Failure to implement CIP correctly will result in significant financial sanctions
NERC CIP compliance requires utilities to create a security plan and process to protect SCADA and other critical infrastructure assets from disruption or cyber-attacks. The North American Electric Reliability Council (NERC) Critical Infrastructure Protection (CIP) standards specify the minimum requirements for compliance and the reliability of the electrical system.
A piecemeal approach to any CIP Standard will typically lead to problems in compliance. Examination of the entire standard, how it interacts with the other CIPs and formulating an approach to deal with each standard with a more holistic approach provides a better outcome.
Without documentation the security policy can not be confirmed, nor can it be replicated with absolute fidelity. Documentation protects the entity when it comes to an audit but it also enables all elements of the entity to ensure they are following the same policies and processes.
Savid’s consulting services help utilities meet the needs of NERC CIP compliance by ensuring adequate documentation, risk management, and electronic security perimeters are properly architected.
Savid’s mock audits help reduce anxiety and increase preparedness for every member of the NERC CIP team.
Savid’s Consulting Services include:
Savid’s Technology Implementation Services include the auditing, installation, and configuration of: