Beyond NERC CIP: Maintaining Compliance While Reducing Risk

Far more than just a synopsis of NERC CIP (North American Electric Reliabilty Corporation - Critical Infrastructure Protection) requirements, this course familiarizes participants with the NERC CIP in the broader context of ICS (Industrial Control System) security. Acknowledging the fact that compliance does not guarantee security, the course emphasizes achieving NERC CIP compliance while realistically strengthening the organization's security posture.
Familiarity with the North American Bulk Power Generation, Distribution & Delivery Systems.Fundamentals of IT Security (Suggested)Protecting Industrial Control Systems (Suggested)
1 Day/Lecture & Lab
This course is designed for managers and administrators seeking to maintain and broaden the scope of their cyber-assets coverage through the strategic implementation NERC CIP requirements.
  • Introduction
  • ICS Security Concepts and Terms
  • NERC CIP-001: Sabotage Reporting
  • NERC CIP-002: Critical Cyber Asset Identification
  • NERC CIP-003: Security Management Controls
  • NERC CIP-004: Personnel and Training
  • NERC CIP-005: Electronic Security Perimeter(s)
  • NERC CIP-006: Physical Security
  • NERC CIP-007: Systems Security Management
  • NERC CIP-008: Incident Reporting and Response Planning
  • NERC CIP-009: Recovery Plans for Critical Cyber Assets
  • Summary Review
  • Appendix Quiz Answers
  • Appendix Developing Policies and Procedures

Related Scheduled Courses