Sabotage Reporting
Disturbances or unusual occurrences, suspected or determined to be caused by sabotage, shall be reported to the appropriate systems, governmental agencies, and regulatory bodies.

CIP-002-1 Critical Cyber Asset Identification
NERC Standards CIP-002 through CIP-009 provides a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk Electric System.

CIP-002-2 Cyber Security - Critical Cyber Asset Identification
NERC Standards CIP-002-2 through CIP-009-2 provide a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk Electric System.

Download Free North American Reliability Corp. (NERC) Critical Infrastructure Protection (CIP) Security Audit Checklist. This Audit Checklist cover minimum NERC-CIP IT Security Requirements such as:

Electronic Security (CIP-002, 003, 005, 007, 009)
Under these standards, utilities must:
- Maintain an inventory of all electronics that either are part of the critical assets list or are necessary to the operation of critical assets.
- Protect access to these critical cyber-assets on a need-to-know basis.
- Create an electronic security perimeter that prevents unauthorized users from accessing any critical cyber-asset, whether they are outside or inside the corporate network.
- Ensure that all electronic cyber-assets are secure via user account management, equipment, password management, and secure networking policies.
- Implement and test a critical cyber-asset recovery plan.

North American Reliability Corp. (NERC) Critical Infrastructure Protection (CIP) Software Minimum Requirements:
- Coordinated management of compliance across all legal entities and functional roles.
- Relational database which serves as system of record for legal entities, functional roles and corresponding NERC and regional standards, requirements and measures, ISOtariffs, etc.
- Configurable tasks, roles and statuses.
- Automated task assignment and tracking based on regional and NERC audit schedules.

North American Reliability Corp. (NERC) Critical Infrastructure Protection (CIP) standards is an IT Compliance Standards that released by the Federal
Energy Regulatory Commission (FERC). The NERC CIP is applicable to every utilities do with computers related to the operation of the grid, data collection and data dissemination throughout the enterprise. The NERC CIP has fines of up to $1 million per day for non compliance

Electronic Security (CIP-002, 003, 005, 007, 009)