Call Us

EnglishEMEA + APAC / EnglishFrançaisDeutschItalianoEspañol
1-866-297-0224

Header Menu

Blog
Careers
Customer Support

ProductsExpand
Ethics & Compliance Platform
The NAVEX One platform is an automated ethics and compliance solution that includes a suite of complementary solutions.

Learn More

Lockpath Integrated Risk Platform
NAVEX Global’s Lockpath is a powerful, flexible, integrated GRC platform that enables integrated risk management and is built to scale.

Learn More

Environmental, Social & Governance Solutions
NAVEX ESG helps organizations remove the complexity and confusion of managing multiple sustainability efforts.

Learn More

Ethics & Compliance Management
+− Submenu
Policy & Procedure Management

Code of Conduct

Ethics & Compliance Training
+− Submenu
Awareness Solutions

Course Library

Create a Custom Training Plan

Hotline & Incident Management

Disclosure Management

Third Party Risk Monitoring & Screening

Analytics & Benchmarking
+− Submenu
Industry Benchmarking

Dashboard Analytics

Integrated Risk Management
+− Submenu
Business Continuity Management

Privacy, Risk & Compliance Management

Third Party Risk Management

Health and Safety Management

Environmental, Social and Governance Management
+− Submenu
ESG Framework Management

Environmental Sustainability Management

Responsible Supply Chain Management

Conflict Minerals Management
SolutionsExpand
Download

Download

Download

Download

By Issue
+− Submenu
Diversity & Inclusion

Business Continuity

Data Privacy

Bribery & Corruption

Harassment & Discrimination

Retaliation

Conflicts of Interest

Cyber Security

Regulatory Compliance

Organizational Culture

Corporate Fraud

Managing Third Parties

Compliance & Policy

Health and Safety

IT Risk

Operational Risk

By Role
+− Submenu
Risk & Compliance

Legal & Risk

Human Resources

Board of Directors

Audit

Quality Control

IT

Procurement & Supply Chain

By Industry
+− Submenu
Healthcare

Financial Services

Manufacturing

Energy & Utilities

Food and Beverage

Government

Insurance

Life Sciences

Retail

Technology

Transportation & Logistics

By Regulation
+− Submenu
CCPA

FCPA

SOX

GDPR

HIPAA

ISO 27001

NERC CIP

NIST CSF

NYDFS

OSHA

PCI DSS

DOJ Corporate Compliance

EU Whistleblower Directive

UK Modern Slavery Act

UK Bribery Act

Sapin II
PricingExpand
ServicesExpand
Professional Services

Customer Success
+− Submenu
Implementation Services

NAVEX Global Community
ResourcesExpand
Benchmark Reports

Definitive Guides

White Papers

Case Studies

Use Cases

ROI Calculators

Webinars

CPE Credits

Compliance Next

ALL RESOURCES
CompanyExpand
Leadership Team

Partners

In the News

Press Releases

Events

Blog

Working at NAVEX Global

Job Openings
Get In Touch
US + AMERICAS
1-866-297-0224

EMEA + APAC
+44 (0)20 8939 1650

Locations >

Thank you for your interest in NAVEX Global. We'll be in touch with you shortly. If you have any immediate questions, please give us a call at 1-866-297-0224.

NERC CIP Compliance

Speak with one of our experts to help you get started

Challenges
Learn More
Resources
Learn More

Manage NERC CIP Risk and Compliance

NERC CIP (the North American Electric Reliability Corporation Critical Infrastructure Protection program) is an set of international requirements intended to secure the critical infrastructure for North America's bulk electric system. The requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. NERC CIP compliance applies to companies – owners, operators, and users – that materially impact" the reliability of our bulk power system. While a compliance failure can be addressed, a cyber incident involving a utility could be disastrous, keeping risk and compliance managers awake at night.

The NERC requires policies for defining, monitoring, and changing the configuration of critical assets, as well as defined, dynamic policies governing access to those assets. Risk and compliance managers must develop standards, provide ongoing risk assessment, plan for business continuity in case of disruption, enforce IT controls, and share important information with different stakeholder around the company.

See how an IRM platform simplifies NERC CIP compliance

What You Need

Risk Assessments

Lockpath’s assessment engine gathers, organizes and reports on critical risk-related information from the people closest to assets and business processes.

Prioritize Risks

ISO 27001 details the identifying and prioritizing of risks. Assign those risks to specific users for analysis with due dates and reminders.

Map ISO 27001 to Policies

Lockpath’s workflow ensures policies are mapped to the ISO 27001 standard. With any new or updated policy, the platform communicates policies to company employees with required acknowledgment and attestation.

Change Management

ISO 27001 is about continuous improvement. That requires making changes. Lockpath acts as a change-control mechanism, allowing you to plan, approve and track all changes in the ISMS. You can also forecast the impact of any changes.

Audit Prep

Automatically generate audit work-papers; gather and store evidence for audits; and assign audit findings to business and asset owners for investigation, remediation and escalation.

Steps You Can Take to Build an Effective Third Party Risk Management Program

Step 1

Define your organization’s risk based on industry, regulatory environment, number of third parties and other factors to define your risk profile.

Step 2

Screen all of your third parties against your organization's risk profile, reports on adverse media, politically exposed people and sanctions lists.

Step 3

Surface third parties that represent higher risk due to geographical location, type of business, contract value, and government relationships. Screen outcomes and conduct additional due diligence when applicable to protect your organization.

Step 4

Centralize the management of your third parties in a singular, purpose-built third party risk management solution.

Discover the new standard in risk management

Get Started Today

NERC CIP Resources

DatasheetNERC CIP Compliance
DatasheetNew York Financial Services Cybersecurity
DatasheetCyber Security Training Course Overview

Explore Other Regulations

NIST CSF Compliance

Read more about NIST CSF Compliance

NIST CSF Compliance

Read more about NIST CSF Compliance

ISO 27001 Compliance & Certification

Read more about ISO 27001 Compliance & Certification

LinkedIn Twitter Facebook YouTube

1-866-297-0224

Thank you for subscribing! Please be sure that @navexglobal.com is on your company's safe sender list to ensure our emails reach your inbox!

Select Language & Region

English
English (EMEA)
Deutsch
Italiano
Français
Español

About NAVEX Global

Our Story
Blog
In the News
Press Releases
Events
Careers
Leadership Team

Terms of Service

Modern Slavery Act Statement
Privacy Statement
Terms of Use
Email Subscriptions
Cookie Preferences
English