The IT Law Wiki

NERC Critical Infrastructure Protection

32,577pages on
this wiki
Add New Page
Talk0 Share

Overview Edit

The North American Electric Reliability Corporation (NERC) developed the CIP standards that require the utilities to put a baseline set of security measures in place intended to protect the bulk power system. Currently, NERC-CIP is the only mandatory requirement that must be met by the electric utilities in the area of cybersecurity-related to operations, outside of customer data privacy.

NERC-CIP has the following nine sections:

  • CIP-001 Sabotage reporting
  • CIP-002 Critical Cyber-Asset Identification
  • CIP-003 Security Management Controls
  • CIP-004 Personnel and Training
  • CIP-005 Electronic Security Perimeter
  • CIP-006 Physical Security of Critical Cyber-Assets
  • CIP-007 Systems Security and Management
  • CIP-008 Incident Reporting and Response Planning
  • CIP-009 Recovery Plans for Critical Cyber-Assets.

Source Edit

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.