Business911 Regulatory Compliance and Audit services include:
NERC/CIP services include assessment, mitigation, of CIP-002 thru CIP-009 Critical Infrastructure Protection
Our extensive background in information security, network analysis, IT governance, and organizational resiliency provides a solid foundation to provide best of class NERC/CIP consultation. Our experience includes process control, manufacturing, and SCADA systems.
The North American Electric Reliability Corporation (NERC) is responsible for ensuring North America's bulk electric system is secure, adequate and reliable. To meet this challenge, NERC developed the Critical Infrastructure Protection (CIP) Cyber Security Standards.
Those eight standards are:
* CIP-002 Cyber Asset Identification
* CIP-003 Security Management Controls
* CIP-004 Personnel & Training
* CIP-005 Electronic Security Perimeters
* CIP-006 Physical Security
* CIP-007 System Security Management
* CIP-008 Incident Reporting and Response
* CIP-009 Recovery Plan for Critical Cyber Assets
We also provide serivces to migrate from CIP version 3 to CIP version 5.
NERC requirements stress accountability and auditability at multiple layers of security and on an end-to-end basis. Especially wherever IP and Ethernet protocols are used, end-to-end accountability includes being able to monitor and assure secure communications with no weak links.
Resources related to NERC/CIP: