Project 2019-03 Cyber Security Supply Chain Risks

Related Files

Status
A 30-day informal comment period and nominations for SAR drafting team members for the Project 2019-03 Cyber Security Supply Chain Risks Standard Authorization Request (SAR) concluded at 8 p.m. Eastern, Thursday, August 1, 2019.

Background
This project will address the directives issued by FERC in Order No. 850 to modify the Supply Chain Standards. FERC directed NERC to submit modifications to address EACMSs, specifically those systems that provide electronic access control to high and medium impact BES Cyber Systems. FERC directed NERC to submit the modified Reliability Standard including the directed revisions for approval within 24 months from the effective date of Order No. 850. In addition, NERC also recommends revising the Supply Chain Standards to address Physical Access Control Systems (PACS) that provide physical access control (excluding alarming and logging) to high and medium impact BES Cyber Systems.  The modifications to address PACS do not have a regulatory deadline, but will be addressed by this project.

Standard(s) Affected –  CIP-005-6 - Cyber Security - Electronic Security Perimeter(s) | CIP-010-3 - Cyber Security - Configuration Change Management and Vulnerability Assessments | CIP-013-1 - Cyber Security - Supply Chain Risk Management

Purpose/Industry Need
This project will address the directives issued by FERC in Order No. 850. This project will also address NERC staff recommendation from the Supply Chain Report.

Subscribe to the Project 2019-03 Cyber Security Supply Chain Risks Observer Distribution List
Select "NERC Email Distribution Lists" from the "Applications" drop-down menu and specify “Project 2019-03 Cyber Security Supply Chain Risks Observer List” in the Description Box.
 

DraftActionsDatesResultsConsideration of Comments


Standard Authorization Request (SAR)

Clean | Redline


The Standards Committee accepted the SAR on October 23, 2019
Drafting Team Nominations

Supporting Materials

Unofficial Nomination Form (Word)
Nomination Period

Info

Submit Nominations
07/02/19 - 08/01/19
 
 
Supporting Materials
 

 

Comment Period

Info 

Submit Comments

 

07/02/19 - 08/01/19​

 

Comments Received