Manage NERC CIP Risk and Compliance
NERC CIP (the North American Electric Reliability Corporation Critical Infrastructure Protection program) is a set of international requirements intended to secure the critical infrastructure for North America's bulk electric system. The requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. NERC CIP compliance applies to companies – owners, operators, and users – that materially impact" the reliability of our bulk power system. While a compliance failure can be addressed, a cyber incident involving a utility could be disastrous, keeping risk and compliance managers awake at night.
The NERC requires policies for defining, monitoring, and changing the configuration of critical assets, as well as defined, dynamic policies governing access to those assets. Risk and compliance managers must develop standards, provide ongoing risk assessments, plan for business continuity in case of disruption, enforce IT controls, and share important information with different stakeholders around the company.
See how an IRM platform simplifies NERC CIP compliance