Project 2019-02 BES Cyber System Information Access Management

Status
The 45-day comment period, additional ballots, and non-binding polls for the Project 2019-02 BES Cyber System Information Access Management concluded at 8 p.m. Eastern, Monday, September 21, 2020 for the following Standards and Implementation Plan:

          CIP-004-7 - Cyber Security - Personnel & Training
          CIP-011-3 - Cyber Security - Information Protection
          Implementation Plan

Background
This initiative enhances BES reliability by creating increased choice, greater flexibility, higher availability, and reduced‐cost options for entities to manage their BES Cyber System Information, by providing a secure path towards utilization of modern third‐party data storage and analysis systems. In addition, the proposed project would clarify the protections expected when utilizing third‐party solutions (e.g., cloud services).

Standard(s) Affected – CIP-004-6 - Cyber Security - Personnel & Training | CIP-011-2 - Cyber Security - Information Protection

Purpose/Industry Need
The purpose of this project is to clarify the CIP requirements related to BES Cyber System Information (BCSI) access, to allow for alternative methods, such as encryption, to be utilized in the protection of BCSI.

Draft	Actions	Dates	Results	Consideration of Comments
Draft 2 CIP-004-7 Clean \| Redline to Approved \| Redline to Last Posted CIP-011-3 Clean \| Redline to Approved \| Redline to Last Posted Implementation Plan Clean \| Redline Supporting Materials Unofficial Comment Form (Word) Technical Rationale CIP-004-7 CIP-011-3 updated VRF/VSL Justifications* CIP-004-7 CIP-011-3 Mapping Documents CIP-004-7 CIP-011-3	Additional Ballot Info Vote	09/11/20– 09/21/20	Ballot Results CIP-004-7 CIP-011-3 Implementation Plan Non-Binding Poll Results CIP-004-7 CIP-011-3
	Comment Period Info Submit Comments	08/06/20– 09/21/20	Comments Received
Draft 1 CIP-004-7 Clean \| Redline updated CIP-011-3* Clean \| Redline Implementation Plan Supporting Materials Unofficial Comment Form (Word) Technical Rationale CIP-004-7 CIP-011-3 VRF/VSL Justifications CIP-004-7 CIP-011-3 Mapping Documents CIP-004-7 CIP-011-3	Initial Ballot Info Vote	01/24/20– 02/03/20	Ballot Results CIP-004-7 CIP-011-3 Implementation Plan Non-binding Poll Results CIP-004-7 CIP-011-3	Consideration of Comments
	Comment Period Info Submit Comments	12/20/19– 02/03/20	Comments Received
	Join Ballot Pools	12/20/19– 01/20/20	Comments Received
Standard Authorization Request (SAR) Clean \| Redline	The Standards Committee accepted the corrected SAR on November 20, 2019
Supplemental Drafting Team Nominations Supporting Materials Unofficial Nomination Form (Word)	Nomination Period Info Submit Nominations	08/22/19 - 09/20/19
Standard Authorization Request (SAR) Clean \| Redline	The Standards Committee accepted the SAR on July 24, 2019
Drafting Team Nominations Supporting Materials Unofficial Nomination Form (Word)	Nomination Period Info Submit Nominations	03/28/19 - 04/26/19
Standard Authorization Request Supporting Materials Unofficial Comment Form (Word)	Comment Period Info Submit Comments	03/28/19 - 04/26/19	Comments Received	Consideration of Comments

Project2019-02BCSIAccessManagement // <![CDATA[ _spBodyOnLoadFunctionNames.push("setupPageDescriptionCallout"); // ]]>

Project2019-02BCSIAccessManagement