NERC Submits Comments on NOPR Approving Reliability Standards CIP-013-1, CIP-005-6 and CIP-010-3

On March 26, 2018, in Docket No. RM17-13-000, NERC submitted comments regarding FERC's Notice of Proposed Rulemaking (NOPR) proposing to approve Reliability Standards CIP-013-1 (Cyber Security – Supply Chain Risk Management), CIP-005-6 (Cyber Security – Electronic Security Perimeter(s)) and CIP-010-3 (Cyber Security – Configuration Change Management and Vulnerability Assessments). In the NOPR, the Commission proposes to direct NERC to: (1) modify the CIP Reliability Standards to include Electronic Access Control and Monitoring Systems (EACMS), (2) evaluate the cyber security supply chain risks associated with Physical Access Control Systems (PACS) and Protected Cyber Assets (PCAs) in the study the NERC Board requested when it adopted the proposed Reliability Standards and (3) file the Board-requested interim and final study reports with the Commission. The Commission also proposes to reduce the 18-month implementation period to 12 months. NERC supports the Commission’s approval of the proposed Reliability Standards. However, NERC’s comments state that the Commission should refrain from issuing the proposed EACMS directive. NERC also opposes the modification to the implementation period.

To view NERC’s comments, click here.