Blog Archives

Critical Infrastructure Protection

CIP-005-5 – Cyber Security — Electronic Security Perimeter(s)

Purpose

To manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security Perimeter in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the BES.

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-002-5.1a – Cyber Security – BES Cyber System Categorization

Purpose

To identify and categorize BES Cyber Systems and their associated BES Cyber Assets for the application of cyber security requirements commensurate with the adverse impact that loss, compromise, or misuse of those BES Cyber Systems could have on the reliable operation of the BES. Identification and categorization of BES Cyber Systems support appropriate protection against compromises that could lead to misoperation or instability in the BES.

Read more ›



CIP-007-6 – Cyber Security – System Security Management

Purpose

To manage system security by specifying select technical, operational,  and procedural requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-006-6 – Cyber Security – Physical Security of BES Cyber Systems

Purpose

To manage physical access to Bulk Electric System (BES) Cyber Systems by  specifying a physical security plan in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the BES.

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-004-6 – Cyber Security – Personnel & Training

Purpose

To minimize the risk against compromise that could lead to misoperation or instability in the Bulk Electric System (BES) from individuals accessing BES Cyber Systems by requiring an appropriate level of personnel risk assessment, training, and security awareness in support of protecting BES Cyber Systems

Applicability

4.1.

Read more ›



CIP-003-6 – Cyber Security – Security Management Controls

Purpose

To specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES)

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-010-2 – Cyber Security – Configuration Change Management and Vulnerability Assessments

Purpose

To prevent and detect unauthorized changes to BES Cyber Systems by  specifying configuration change management and vulnerability assessment requirements in support of protecting BES Cyber Systems from compromise that could lead to misoperation or instability in the Bulk Electric System (BES).

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-011-2 – Cyber Security – Information Protection

Purpose

To prevent unauthorized access to BES Cyber System Information by  specifying information protection requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein,

Read more ›



CIP-009-6 – Cyber Security – Recovery Plans for BES Cyber Systems

Purpose

To recover reliability functions performed by BES Cyber Systems by  specifying recovery plan requirements in support of the continued stability, operability, and reliability of the BES.

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein, the following list of functional entities will be collectively referred to as “Responsible Entities.” For requirements in this standard where a specific functional entity or subset of functional entities are the applicable entity or entities,

Read more ›



CIP-008-5 – Cyber Security – Incident Reporting and Response Planning

Purpose

To mitigate the risk to the reliable operation of the BES as the result of a Cyber Security Incident by specifying incident response requirements.

Applicability

4.1. Functional Entities: For the purpose of the requirements contained herein, the following list of functional entities will be collectively referred to as “Responsible Entities.” For requirements in this standard where a specific functional entity or subset of functional entities are the applicable entity or entities,

Read more ›



Top