Proven Compliance Solutions Inc. Partners with NERC Low Impact Entities to Meet CIP V5/6 Compliance Deadlines

Share Article

Electric utilities are enlisting the help of PCS to write custom CIP V5/V6 policies and plans that fit their specific operations and meet the criteria to achieve compliance.

We take the complicated subject of CIP and boil it down to identify exactly what needs to be done.

Proven Compliance Solutions Inc. (PCS), industry recognized for excellence in North American Electric Reliability Corporation (NERC) Reliability Standards Compliance Consulting Services, is pleased to partner with NERC Critical Infrastructure Protection Standards CIP V5/V6 Low Impact Entities to prepare them to meet the 2017 and 2018 compliance deadlines. Electric utilities across North America are preparing for full implementation of the latest versions of the CIP Reliability Standards that became mandatory and enforceable on July 1, 2016 and require companies to complete an impact assessment to identify their High, Medium, and Low Impact Bulk Electric System (BES) assets. While High and Medium Impact assets require the majority of CIP controls, Low Impact assets also require some cyber protections, which many small companies have to apply for the first time.

The December 2015 cyber attack on the Ukrainian power grid was a stark reminder of how important it is for CIP Standards to be taken seriously. It was the first publically acknowledged power outage caused by a cyber attack, which left 225,000 customers in the dark for several hours.

The following are important CIP Low Impact dates and activities for NERC registered entities:

  • July 1, 2016 – Identify a CIP Senior Manager and implement a documented process to delegate authority of the CIP Senior Manager.
  • July 1, 2016 – Complete an impact assessment to identify High and Medium BES Cyber Systems and Low Impact assets.
  • April 1, 2017 – Have a Cyber Security Policy for Low Impact BES Cyber Systems signed by the CIP Senior Manager.
  • April 1, 2017 – Have cyber security plans for Cyber Security Awareness, Physical Security Controls, Electronic Access Controls, and Cyber Security Incident Response.
  • April 1, 2017 – Implement Cyber Security Awareness and Cyber Security Incident Response plans.
  • September 1, 2018 – Implement Physical Security Controls and Electronic Access Controls plans.

Electric utilities are enlisting the help of PCS to write custom policies and plans that fit their specific operations and meet the criteria to achieve compliance. When asked about providing this service, Jared Shakespeare, Director of Cyber Security for PCS, stated, "I am very excited about what PCS is doing for our clients. We take the complicated subject of CIP and boil it down to identify exactly what needs to be done. We help clients create policies and plans that not only enhance reliability and security of critical infrastructure, but also are realistic for them to implement and maintain."

PCS is industry recognized for excellence in NERC Compliance Consulting Services that includes an unsurpassed track record in Regional Audit success. Whether your need for support is in the area of Operations and Planning (O&P) Standards or in the Critical Infrastructure Protection (CIP) Standards, PCS provides the technical expertise and program management support you desire. PCS delivers compliance interpretations based on extensive auditing experience, coupled with programs and processes that provide you confidence in the compliance status of your organization.

For information on how PCS can support your organization's NERC Reliability Standards compliance needs, please contact Dale Zahn at (262) 436-4116 or visit our website at http://www.provencompliance.com.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Dale Zahn
Visit website

Media