NERC Standards CIP-002-3 through CIP-009-3 provide a cyber security framework for the identification and protection of Critical Cyber Assets to support reliable operation of the Bulk Electric System.
These standards recognize the differing roles of each entity in the operation of the Bulk Electric System, the criticality and vulnerability of the assets needed to manage Bulk Electric System reliability, and the risks to which they are exposed.

Business and operational demands for managing and maintaining a reliable Bulk Electric System increasingly rely on Cyber Assets supporting critical reliability functions and processes to communicate with each other, across functions and organizations, for services and data. This results in increased risks to these Cyber Assets.

Standard CIP-002-3 requires the identification and documentation of the Critical Cyber Assets associated with the Critical Assets that support the reliable operation of the Bulk Electric System. These Critical Assets are to be identified through the application of a risk-based assessment.


expand Category : Compliance ‎(2)
expand Category : Development History ‎(2)
CIP_V3_Implementation_Plan.pdfNuclear Implementation Plan
Critcal Cyber Asset_approved by CIPCl and SC for Posting with CIP-002-1, CIP-002-2, CIP-002-3.pdfReference: Identifying Critical Cyber Assets
Critcal_Asset_Identification_2009Nov19.pdfReference: Identifying Critical Assets
Imp-Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19.pdfImplementation Plan for Newly Identified CCAs and Newly Registered Entities
V3_Implementation_Plan_clean_last_approval_2009Nov19.pdfImplementation Plan