Presentation is loading. Please wait.

Presentation is loading. Please wait.

Laura Scholl Managing Director of Stakeholder Outreach

Published byConnor Hibbs Modified over 10 years ago

Similar presentations

Presentation on theme: "Laura Scholl Managing Director of Stakeholder Outreach"— Presentation transcript:

1 Laura Scholl Managing Director of Stakeholder Outreach
WECC Compliance Open Webinar Thursday, April 18, 2013 2:00 pm MT

2 AGENDA EOP-005-2 – effective July 1, 2013 Reminder
BES Definition Process Update CIP Version 4 Transition Guidance Update and Audit Approach for FERC Remand on NERC Guidance for CIP- 002-R3 Audit Approach for FERC Remand on NERC Guidance for CIP-006 R1.1 US Entities / Periodic Data Submittal (PDS) / 2013 WECC Actively Monitored List (WECC AML) webCDMS Single User Sign On

3 Phil O’Donnell Manager, Operations and Planning Audits
EOP Reminder April 18, 2013

4 EOP-005-2 REMINDER EOP-005-2 is effective July 1, 2013
R1 requires all TOP’s to have a Restoration Plan “Approved by the RC” on that date. The RC’s related restoration standard EOP-006 specifies what they must do for a review of the TOP plans and gives them 30 days to complete the review.

5 EOP REMINDER As a reminder If TOP’s do not provide your restoration plans to the RC by June 1, 2013 it will be a challenge for you as a TOP to be compliant on July 1.  The compliance expectation is for all TOP’s to have an RC approved plan on July 1, 2013. If the TOP does not have an approved plan on July 1 due to late submittal of its plans for review to the RC it will be considered as non compliant for R1.

6 Questions? Phil O’Donnell Manager, Operations and Planning Audits

7 WECC Open Webinar April 18, 2013 CIP-002 Topics
Joseph B. Baugh, Ph.D., PMP, CISA, CISSP, CRISC, CISM Senior Compliance Auditor – Cyber Security WECC: Vancouver WA Office WECC Open Webinar April 18, 2013 CIP-002 Topics

8 Speaker Intro: Dr. Joseph Baugh
40 years of Electrical Utility Experience Transmission Lineman NERC Certified System Operator IT Manager & Power Operations Manager 20 years Information Technology & IT Security Experience Project Manager & IT Program Manager PMP, CISA, CISSP, CRISC, CISM, NSA-IAM/IEM certs 20 years of Educational Experience Degrees earned: Ph.D., MBA, BS-Computer Science Academic & Technical Course Teaching Experience Information Technology and IT Security Business Strategy, Leadership, and Management Project Management PMP, CISA, CISSP, CISM, ITIL, & Cisco exam preparation

9 Agenda 142 FERC ¶ 61,204 Docket No. RD12-5-000
Remanding CIP R3 Interpretation Impact on WECC CIP Audit Approach Update on NERC Transition Guidance for CIP-002-4

10 142 FERC ¶ 61,204 Docket No. RD Original interpretation was filed under CIP-002-3a R3. Although some language in the interpretation refers to CIP R3 (e.g., Section 4, p. 2), Sections 6 & 13 clarify the interpretation also applies to CIP R2 (FERC Order, 2013, pp. 4, 6) FERC agreed with NERC Q1 interpretation, but considered NERC Q2 interpretation to be faulty (FERC Order, 2013, Section 10, p. 5) However, the order remands entire NERC interpretation on CIP R2 as the original interpretation was approved on one balloting (FERC Order, 2013, Footnote 12 , p. 5)

11 142 FERC ¶ 61,204 Docket No. RD Laptops were primarily cited as an example, "the proposed interpretation fails to consider that a computer (e.g., a laptop) used by utility staff or contractors to control the functions and operations of a Critical Asset is, during such usage, 'inherent to or necessary for the operation of a Critical Asset,' and thus falls within the scope of CIP-002-4, Requirement R2" (FERC Order, Section 13, pp. 5-6). “laptop computers connected to an EMS network through the Internet and used to supervise control, optimize, and manage generation and transmission systems would be ‘considered essential’” (FERC Order, 2013, Section 17, p. 7) In addition, FERC stated the NERC Q2 “interpretation and petition do not provide adequate justification for leaving unprotected cyber assets (e.g., laptop computers) essential to the operation of associated Critical Assets” (FERC Order, 2013, Section 18, p. 7)

12 Impact on WECC CIP Audit Approach [Q1]
Minimal impact to WECC Audit Approach by FERC order on Q1 WECC Audit Approach considers the examples discussed in the Q1 interpretation: As illustrative, not prescriptive, and Provide a minimal list of Cyber Assets, associated with each Critical Asset identified pursuant to CIP R1, that should be considered relative to CIP R2, but Do not represent an exhaustive list of Cyber Assets that must be considered under CIP R2

13 Impact on WECC CIP Audit Approach [Q2]
Burden to demonstrate essentiality of Cyber Assets for operation of Critical Assets pursuant to CIP R2 still lies on entity shoulders. Due diligence in light of the FERC order indicates entities should: Consider definition of essential (NERC, Identifying Critical Cyber Assets, Section C, pp. 7-8) in Critical Cyber Asset Identification [CCAID] methodology Apply definition to inventory of Cyber Assets associated with each Critical Asset identified and documented pursuant to R2 Include an evaluation of all laptops, smart phones, and any other Cyber Assets which may be configured for or are capable of, controlling generation or transmission systems and meets one or more of the qualifying characteristics cited above Document all evaluations and CCA/non-CCA status of the inventory of all Cyber Assets associated with each Critical Asset identified pursuant to CIP R1

14 NERC CIP-002-4 Transition Guidance
During today’s (April 18, 2013) FERC Sunshine Meeting, FERC proposed a NOPR that would require Registered Entities to maintain compliance efforts with CIP version 3 until CIP version 5 is Approved NERC has advised a period of discussion to consider the FERC action and develop a common approach to future compliance efforts across all regions More details in light of the FERC proposal and its impact relative to the WECC Audit Approach will be forthcoming at the June CIPUG in Portland See you there

15 References FERC Order on Interpretation of Reliability Standard. (2013, March 21). 142 FERC ¶ 61, 204. Docket No. RD NERC. (2010, June 17). Security Guideline for the Electricity Sector: Identifying Critical Cyber Assets (v1.0). NERC. (2013, April 11). Cyber Security Standards Transition Guidance.

16 Questions? Joseph B. Baugh, Ph.D., PMP, CISA, CISSP, CRISC, CISM
Senior Compliance Auditor - Cyber Security Western Electricity Coordinating Council (WECC) 7400 NE 41st Street, Suite 160 Vancouver, WA  98662 jbaugh (at) wecc (dot) biz  (C) (O)

17 Mick Neshem Senior Compliance Auditor, Cyber Security
CIP-006 Interpretation Remand– Audit Implications April 18, 2013 WECC Webinar

18 CIP R1.1 Requirement Processes to ensure and document that all Cyber Assets within an Electronic Security Perimeter (ESP) also reside within an identified Physical Security Perimeter. Where a completely enclosed (“six-wall”) border cannot be established, the Responsible Entity shall deploy and document alternative measures to control physical access to the Critical Cyber Assets.

19 CIP-006 R1.1 NERC Interpretation Response Summary (CIP-006-4)
“… Since wiring is not included in the definition of “Cyber Asset,” Requirement R1.1 of CIP does not apply to wiring.” E-7_Order_Remaning_CIP-006-4_ pdf

20 CIP-006 R1.1 FERC Remand- Summary
“15. …We do not agree that the network cabling (i.e., wires) that gives a communication network its networking capability would be exempt from the CIP Reliability Standards…” E-7_Order_Remaning_CIP-006-4_ pdf

21 CIP-006-2 R1.1 NERC Existing Interpretation [Approved by FERC]
21 …” For Electronic Security Perimeter wiring external to a Physical Security Perimeter, the drafting team interprets the Requirement R1.1 as not limited to measures that are “physical in nature.” The alternative measures may be physical or logical, on the condition that they provide security equivalent or better to a completely enclosed (“six-wall”). Alternative physical control measures may include, but are not limited to, multiple physical access control layers within a non-public, controlled space. Alternative logical control measures may include, but are not limited to, data encryption and/or circuit monitoring to detect unauthorized access or physical tampering. E-7_Order_Remaning_CIP-006-4_ pdf

22 CIP-006 R1.1 FERC Remand- Summary
“23. First, by its plain language, the existing interpretation clearly applies to Electronic Security Perimeter wiring. Second, NERC states in the petition supporting the existing Commission-approved interpretation that “the interpretation request [in Docket No. RM ] discusses connections between multiple Physical Security Perimeters that reside within a single Electronic Security Perimeter.” Description of “Extended” ESP – WECC Audit Staff E-7_Order_Remaning_CIP-006-4_ pdf

23 CIP-006 R1.1 Remand- Summary

24 No access point required at each connection point between extended ESPs if encryption or other appropriate controls exist

25 WECC Audit Approach Doesn’t change
Require encryption or other appropriate controls to interconnect ESPs through multiple PSPs (Extended ESP concept) Discrete ESPs must have CIP-005 Access Points at each discrete ESP location. Cabling in between discrete ESPs is exempt from audit (encryption is always a good practice)

26 Questions? Michael (Mick) Neshem CISA, CISSP, CSSA
Senior Compliance Auditor - Cyber Security Western Electricity Coordinating Council (WECC) 7400 NE 41st Street, Suite 160 Vancouver, WA  98662 (C) (O)

27 Kim Israelsson Lead Data Analyst
US Entities Periodic Data Submittal (PDS) 2013 WECC Actively Monitored List (WECC AML) April 18, 2013 Compliance Open Webinar

28 Periodic Data Submittal (PDS)
PDS Reporting Matrix is available on the WECC Website Identifies PDS Standards Applicable Functions Reporting Due Dates Reporting Forms Submittal Method PDS Reporting Matrix is located here Go to select “Compliance,” then “United States,” then “Monitoring Processes,” and then “Periodic Data Submittal” Annual Request for UFLS data will be posted in webCDMS on May 1, 2013 Announcement and Training details will be communicated in the next week

29 2013 WECC Actively Monitored List (WECC AML)
Release of Version 2 of the 2013 WECC AML V2 Posted April 17, 2013 Version History has been added Document is located here Go to select “Compliance,” then “United States”

30 Support For process questions; Contact WECC Compliance Support

31 Questions? Kim Israelsson Lead Data Analyst
Western Electricity Coordinating Council 155 North 400 West, Suite 200 Salt Lake City, Utah 84103

32 Domenic Darling Data Analyst II
webCDMS Single User Sign On April 18, 2013 Compliance Open Webinar Added “webCDMS” Added “Compliance” Added “II” to your title

33 webCDMS Single User Sign On
Registered Entity Users will be able to access webCDMS for multiple entities using a single entity username Users will be able to consolidate accounts into a single username, password, and webCARES Digital Certificate Announcement and Training details will be communicated in the next week Added “webCDMS” to title Removed “for the ability of” from 1st bullet Removed “Two step process in webCDMS” Removed “to login” from first bullet Changed “Login” to “Sign On” to match the title slide

34 Support For process questions; Contact WECC Compliance Support

35 Questions? Domenic Darling Data Analyst II
Western Electricity Coordinating Council 155 North 400 West, Suite 200 Salt Lake City, Utah 84103

36 Laura Scholl Managing Director of Stakeholder Outreach
Upcoming Events

37 Upcoming Events Next Open Webinar - May 16, 2013
Compliance 101 Webinar - May 23, 2013 WECC CUG/CIPUG Meetings – Portland, OR CUG - June 4 - 5, 2013 CIPUG - June 6, 2013

38 Questions? Laura Scholl Managing Director of Stakeholder Outreach
(801)

Download ppt "Laura Scholl Managing Director of Stakeholder Outreach"

Similar presentations

Requirements Engineering Processes – 2

Requirements Engineering Processes – 2
2004 NERC, NPCC & New England Compliance Programs John Norden Manager, Operations Training, Documentation & Compliance August 31, 2003 RC Meeting.

2004 NERC, NPCC & New England Compliance Programs John Norden Manager, Operations Training, Documentation & Compliance August 31, 2003 RC Meeting.
June 27, 2005 Preparing your Implementation Plan.

June 27, 2005 Preparing your Implementation Plan.
NERC Policies Introduction

NERC Policies Introduction
Federal Energy Regulatory Commission July 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Task Group Chairman and Technical Contact Responsibilities ASTM International Officers Training Workshop September 2012 Scott Orthey and Steve Mawn 1.

Task Group Chairman and Technical Contact Responsibilities ASTM International Officers Training Workshop September 2012 Scott Orthey and Steve Mawn 1.
Business Practices Subcommittee Update August 17, 2010.

Business Practices Subcommittee Update August 17, 2010.
Business Practices Subcommittee Update February 2, 2010.

Business Practices Subcommittee Update February 2, 2010.
RECORD KEEPING Cooperative Development of Operational

RECORD KEEPING Cooperative Development of Operational
1 Introduction to Safety Management April 2006. 2 Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.

1 Introduction to Safety Management April Objective The objective of this presentation is to highlight some of the basic elements of Safety Management.
WECC/TEPPC Response to DOE Funding Opportunity Status Update June 29, 2009 Bradley Nickell Renewable Integration and Planning Director.

WECC/TEPPC Response to DOE Funding Opportunity Status Update June 29, 2009 Bradley Nickell Renewable Integration and Planning Director.
NERC TPL Standard Issues TSS Meeting #146 Seattle, WA August 15-17, 2007 Chifong Thomas.

NERC TPL Standard Issues TSS Meeting #146 Seattle, WA August 15-17, 2007 Chifong Thomas.
Standards Development and Approval Process Steve Rueckert Director of Standards Joint Guidance Committee WECC Leadership Annual Training Session Salt Lake.

Standards Development and Approval Process Steve Rueckert Director of Standards Joint Guidance Committee WECC Leadership Annual Training Session Salt Lake.
1 TSS Report PCC Meeting Salt Lake City, UT October 26-27, 2006.

1 TSS Report PCC Meeting Salt Lake City, UT October 26-27, 2006.
WECC Response to BAL-002-WECC-1 Remand Order December 10, 2010 WECC Board of Directors Meeting Steve Rueckert Director of Standards.

WECC Response to BAL-002-WECC-1 Remand Order December 10, 2010 WECC Board of Directors Meeting Steve Rueckert Director of Standards.
NERC Orientation Joint Guidance Committee WECC Leadership

NERC Orientation Joint Guidance Committee WECC Leadership
Standards Update WECC Board of Directors Technical Session December 5, 2007 Albuquerque, New Mexico Steve Rueckert Director of Standards.

Standards Update WECC Board of Directors Technical Session December 5, 2007 Albuquerque, New Mexico Steve Rueckert Director of Standards.
Notice of Proposed Rulemaking on Standards WECC Board of Directors Meeting December 7-8, 2006.

Notice of Proposed Rulemaking on Standards WECC Board of Directors Meeting December 7-8, 2006.
Western Electricity Coordinating Council Status of NERC Standards Activity WECC PCC Meeting March 6-7, 2008.

Western Electricity Coordinating Council Status of NERC Standards Activity WECC PCC Meeting March 6-7, 2008.
Market Interface Committee Recent Regulatory Activities Philip Tice October 14, 2011.

Market Interface Committee Recent Regulatory Activities Philip Tice October 14, 2011.

Similar presentations

Ads by Google