StatusA 45-day formal comment period for the Project 2019-02 BES Cyber System Information Access Management concluded at 8 p.m. Eastern, Monday, February 3, 2020 for the following Standards and Implementation Plan:
CIP-004-7 - Cyber Security - Personnel & Training CIP-011-3 - Cyber Security - Information Protection Implementation Plan
BackgroundThis initiative enhances BES reliability by creating increased choice, greater flexibility, higher availability, and reduced‐cost options for entities to manage their BES Cyber System Information, by providing a secure path towards utilization of modern third‐party data storage and analysis systems. In addition, the proposed project would clarify the protections expected when utilizing third‐party solutions (e.g., cloud services).
Standard(s) Affected – CIP-004-6 - Cyber Security - Personnel & Training | CIP-011-2 - Cyber Security - Information Protection
Purpose/Industry NeedThe purpose of this project is to clarify the CIP requirements related to BES
Cyber System Information (BCSI) access, to allow for alternative methods, such
as encryption, to be utilized in the protection of BCSI.
CIP-004-7Clean | Redline *updated
CIP-011-3Clean | Redline
Unofficial Comment Form (Word)
Non-binding Poll Results
Join Ballot Pools
08/22/19 - 09/20/19
03/28/19 - 04/26/19
Consideration of Comments
home | account log-in/register | legal and privacy/trademark policy | site map | careers | contact us
Atlanta Office | 3353 Peachtree Road NE, Suite 600 North Tower, Atlanta, GA 30326 | 404-446-2560 Washington Office | 1325 G Street NW, Suite 600, Washington, DC 20005| 202-400-3000
Copyright 2020 North American Electric Reliability Corporation. All rights reserved.