Tuesday, September 7, 2010
Clock is Winding Down on NERC CIP 002-4 Mandatory Data "Request"
FYI: Utilities had until today, 7 Sep 2010 to respond to four not-so-simple questions/directives:
1. What is the number of elements in your Existing Critical Asset List?
2. For each element in the list above, use the criteria in the enclosed Attachment 1 (not provided here) to determine how it would be categorized. Each element on the list must be counted only one time. If a particular element could be qualified as multiple criteria, please choose the one that applies most to the element. The sum of the elements included in the answers to question 2 should equal the number of elements provided in the answer in question
3. Use the criteria in Attachment 1 to estimate the Critical Assets and each Critical Assets’ impact level that your Registered Entity would report for its share of the Bulk Electric System. Please count each Critical Asset only once. If a particular Critical Asset could be qualified as multiple criteria, please choose the one that applies most to the Critical Asset. It is understood that, given the time frame, this is a rough estimate and is not necessarily the exact number that you would report given enough time to perform a detailed analysis of your system.
4. Enter all of the NERC Compliance Registry (NCR) numbers that you are reporting on an enterprise-wide basis for.
Will be very interesting to see what comes of this activity. We should begin to get a feel for the version 4-driven increase in scope and complexity for NERC CIPS preparation, auditing and reporting pretty soon.
The NERC survey page can be seen HERE.
Photo credit: laffy4k / Chris Metcalf on Flickr.com
Labels:
CIPs,
cyber security,
nerc,
regulation
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment