Statement on January FERC Open Meeting
WASHINGTON, D.C. – The Federal Energy Regulatory Commission took action on two items related to reliability at its open meeting today.
FERC issued a notice of proposed rulemaking (NOPR) proposing to approve new and modified Reliability Standards to address supply chain risk management. Proposed new Reliability Standard CIP-013-1 (Cyber Security – Supply Chain Risk Management) and the proposed modifications to Reliability Standards CIP-005-6 (Cyber Security – Electronic Security Perimeter(s)) and CIP-010-3 (Cyber Security – Configuration Change Management and Vulnerability Assessment) are intended to augment current Critical Infrastructure Protection standards to mitigate cyber security risks associated with the supply chain for grid-related cyber systems.
In the NOPR, FERC proposes to direct NERC to modify the proposed standards to address supply chain risk management for Electronic Access Control and Monitoring Systems associated with medium- and high-impact BES Cyber Systems. FERC also proposes to direct NERC to evaluate the supply chain risks presented by Physical Access Control Systems and Protected Cyber Assets as part of a study already proposed by the NERC Board to evaluate the scope and effectiveness of the proposed standards.
FERC also issued Order No. 840 approving EOP-004-4 (Event Reporting), EOP-005-3 (System Restoration from Blackstart Resources), EOP-006-3 (System Restoration Coordination) and EOP-008-2 (Loss of Control Center Functionality). These Emergency Preparedness and Operations (EOP) Reliability Standards enhance the requirements for Emergency Operations, including the communication and coordination amongst reporting entities.
NERC staff will continue the work with FERC and stakeholders toward assuring the reliability of the North American bulk power system.

FERC Press Release
Posted On: 01/18/2018