Skip to content.

Secondary navigation

NAVEX One® GRC Platform
NAVEX One® GRC Platform
- NAVEX One® GRC Platform
  Where governance, risk and compliance problems find their solutions.
- Enhance Employee Compliance
  Bridge compliance requirements with a healthy workplace culture.
- Manage Third Party Risks
  Anticipate and analyze ongoing third-party, reputational and IT risks.
  - Third Party Risk Monitoring & Screening
  - Third Party Risk Management Software
- Automate Business Risk Governance
  Improve risk visibility to drive better decision-making and performance. 
- Integrate GRC Data Intelligence
  Consolidate data and find more meaningful insights for your risk and compliance program.
  - GRC Dashboards & Reporting
  - GRC Benchmarking
How We Help
How We Help
- By Regulation
  Unpack complex regulations to understand how they affect you.
- By Role
  Make your job easier with purpose-driven resources and guidance.
- By Challenge
  Identify and overcome common compliance challenges with confidence.
- View All Solutions
Resources
Resources
- Resource Center
  Take your pick of our expert GRC knowledge to enrich your journey.
- See all Resources
About
About
- About NAVEX
  Learn why 13,000+ organizations trust us to help manage their GRC challenges.
Why NAVEX?
Contact us
Get Pricing
Request Demo

NERC CIP Compliance

NERC CIP (the North American Electric Reliability Corporation Critical Infrastructure Protection programme) is a set of international requirements intended to secure the critical infrastructure for North America’s bulk electric system.

Let's get started

NAVEX One®

Manage NERC CIP Risk and Compliance

NERC CIP requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. NERC CIP compliance applies to companies – owners, operators, and users – that materially impact" the reliability of our bulk power system. While a compliance failure can be addressed, a cyber incident involving a utility could be disastrous, keeping risk and compliance managers awake at night.

The NERC requires policies for defining, monitoring, and changing the configuration of critical assets, as well as defined, dynamic policies governing access to those assets. Risk and compliance managers must develop standards, provide ongoing risk assessments, plan for business continuity in case of disruption, enforce IT controls, and share important information with different stakeholders around the company.