1. CIPC Executive Committee Update-1 CIPC Meeting Long Beach CA March 17, 2005 Pat Laird Vice Chair Public Release

2. CIPC Executive Committee Activities ● Feedback from Feb 8 NERC Board meeting ● Relationship with governments ● CIPC Work Plan  2005 Work Plan, 2006 Business Plan  Review of WG and TF work plans  CIPC member commitment

3. CIPC Exec Ctee Meeting with Mike Gent ● Dec 14/04, opportunity to discuss key issues, Work Plans and priorities ● Mike expressed appreciation for CIPC’s 2005 results ● CIPC’s contribution to NERC 2006 Business Plan drafted for CIPC review and comment (ref. agenda package) ● Mike confirmed support for CIPC’s efforts, provided some insight re: NERC’s evolving relationships with DOE, DHS  DHS continues to appreciate the ESISAC as a valued single point for the ES

4. Feedback - Feb 8 NERC Board meeting ● No CIPC items for approval this time ● Version 0 Reliability Standards approved (a big deal) ● “subdued optimism” expressed that reliability legislation will be passed ● Alison Silverstein (under contract with DOE) presented a paper “Organizing the Next Blackout Investigation”  well-received by NERC Board  originally conceived to describe how to perform a post-incident technical review  with CIPC input, scope includes response/recovery from an event, role of the ESISAC, recognize heightened interest surrounding security incidents  expect CIPC involvement in addressing these recommendations ● Delores Etter expressed thanks for recent meeting with some CSSWG members to share biometrics experiences  Next steps opportunity, possibly with Unisys

5. Relationships with Governments ● NERC confirmed as Electricity Sector Coordinating Council  Nov 26/04 letter from Mike Gent to Bob Liscouski  Identifies Mike Gent and CIPC Exec Ctee as ES reps  Letter confirms that “All are aware of this request, have the capability and responsibility vested by the stakeholders to act in the stakeholders interest, and are willing to serve.” ● Guidelines vs Standards for c ompliance p urposes  Concern by some industry people that regulators may reference our Guidelines for compliance purposes (eg. FERC Rule 106)  NERC TSC has drafted a document to clarify intent, development and approval process for all NERC documentation (presented at Mar 16 Joint Ctee meeting)  NERC guidelines, reference material, white papers, etc… not just Standards continue to be valued by NERC Ctees and members

6. Relationships with Governments ● Canada-US Joint TF Blackout Recommendations  CIPC EC provided Jan 8/05 update on security-related recommendations  Some items completed, the rest are underway and expected to be complete during 2005  Government TF expected to disband by April 2005 ● Recent request by FERC for industry comments on their CEII process  Your opportunity to express specific concerns based on experience  Otherwise, they will conclude all is well !

7. International Electricity Infrastructure Assurance Forum (IEIAF) ● Inaugural meeting Nov 18-19/04, Sydney, AUS confirmed general support for broad information sharing  standards, references, good practices, threat assessments ● North American attendees  Mike Assante, Stuart Brindley, Larry Brown, Jeff Dagle ● Industry and governments from Australia, New Zealand, US, Canada, UK

8. CIPC Work Plans ● Exec Ctee continues to support WG/TF Chairs with ensuring work continues within scope and on-schedule (we’re here to help) ● WG and TF chairs have submitted revised Work Plans for Exec Ctee review ● No changes in scope of WG/TF, changes clarify deliverables and timing ● WG/TF Chairs and Exec Ctee are reviewing assignment of CIPC members to WG/TFs  ensure adequate resources are in place to achieve deliverables  ensure appropriate contribution of asset owners/operators  balance contribution by individual CIPC members ● CIPC meeting agenda  Acted on CIPC member feedback that agenda should include additional take-away information items, not just CIPC business items, eg.  case study experience of security incidents  practical security tools or solutions