Status A 30-day informal comment period and nominations for SAR drafting team members for the Project 2019-03 Cyber Security Supply Chain Risks Standard Authorization Request (SAR) concluded at 8 p.m. Eastern, Thursday, August 1, 2019.
Background This project will address the directives issued by FERC in Order No. 850 to modify the Supply Chain Standards. FERC directed NERC to submit modifications to address EACMSs, specifically those systems that provide electronic access control to high and medium impact BES Cyber Systems. FERC directed NERC to submit the modified Reliability Standard including the directed revisions for approval within 24 months from the effective date of Order No. 850. In addition, NERC also recommends revising the Supply Chain Standards to address Physical Access Control Systems (PACS) that provide physical access control (excluding alarming and logging) to high and medium impact BES Cyber Systems. The modifications to address PACS do not have a regulatory deadline, but will be addressed by this project.
Standard(s) Affected – CIP-005-6 - Cyber Security - Electronic Security Perimeter(s) | CIP-010-3 - Cyber Security - Configuration Change Management and Vulnerability Assessments | CIP-013-1 - Cyber Security - Supply Chain Risk ManagementPurpose/Industry NeedThis project will address the directives issued by FERC in Order No. 850. This project will also address NERC staff recommendation from the Supply Chain Report.
Subscribe to the Project 2019-03 Cyber Security Supply Chain Risks Observer Distribution ListSelect "NERC Email Distribution Lists" from the "Applications" drop-down menu and specify “Project 2019-03 Cyber Security Supply Chain Risks Observer List” in the Description Box.
Standard Authorization Request (SAR)
Clean | Redline
07/02/19 - 08/01/19
home | account log-in/register | legal and privacy/trademark policy | site map | careers | contact us
Atlanta Office | 3353 Peachtree Road NE, Suite 600 North Tower, Atlanta, GA 30326 | 404-446-2560 Washington Office | 1325 G Street NW, Suite 600, Washington, DC 20005| 202-400-3000
Copyright 2017 North American Electric Reliability Corporation. All rights reserved.