Guidance for CIP-013: Effective Date, Guidelines, and Enforcement

Guidance for CIP-013: Effective Date, Guidelines, and Enforcement






Updated April 2, 2020 – Latest NERC CIP-013 Guidance
NERC CIP-013 Overview
On July 21, 2016, the Federal Energy Regulatory Commission (FERC) issued Order No. 829, directing the North American Electric Reliability Corporation (NERC) to develop a new or modified “Reliability Standard”. This new standard would gover third parties, or supply chain risk management (SCRM) in the power and utilities sectors. The new NERC supply chain risk management standard would cover industrial control system (ICS) hardware, software, and computing and networking services associated with the Bulk Electric System (BES).
By fall 2018, the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standard, “NERC CIP-013-1” was released, establishing new cybersecurity requirements for organizations in the power and utilities sectors. NERC’s CIP-013 standard mandates that power and utilities secure their global supply chain by holding their vendors to cybersecurity requirements. With CIP-013 enforcement and deadlines around the corner, organizations are looking for solutions that provide them the most visibility across their supply chain with the fastest time to value.
In order to mitigate risks in the global supply chain, and mitigate supply chain disruption caused by cybersecurity risks, responsible entities in the power and utilities sectors must come together and use this regulation as a means to protect the Bulk Electric System (BES) as a whole.
This new CIP-013 supply chain risk management regulation serves to limit power and utilities’ expose to third party cyber risks as they expand business in a predominantly digital age. Thus, the standard and upcoming effective date impacts all entities in the power and utilities industry, requiring them to focus on assessments, risk measurement, risk management, an ..

Support the originator by clicking the read the rest link below.