February 6, 2016

NERC CIP

Automated, continuous verification of NERC CIP compliance

 

NERC CIP

The North American Electric Reliability Corporation (NERC) defines the requirements for planning and operating North America’s bulk electric system.

This includes establishing the Critical Infrastructure Protection (CIP) Cyber Security Standards, which are the controls and processes that utilities must implement to protect the North American power grid. Utilities that don’t implement the standards put the grid at risk and may be subject to millions of dollars in fines.

We not only help you implement the controls and processes, we make it easy and cost-effective to do so. SignaCert® Integrity™ proves NERC compliance by assessing all the systems that you deployed against approved references, automatically and continuously.

SignaCert® Integrity™ generates an audit trail that proves that you have deployed only approved and documented changes to the systems you manage. This dramatically reduces the cost of audits.

SignaCert® Integrity™ proves NERC compliance by:

  • Verifying that systems are compliant with NERC standards
  • Detecting and alerting when unauthorized changes occur
  • Generating reports that demonstrate historical NERC compliance

Below are just a few examples of the NERC controls that Integrity verifies continuously.

  • CIP-005: Electronic Security Perimeter(s)
  • CIP-007: Systems Security Management
  • CIP-010: Configuration Change Management and Vulnerability Assessments