![Page 1: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/1.jpg)
Update in NERC CIP Activities
September 4, 2014
![Page 2: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/2.jpg)
2
• Update on CIP-014-1 • Update on Revisions to CIP Version 5
-x Posting v6 Posting
• Questions
Agenda
![Page 3: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/3.jpg)
• NOPR for FERC Approval Issued July 17 Comments Due Sept 8 Comment Responses Sept 22
• Adopted by NERC Board of Trustees May 13• Approved by Industry Final Ballot May 5• FERC Directive March 7
Key Dates: Project 2014-04 Physical Security (CIP-014-1)
![Page 4: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/4.jpg)
• CIP Standards Revisions 45-day comment period Sept 3 – Oct
17 Ballot Oct 8-17 Non-Binding Poll (VRF/VSL) Oct 8-17 RSAWs Sept 17** SDT meeting, Austin TX Oct 22-24 Final Ballot
Oct 31 – Nov 10**
**Expected date
Key DatesCIP-002 to CIP-011 Revisions
![Page 5: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/5.jpg)
• CIP-003-6 R2 for Low Impact Assets Requires implementation of one or more documented cyber security
plan(s) Attachment 1 includes required elements or options that may be
selected to address: o Cyber security o Physical access controlso Electronic access controlso Cyber Security Incident response
Attachment 2 includes detailed measures for demonstrating compliance Introduces 2 new definitions
o Low Impact BES Cyber System Electronic Access Points (LEAP)o Low Impact External Routable Connectivity (LERC)
Significant Changes to CIP-003-6
![Page 6: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/6.jpg)
• CIP-010-2 R4 for Transient Devices Requires implementation of one or more documented plan(s) Attachment 1 includes required elements or options that may be
selected to address: o Transient Cyber Asset(s) Owned or Managed by the Responsible Entityo Transient Cyber Asset(s) Owned or Managed by Vendors or Contractorso Removable Media
Attachment 2 includes detailed measures for demonstrating compliance Modifies 2 definitions, based on comments
o Transient Cyber Asset o Removable Media
Significant Changes to CIP-010-2
![Page 7: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/7.jpg)
• Single ballot for IAC language removal. These proposed standards will be version X for the ballot.
o CIP-003-X o CIP-004-X o CIP-007-X o CIP-010-X o CIP-011-X
• Separate ballots for language changes Low Impact Assets and Transient Devices.
o CIP-003-6o CIP-010-2o Definitions – Lowso Definitions – TDo IP-v6
CIP-002 to CIP-011 Revision Postings
![Page 8: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/8.jpg)
CIP-002 to CIP-011 Revision Postings
![Page 9: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/9.jpg)
9
![Page 10: Update in NERC CIP Activities September 4, 2014](https://reader035.vdocuments.us/reader035/viewer/2022062321/56813b49550346895da4352a/html5/thumbnails/10.jpg)
• Project 2014-02 CIP Standards Version 5 Revisions http://www.nerc.com/pa/Stand/Pages/Project-2014-XX-Critical-
Infrastructure-Protection-Version-5-Revisions.aspx
• Project 2014-04 Physical Security http://www.nerc.com/pa/Stand/Pages/Project-2014-04-Physical-
Security.aspx
References