What is NERC CIP v5?

On November 22, 2013, FERC approved Version 5 of the critical infrastructure protection cybersecurity standards (CIP Version 5), which represent significant progress in mitigating cyber risks to the bulk power system.

What are the NERC CIP standards?

The NERC Critical Infrastructure Protection (CIP) Standards are those which apply specifically to the cybersecurity aspects of the Bulk Electric System and its efficient and reliable supply.

How do I get NERC CIP certified?

To earn NERC certification, an operator passes an exam and completes NERC‐approved continuing education every three years.

What is a CIP cyber asset classification?

The Critical Infrastructure Protection (CIP) standard by the North American Electric Reliability Corporation (NERC) through version 4 has defined a “critical cyber asset” or “CCA” as any device that uses a routable protocol to communicate outside the electronic security perimeter (ESP), uses a routable protocol within …

What does NERC CIP apply to?

The NERC CIP standards are the mandatory security standards that apply to entities that own or manage facilities that are part of the U.S. and Canadian electric power grid. They were initially approved by the Federal Energy Regulatory Commission (FERC) in 2008.

What is the difference between NERC and FERC?

The Federal Energy Regulatory Commission is a federal agency that regulates the interstate transmission of electricity, natural gas and oil. FERC oversees NERC in the United States, as do provincial governments in Canada.

Who will comply with NERC CIP?

All bulk power system owners, operators, and users must comply with NERC-approved Reliability Standards. These entities are required to register with NERC through the appropriate Regional Entity. For more information about the Compliance program, please contact us.

What is a CIP degree?

The Certified IRB Professional (CIP) program is a certification initiative in the United States for individuals administering and overseeing the daily activities of institutional review boards (IRBs).

What does NERC CIP require to identify information that is classified as BES Cyber system information?

Standard CIP-011 exists as part of a suite of CIP Standards related to cyber security, which require the initial identification and categorization of BES Cyber Systems and require a minimum level of organizational, operational, and procedural controls to mitigate risk to BES Cyber Systems.

What CIP 005?

Standard CIP-005 requires the identification and protection of the Electronic. Security Perimeter(s) inside which all Critical Cyber Assets reside, as well as all access points on the perimeter. Standard CIP-005 should be read as part of a group of standards numbered Standards CIP-002 through CIP-009.

Does FERC regulate ERCOT?

ERCOT is largely independent of FERC and federal regulation because it does not engage in significant interstate trading — it operates under its own system islanded off from the eastern and western interconnections.