1 / 10

Update in NERC CIP Activities September 4, 2014

Update in NERC CIP Activities September 4, 2014. Agenda. Update on CIP-014-1 Update on Revisions to CIP Version 5 -x Posting v6 Posting Questions. Key Dates: Project 2014-04 Physical Security (CIP-014-1). NOPR for FERC Approval Issued July 17 Comments Due Sept 8

red
Télécharger la présentation

Update in NERC CIP Activities September 4, 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Update in NERC CIP Activities September 4, 2014

  2. Agenda • Update on CIP-014-1 • Update on Revisions to CIP Version 5 • -x Posting • v6 Posting • Questions

  3. Key Dates: Project 2014-04 Physical Security (CIP-014-1) • NOPR for FERC Approval Issued July 17 • Comments Due Sept 8 • Comment Responses Sept 22 • Adopted by NERC Board of Trustees May 13 • Approved by Industry Final Ballot May 5 • FERC Directive March 7

  4. Key DatesCIP-002 to CIP-011 Revisions • CIP Standards Revisions • 45-day comment period Sept 3 – Oct 17​ • Ballot Oct 8-17 • Non-Binding Poll (VRF/VSL) Oct 8-17 • RSAWs Sept 17** • SDT meeting, Austin TX Oct 22-24 • Final Ballot Oct 31 – Nov 10** **Expected date

  5. Significant Changes to CIP-003-6 • CIP-003-6 R2 for Low Impact Assets • Requires implementation of one or more documented cyber security plan(s) • Attachment 1 includes required elements or options that may be selected to address: • Cyber security • Physical access controls • Electronic access controls • Cyber Security Incident response • Attachment 2 includes detailed measures for demonstrating compliance • Introduces 2 new definitions • Low Impact BES Cyber System Electronic Access Points (LEAP) • Low Impact External Routable Connectivity (LERC)

  6. Significant Changes to CIP-010-2 • CIP-010-2 R4 for Transient Devices • Requires implementation of one or more documented plan(s) • Attachment 1 includes required elements or options that may be selected to address: • Transient Cyber Asset(s) Owned or Managed by the Responsible Entity • Transient Cyber Asset(s) Owned or Managed by Vendors or Contractors • Removable Media • Attachment 2 includes detailed measures for demonstrating compliance • Modifies 2 definitions, based on comments • Transient Cyber Asset • Removable Media

  7. CIP-002 to CIP-011 Revision Postings • Single ballot for IAC language removal. • These proposed standards will be version X for the ballot. • CIP-003-X • CIP-004-X • CIP-007-X • CIP-010-X • CIP-011-X • Separate ballots for language changes • Low Impact Assets and Transient Devices. • CIP-003-6 • CIP-010-2 • Definitions – Lows • Definitions – TD • IP-v6

  8. CIP-002 to CIP-011 Revision Postings

  9. Questions and Answers

  10. References • Project 2014-02 CIP Standards Version 5 Revisions • http://www.nerc.com/pa/Stand/Pages/Project-2014-XX-Critical-Infrastructure-Protection-Version-5-Revisions.aspx • Project 2014-04 Physical Security • http://www.nerc.com/pa/Stand/Pages/Project-2014-04-Physical-Security.aspx

More Related