The North American Energy Reliability Corporation (NERC) establishes standards for Critical Infrastructure Protection (CIP) that North American Bulk Electric System (BES) operators must adhere to. Regional Reliability Organizations (RROs) will periodically perform audits of compliance and can levy heavy fines for non-compliance. The CIP consists of 12 constantly evolving standards to include:
- CIP-002: System Categorization
- CIP-003: Security Management Controls
- CIP-004: Personnel and Training
- CIP-005: Electronic Security Perimeter(s)
- CIP-006: Physical Security of BES Cyber Systems
- CIP-007: System Security Management
- CIP-008: Incident Reporting and Response Planning
- CIP-009: Recovery Plans for BES Cyber Systems
- CIP-010: Configuration Change Management and Vulnerability Assessments
- CIP-011: Cyber Security Information Protection
- CIP-013: Supply Chain Risk Management
- CIP-014: Physical Security
The BES operators are large organizations and wrapping their minds around meeting these constantly changing compliance processes using manual tools can be a daunting task. With years of experience in the utility sector, we saw this pain first hand having developed NERC/CIP compliance documents in support of a large new solar array. What if there was a better way to do this? What if creating NERC/CIP compliance documents had a Turbotax like experience with a guided wizard that let you easily create new documents in minutes while providing a robust set of tools for conducting audits and collecting evidence?
The C2 Labs Atlasity team has been hard at work building an automated platform to simplify compliance. We give you easy and free tools to get started with building NERC/CIP compliance documents and tracking related assessments, evidence collection, issues management/performance improvement, and other related compliance workflows. As of December 31, 2020, C2 Labs has announced that we officially support NERC/CIP compliance at the High, Medium, and Lower levels. Since you are already required to achieve compliance with NERC/CIP, why not use this opportunity to go digital and achieve true continuous compliance. Now is the time to get out of the manual audit and paperwork generation game and move into the future of compliance with Atlasity.
Contact Us today to learn more about how C2 Labs can help you meet your NERC/CIP requirements. If you are ready to start automating your compliance processes for creating and managing your NERC/CIP program, schedule a free demo today to learn how you can join our Open BETA program to leverage Atlasity to free your organization from bureaucracy by simplifying compliance. In addition to offering free tools, we have experienced cyber professionals who can assist you in creating robust NERC/CIP compliance documents that will help you pass audits with ease. With C2 Labs, our customers get software with a service to provide a concierge like experience for achieving NERC/CIP compliance.