Call Us

EnglishEMEA + APAC / EnglishFrançaisDeutschItalianoEspañol
1-866-297-0224

Header Menu

Blog
Careers
Customer Support

ProductsExpand
Ethics & Compliance Solution
A comprehensive suite of ethics and regulatory compliance software.

NAVEX E&C

Integrated Risk Management Solution
Focused point products to help you make better risk-based decisions.

NAVEX IRM

Environmental, Social & Governance Solution
A Dynamic ESG Management Solution.

NAVEX ESG

Ethics & Compliance Management
+− Submenu
Policy & Procedure Management

Hotline & Incident Management

Ethics & Compliance Training
+− Submenu
Awareness Solutions

Course Library

Create a Custom Training Plan

Code of Conduct

COI Disclosure Management

Third-Party Monitoring & Screening

Industry Benchmarking

Integrated Risk Management
+− Submenu
IT Risk Management

Third-Party Risk Management

Privacy, Risk & Compliance Management

Operational Risk Management

Business Continuity Management

Health and Safety Management

Environmental, Social and Governance Management
+− Submenu
ESG Framework Management

Environmental Sustainability Management

Responsible Supply Chain Management

Conflict Minerals Management
SolutionsExpand
Download

Download

Download

Download

By Issue
+− Submenu
Diversity & Inclusion

Business Continuity

Data Privacy

Bribery & Corruption

Harassment & Discrimination

Retaliation

Conflicts of Interest

Cybersecurity

Regulatory Compliance

Organizational Culture

Corporate Fraud

Corporate Social Responsibility

ESG Compliance

ESG Reporting

Managing Third Parties

Compliance & Policy

GRC Management

Health and Safety

IT Risk

Operational Risk

By Role
+− Submenu
Risk & Compliance

Legal & Risk

Human Resources

Board of Directors

Audit

IT

Information Security

Procurement & Supply Chain

Quality Control

By Industry
+− Submenu
Healthcare

Financial Services

Manufacturing

Energy & Utilities

Food and Beverage

Government

Higher Education

Insurance

Life Sciences

Retail

Technology

Transportation & Logistics

By Regulation
+− Submenu
CCPA

FCPA

SOX

GDPR

HIPAA

ISO 27001

NERC CIP

NIST CSF

NYDFS

OSHA

PCI DSS

DOJ Corporate Compliance

EU Whistleblower Directive

UK Modern Slavery Act

UK Bribery Act

Sapin II
PricingExpand
ServicesExpand
Professional Services

Customer Success
+− Submenu
Implementation Services

NAVEX Community
ResourcesExpand
Benchmark Reports

Definitive Guides

White Papers

Case Studies

Use Cases

ROI Calculators

Webinars

CPE Credits

Compliance Next

ALL RESOURCES
CompanyExpand
Leadership Team

Corporate Responsibility

Partners

In the News

Press Releases

Events

Blog

Protecting Your Data

Customers

Working at NAVEX

Job Openings
Get In Touch
US + AMERICAS
1-866-297-0224

EMEA + APAC
+44 (0)20 8939 1650

Locations >

Thank you for your interest in NAVEX Global. We'll be in touch with you shortly. If you have any immediate questions, please give us a call at 1-866-297-0224.

NERC CIP Compliance

Speak with one of our experts to help you get started

Manage NERC CIP Risk and Compliance

NERC CIP (the North American Electric Reliability Corporation Critical Infrastructure Protection program) is a set of international requirements intended to secure the critical infrastructure for North America's bulk electric system. The requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. NERC CIP compliance applies to companies – owners, operators, and users – that materially impact" the reliability of our bulk power system. While a compliance failure can be addressed, a cyber incident involving a utility could be disastrous, keeping risk and compliance managers awake at night.

The NERC requires policies for defining, monitoring, and changing the configuration of critical assets, as well as defined, dynamic policies governing access to those assets. Risk and compliance managers must develop standards, provide ongoing risk assessments, plan for business continuity in case of disruption, enforce IT controls, and share important information with different stakeholders around the company.

See how an IRM platform simplifies NERC CIP compliance

What You Need

Risk Assessments

Lockpath’s assessment engine gathers, organizes and reports on critical risk-related information from the people closest to assets and business processes.

Prioritize Risks

ISO 27001 details the identifying and prioritizing of risks. Assign those risks to specific users for analysis with due dates and reminders.

Map ISO 27001 to Policies

Lockpath’s workflow ensures policies are mapped to the ISO 27001 standard. With any new or updated policy, the platform communicates policies to company employees with required acknowledgment and attestation.

Change Management

ISO 27001 is about continuous improvement. That requires making changes. Lockpath acts as a change-control mechanism, allowing you to plan, approve and track all changes in the ISMS. You can also forecast the impact of any changes.

Audit Prep

Automatically generate audit work-papers; gather and store evidence for audits; and assign audit findings to business and asset owners for investigation, remediation and escalation.

Steps You Can Take to Build an Effective Third Party Risk Management Program

Step 1

Define your organization’s risk based on industry, regulatory environment, number of third parties and other factors to define your risk profile.

Step 2

Screen all of your third parties against your organization's risk profile, reports on adverse media, politically exposed people and sanctions lists.

Step 3

Surface third parties that represent higher risk due to geographical location, type of business, contract value, and government relationships. Screen outcomes and conduct additional due diligence when applicable to protect your organization.

Step 4

Centralize the management of your third parties in a singular, purpose-built third party risk management solution.

Discover the new standard in risk management

Get Started Today

NERC CIP Resources

DatasheetNERC CIP Compliance
DatasheetNew York Financial Services Cybersecurity
DatasheetCyber Security Training Course Overview

Explore Other Regulations

NIST CSF Compliance

Read more about NIST CSF Compliance

NIST CSF Compliance

Read more about NIST CSF Compliance

ISO 27001 Compliance & Certification

Read more about ISO 27001 Compliance & Certification

LinkedIn Twitter Facebook YouTube

1-866-297-0224

Thank you for subscribing! Please be sure that @navexglobal.com is on your company's safe sender list to ensure our emails reach your inbox!

Select Language & Region

English
English (EMEA)
Deutsch
Italiano
Français
Español

About NAVEX

Our Story
Blog
In the News
Press Releases
Events

Terms of Service

Modern Slavery Act Statement
Privacy Statement
Terms of Use
Email Subscriptions
Cookie Preferences
Cookie Statement
English