NERC CIP Compliance
Corporate Risk Solutions, Inc. (CRSI) is one of the industry leaders in providing NERC CIP Compliance consulting support to electric utilities.
CRSI is a highly experienced and credentialed consulting firm that has provided and continues to support electric utilities with a full suite of services since 2001.
CRSI has provided NERC CIP Consulting Support to more than 100 electric utilities and has been contracted by multiple regional entities to conduct NERC CIP Audits, RBAM Evaluations, Mitigation Plan Reviews, and TFE Reviews.
It is crucial for electric utilities to be prepared for malicious attacks and internal actions that could negatively affect their operations and organization. Utilities must consider how they are being logically and physically accessed in order to optimize their security approach. While utilities have a reputation for engineering just about everything, they often treat security programs and systems as “'add-ons”. This approach only ensures that the expenditures are more costly and far less effective and have a shorter operational life cycle.
To ensure effective regulatory compliance to the NERC CIP Standards, and to enhance their risk management programs, Cyber, Information, Physical and Personnel Security programs and Business Continuity/Continuity of Operations should be engineered into literally every project and operational processes so that actual use of these practices in daily functions strengthens the security of the utility while supporting safe and secure operations. In short, they should be built into the very infrastructure of utility operations whether it is a Systems Operations Control Center, Substation or Generation Facility.
CRSI has an unmatched level of experience, credentials, and expertise specialized in providing solutions to traditional electric utilities, wind generation, solar and smart grid systems. CRSI has performed work for cooperatives, municipalities, investor-owned utilities, merchant/market participants, and U.S. government contracted facilities, and has worked within and interacted with all 8 of the NERC Regional Entities.
Corporate Risk Solutions’ professional, credentialed, and experienced consultants have in-depth knowledge and extensive experience to address each of the specific requirements of the NERC CIP-002 through CIP-009 Reliability Standards as well as the NERC 693 Operational Standards.
Find out why more than 100 electric utilities and have made the decision to partner with CRSI for their NERC CIP Compliance needs...
What is NERC?
The North American Electric Reliability Corporation’s (NERC) mission is to ensure the reliability of the North American bulk power system. NERC is the electric reliability organization (ERO) certified by the Federal Energy Regulatory Commission to establish and enforce reliability standards for the bulk power system. NERC develops and enforces reliability standards; assesses adequacy annually via a 10-year forecast, and summer and winter forecasts; monitors the bulk power system; and educates, trains and certifies industry personnel. ERO activities in Canada related to the reliability of the bulk power system are recognized and overseen by the appropriate governmental authorities in that country. (www.nerc.com)
What is NERC CIP?
The Critical Infrastructure Protection program coordinates all of NERC’s efforts to improve physical and cyber security for the bulk power system of North America as it relates to reliability. These efforts include standards development, compliance enforcement, assessments of risk and preparedness, disseminating critical information via alerts to industry, and raising awareness of key issues. Additionally, the program is home to the Electricity Sector Information Sharing and Analysis Center (or ES-ISAC) and monitors the bulk power system to provide realtime situation awareness leadership and coordination services to the electric industry. (www.nerc.com)
Learn more about how CRSI can help with your NERC CIP 002-009 Compliance Needs:
|NERC CIP-002||Critical Cyber Asset Identification|
|NERC CIP-003||Security Management Controls|
|NERC CIP-004||Personnel and Training|
|NERC CIP-005||Electronic Security Perimeter|
|NERC CIP-006||Physical Security of Critical Cyber Assets|
|NERC CIP-007||Systems Security Management|
|NERC CIP-008||Incident Reporting and Response Planning|
|NERC CIP-009||Recovery Plans for Critical Cyber Assets|