| Insights | Electric Reliability Blog

FERC Approves Version 2 CIP Reliability Standards

On September 30, 2009, in Docket No. RD09-7, FERC issued an order approving revised Version 2 Critical Infrastructure Protection (CIP) Reliability Standards, to become effective April 1, 2010.  FERC Also approved NERC’s proposed Version 2 Implementation Plan.  However, FERC directed NERC to develop certain modifications to the Version 2 CIP Reliability Standards and submit such modifications in a compliance filing within 90 days.  Specifically, NERC must modify Reliability Standard CIP-006-2 through the NERC Reliability Standards development process to add a requirement on visitor control programs, including the use of visitor logs to document entry and exit to physical security perimeters of critical cyber assets.  In ordering this modification, the Commission acknowledges that 90 days is a tight schedule compared to the typical development of Reliability Standards but facility security is critically important and thus justifies the accelerated deadline.   In addition, the Commission directed NERC to develop a modification to Reliability Standard CIP-008-2, Requirement R1.6 regarding cyber-security incident response plans to remove a clarifying sentence pertaining to the testing of cyber security incident response plans that NERC added to the standard but which the Commission found to be unnecessary.  To read FERC’s order, click here.