Newsroom  •  Site Map  •  Contact NERC

  
Advanced Search
 
About NERC Standards Compliance Assessments Events Analysis Programs  

Security Guidelines

The Critical Infrastructure Protection Committee (CIPC) is tasked, by its Charter, to “Develop, periodically review, and revise (as appropriate) security guidelines. Issue guidelines in accordance with the process described in Appendix 1.”

The Security Guidelines page offers you the opportunity to keep track of all proposed new and updated security guidelines being developed by the CIPC. The development process was approved by CIPC in June 2008 and incorporates the procedures adopted by all the NERC technical committees. Click here to see a diagram of the overall process and the how other NERC committees and the public can participate.

Listed below are the drafts of (new or being updated) guidelines currently available for comments.  The listings below includes the formatted draft and a redline comparison.  The working documents can be found in the ESISAC library

The Security Guideline Process includes two key steps in the process which are:

  1. 30-day comment period (Step 9) within the sponsoring committee (CIPC).

  2. 45-day public comment period (Step 12).  

NERC welcomes and appreciates your comments on these documents.  Comments on the drafts are to be submitted to sgcomments@nerc.net

If you have any questions, please contact Bob Canada at bob.canada@nerc.net.
Critical Infrastructure Protection Security Guideline Development
Guideline Process
Step		 Comment
Period		 Comments
Received
Physical Security - Final Redline
Physical Security - Final Clean

Physical Security - Draft
Physical Security - Redline

Physical Security - Original Document		 Industry Review - Step 12
Comment Form		 2/2/12 - 3/19/12
Comments received during Step 12

Comments received
during Step 9
Protecting Sensitive Information Guideline - Draft
Protecting Sensitive Information Guideline - Redline

Protecting Sensitive Information Guideline - Original Document		 Industry Review - Step 12
Comment Form

CIPC Review - Step 9
Comment Form		 3/27/12 - 5/11/12


9/19/11 - 10/19/11		 Comments received during Step 9
Communications

CIPC Review - Step 12
12/3 CIPC Meeting

 - -
Emergency Preparedness CIPC Review - Step 12
12/3 CIPC Meeting		 - -
Vulnerability and Risk Assessment CIPC Review - Step 12
12/3 CIPC Meeting		 - -
Continuity of Business and Operational Functions - FINAL Approved

Continuity of Business and Operational Functions - Final Redline
Continuity of Business and Operational Functions - Final Clean
Business Processes and Operations Continuity - Draft
 Business Processes and Operations Continuity - Redline

 Business Processes and Operations Continuity - Original Document		 CIPC Approved
September 2011 Meeting

CIPC Review - Step 12
9/14 CIPC Meeting
 Comment Form		 6/24/11 - 8/04/11 Comments received during Step 12

Comments received during Step 9
Identifying Critical Cyber Assets - FINAL Approved

Identifying Critical Cyber Assets - Final Redline

Identifying Critical Cyber Assets - Clean
Identifying Critical Cyber Assets - Redline

Identifying Critical Cyber Assets - Original Document		 CIPC Approved
June 2010 Meeting

CIPC Review - Step 12
12/9 CIPC Meeting
Comment Form

 1/12/10 - 2/26/10 Comments received during Step 12

Comments received during Step 9
Identifying Critical Assets - FINAL Approved

Identifying Critical Assets - Final Redline

Identifying Critical Assets - Draft
Identifying Critical Assets - Redline

Identifying Critical Assets - Original Document		 CIPC Approved 
September 2009 Meeting

CIPC Review - Step 12
3/18 CIPC Meeting
Comment Form

 4/1/09 - 5/15/09

Comments received during Step 12

Comments received during Step 9
Time Stamping of Operational Data Logs - Final Redline
Time Stamping of Operational Data Logs - Final Clean

Time Stamping of Operational Data Logs - Draft
Time Stamping of Operational Data Logs - Redline		 CIPC Review - Step 12
12/3 CIPC Meeting
Comment Form		 4/15/09 - 5/29/09

Comments received during Step 12

 Comments received during Step 9
Information Protection - Draft
Information Protection - Redline		 CIPC Review - Step 9 12/2/08 - 1/31/09 -
Employment Background Screening - Draft
Employment Background Screening - Redline		 CIPC Review - Step 9 12/2/08 - 1/31/09 -


Legal and Privacy  :  404-446-2560 voice  :  3353 Peachtree Road  :  Suite 600, North Tower  :  Atlanta, GA  30326
Washington Office: 1325 G Street, N.W. : Suite 600 : Washington, DC 20005-3801





Copyright © 2012 by the North American Electric Reliability Corporation.  :  All rights reserved.
A New Jersey Nonprofit Corporation