We always comment that the pace of regulatory changes in our industry are increasing, and last Thursday was a great example. As you are likely aware, FERC approved version 5 of the Critical Infrastructure Protection reliability standards proposed by NERC on last Thursday, November 21. Version 5 represents a significant change in approach that will require a host of new activities for registered entities. Version 5 will affect, to a great degree, many of the entities that previously had few or no Critical Cyber Assets. One of the biggest unknowns is what will ultimately be required for the Low Impact designated facilities under the new criteria. We are tracking this particular development closely and will ensure that all are kept up with the latest information.
Please find the link to the CIP V5 Regulatory Bulletin below, which is a supplement to our monthly newsletter.
At GridSME, we are currently working with clients on implementing version 5. We can help answer questions or give guidance to your compliance program as you start to assess the necessary changes. Although the effective date of version 5 is not until 2016, we would strongly suggest starting your CIP V5 assessment and preparations as soon as possible. There are many things you’ll need to consider that may change how you are implementing projects, making decisions on facilities, access controls, etc. Starting your CIP version 5 transition now can help align your organization to be compliant on day one of the implementation date.
Please feel free to contact our office and talk with our compliance team regarding CIP version 5 changes and challenges.
We look forward to assisting you.
To leave a comment please click the “Leave a Comment” button under the headline of this post.