NERC CIP Training:
NERC CIP Training Workshop Course with hands-on labs (Online, Onsite, and Classroom Live)
The NERC CIP Training Workshop set of standards was developed by the North American Electric Reliability Corporation (NERC) to ensure the protection of any assets used to operate North America’s Bulk Electric System (BES). Any entity that owns or operates any type of BES in the United States, Canada, and Mexico must be compliant with NERC CIP requirements.
This NERC Critical Infrastructure Protection (NERC CIP) Workshop provides a thorough review and analysis of NERC CIP standards currently subject to enforcement, as well as the ones that are subject to future enforcement. It discusses the history and background of NERC CIP, the process of development and implementation of new standards, the role of the Federal Energy Regulatory Commission (FERC) and Regional Entities, the reasons behind common compliance violations, and best practices for building an effective compliance program.
- 5 days of NERC CIP Training with an expert instructor
- NERC CIP Training Electronic Course Guide
- Certificate of Completion
- 100% Satisfaction Guarantee
- We can adapt this NERC CIP Training Workshop course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this NERC CIP Training Workshop course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the NERC CIP Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the NERC CIP Workshop course in a manner understandable to lay audiences.
The intended audience for our NERC CIP Training Workshop program are:
- Bulk Electrical System (BES) asset owners and operators
- Operations and support personnel
- Compliance managers, coordinators, and analysts
- Professionals responsible for Critical Infrastructure Protection
- Anyone who wants to learn more about the NERC CIP standards
NERC CIP Training – Objectives:
After attending this NERC CIP Training, you will be able to:
- Review the background for the NERC Critical Infrastructure Standards and discuss major recent revisions
- Review the scope and purpose of the NERC Critical Infrastructure Protection (CIP) standards
- Examine the NERC CIP requirements: Current version and upcoming revisions
- Assess the confidentiality provisions of the CIP standards
- Explain how violations are determined and identify which CIP standards are the most violated and why
- Discuss the challenges faced by utilities in defining a compliance program across the corporate functions necessary for CIP compliance (operations, information technology, corporate security, human resources, etc.)
- Define a culture of compliance and its importance in the compliance monitoring and enforcement process
- Examine strategies to build an internal CIP compliance program in such a diverse environment
- Analyze the audit process for CIP standards and demonstrate strategies for success before, during, and after an audit
NERC CIP Training – Course Outlines:
- Introduction to NERC, FERC, and NERC CIP
- A short history of NERC CIP
- What does it mean to comply with NERC CIP?
- Audit considerations
- The NERC standards development process
- Interpretation questions
- How a NERC CIP program works
- Fines are going up!
- What are the currently-enforceable CIP standards? What is coming soon?
- CIP-002: Sets scope for NERC CIP
- CIP-003: Security awareness, security training, security policies, and low-impact requirements
- The new version of CIP-003 coming on 1/1/20, including electronic access control for low-impact assets
- CIP-004: Personnel
- CIP-005: Firewalls, electronic security perimeters, interactive remote access
- CIP-006: Physical security of BES Cyber Systems
- CIP-007: Systems security management
- CIP-008: Incident response plans
- CIP-009: Backup and recovery plans
- CIP-010: Configuration management, security vulnerability assessments, laptops, and USB sticks
- CIP-011: Information protection, device disposal or reuse
- CIP-012: Protection of communications between control centers (coming 2021 or 2022?)
- CIP-013: Supply chain security (in force 7/1/20)
- CIP-014: Physical protection of key substations
- Current standards drafting initiatives
- Incorporating virtualization into the existing standards
- BES Cyber System information in the cloud
- Version 2 of CIP-013
- The biggest issue in NERC CIP today: Why can’t we put BES Cyber Systems in the cloud?
- Not a very happy story at this point
- However, it will inevitably happen
What’s the longer-term direction for NERC CIP?
- Risk-based standards
- “Real-time” standards development
- Will CIP be taken away from NERC and FERC?
NERC CIP Training Workshop Course Wrap-up
Whether you are looking for general information or have a specific question, we want to help!
Request More Information