Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 CIP-006-1 Physical Security of Critical Cyber Assets A Compliance Perspective Lew Folkerth CIP Compliance Workshop Baltimore, MD August 19-20, 2009 ©

Published byDominic Hardy Modified over 8 years ago

Similar presentations

Presentation on theme: "1 CIP-006-1 Physical Security of Critical Cyber Assets A Compliance Perspective Lew Folkerth CIP Compliance Workshop Baltimore, MD August 19-20, 2009 ©"— Presentation transcript:

1 1 CIP-006-1 Physical Security of Critical Cyber Assets A Compliance Perspective Lew Folkerth CIP Compliance Workshop Baltimore, MD August 19-20, 2009 © ReliabilityFirst Corporation

2 2 Governance Annotated Text of the Standard Annotations are NOT authoritative, they are commentary only Pre-audit questions Are intended to streamline the audit process Some go beyond what is required by the standard for informational purposes Are intended to help organize information used for compliance Are intended as a starting point for review of the compliance documentation The “plain language” of the standard will govern The only authoritative text in this presentation is that of the language of the standard. All else is opinion and intended practice and is subject to change. This presentation is for use by ReliabilityFirst Corporation and its member organizations only. Any other use requires the prior permission of ReliabilityFirst Corporation. © ReliabilityFirst Corporation

3 3 CIP-006-1 R1 Annotated Text R1. Physical Security Plan — The Responsible Entity shall create and maintain 1 a physical security plan, approved by a senior manager or delegate(s) 2 that shall address, at a minimum, the following: 1 While “implement” is not specifically stated, FERC Order 706 P 75 indicates that implementation of the Plan is expected. CIP-006-2 contains the requirement to “implement.” It is expected that CIP-006-2 will be in force by the time CIP-006-1 enters the “Auditably Compliant” stage. 2 CIP-003-1 R2 is not referenced here. Therefore, the senior manager need not be the same manager designated in CIP-003-1 R2. © ReliabilityFirst Corporation

4 4 CIP-006-1 R1 Annotated Text (cont’d) R1.1. Processes to ensure and document that all Cyber Assets within an Electronic Security Perimeter also reside within an identified Physical Security Perimeter. Where a completely enclosed (“six-wall”) border cannot be established, the Responsible Entity shall deploy and document alternative measures 3 to control physical access to the Critical Cyber Assets. 3 Order 706 P 560 requires any use of the “alternative measures” clause to be treated as a Technical Feasibility Exception. Physical Security Perimeter: The physical, completely enclosed (“six-wall”) border surrounding computer rooms, telecommunications rooms, operations centers, and other locations in which Critical Cyber Assets are housed and for which access is controlled. © ReliabilityFirst Corporation

5 5 CIP-006-1 R1 Annotated Text (cont’d) R1.2. Processes to identify all access points 4 through each Physical Security Perimeter and measures to control entry 5 at those access points. R1.3. Processes, tools, and procedures to monitor physical access to the perimeter(s). 4 Access points may consist of doors, windows, elevators and other such means of access. Generally, any opening in the six-wall boundary large enough to admit a person should be considered an access point. 5 Note that each entry to each Physical Security Perimeter must be controlled (and logged per R4). No mention is made of exit from the Physical Security Perimeter. © ReliabilityFirst Corporation

6 6 CIP-006-1 R1 Annotated Text (cont’d) R1.4. Procedures for the appropriate use of physical access controls as described in Requirement R3 including visitor pass management, response to loss, and prohibition of inappropriate use of physical access controls. R1.5. Procedures for reviewing access authorization requests and revocation of access authorization, in accordance with CIP- 004 Requirement R4. R1.6. Procedures for escorted access 6 within the physical security perimeter of personnel not authorized for unescorted access. 6 The definition of what it means to be escorted is not stated in the standard. The entity should make this determination as part of its Physical Security Plan. © ReliabilityFirst Corporation

7 7 CIP-006-1 R1 Annotated Text (cont’d) R1.7. Process for updating the physical security plan within ninety calendar days of any physical security system redesign or reconfiguration, including, but not limited to, addition or removal of access points through the physical security perimeter, physical access controls, monitoring controls, or logging controls. R1.8. Cyber Assets used in the access control and monitoring of the Physical Security Perimeter(s) shall be afforded the protective measures specified in Standard CIP-003, Standard CIP-004 Requirement R3, Standard CIP-005 Requirements R2 and R3, Standard CIP-006 Requirement R2 and R3, Standard CIP-007, Standard CIP-008 and Standard CIP-009. © ReliabilityFirst Corporation

8 8 CIP-006-1 R1 Annotated Text (cont’d) R1.9. Process for ensuring that the physical security plan is reviewed at least annually 7 7 See the discussion of time-based terminology in the CIP-002 presentation. © ReliabilityFirst Corporation

9 9 CIP-006-1 R1 Items for Consideration – Pre-audit 1.Describe the processes to ensure and document that all Cyber Assets within an Electronic Security Perimeter also reside within a Physical Security Perimeter. a.Describe any circumstances where alternative measures to control physical access to the Critical Cyber Assets were necessary. b.Do any communications networks within an Electronic Security Perimeter span multiple Physical Security Perimeters? Examples include network segments common to separate Physical Security Perimeters within the same building, network segments common to two or more buildings or structures on a common campus, and network segments common to two or more geographically disperse locations (including the use of technologies such as Ethernet over SONET). © ReliabilityFirst Corporation

10 10 CIP-006-1 R1 Items for Consideration – Pre-audit (cont’d) 2.How are all access points through the Physical Security Perimeter identified and access controlled? 3.How is physical access to the Physical Security Perimeter monitored? 4.Describe the following processes: a.Visitor pass management. b.Loss of physical access credentials. 5.How are personnel, including vendor and contractor staff, made aware of prohibited, inappropriate use of physical access controls? © ReliabilityFirst Corporation

11 11 CIP-006-1 R1 Items for Consideration – Pre-audit (cont’d) 6.How are requests for access authorization and access revocation reviewed? 7.Describe your escorted access process. How do you ensure continuous escort of visitors? 8.How do you ensure the physical security plan is updated within 90 days of any physical security system redesign or reconfiguration? 9.How do you ensure the physical security plan is reviewed at least annually? © ReliabilityFirst Corporation

12 12 CIP-006-1 R1 Possible Audit Approach For each Electronic Security Perimeter, identify the Responsible Entity’s associated physical security plan. The language of the standard indicates that each Entity must have one physical security plan. Note that the Responsible Entity may have one physical security plan per function for which the entity is registered. © ReliabilityFirst Corporation

13 13 CIP-006-1 R1 Possible Audit Approach (cont’d) For each physical security plan identified above, verify: The plan contains processes to ensure that all Cyber Assets within an Electronic Security Perimeter are also protected by a Physical Security Perimeter. The plan must require the establishment of a six- wall boundary where such a boundary is physically possible. If it is not possible to establish a six-wall boundary, then the plan must specify alternate measures to protect the Physical Security Perimeter. The plan contains processes to identify all access points through the Physical Security Perimeter. The plan contains measures to control access through the physical access points. The plan identifies processes, tools and procedures for monitoring physical access to the Physical Security Perimeter. © ReliabilityFirst Corporation

14 14 CIP-006-1 R1 Possible Audit Approach (cont’d) For each physical security plan identified above, verify: The plan contains procedures for the appropriate use of physical access controls. Said procedures shall address, at minimum: Visitor pass management; Response to loss of authentication credentials such as key, access card, etc. Prohibition of inappropriate use of physical access controls. This also requires a definition of inappropriate use. The plan contains or references procedures for authorization of physical access requests and for revocation of access privileges pursuant to CIP-004 R4. © ReliabilityFirst Corporation

15 15 CIP-006-1 R1 Possible Audit Approach (cont’d) For each physical security plan identified above, verify: The plan contains provisions for protecting Cyber Assets used in access control and monitoring of the Physical Security Perimeter. Such Cyber Assets must be afforded the protective measures as specified in: CIP-003-1 Requirements R1, R2, R3, R4, R5 and R6 CIP-004-1 Requirement R3 CIP-005-1 Requirements R2 and R3 CIP-006-1 Requirements R2 and R3 CIP-007-1 Requirements R1, R2, R3, R4, R5, R6, R7, R8 and R9 CIP-008-1 Requirements R1 and R2 CIP-009-1 Requirements R1, R2, R3, R4 and R5 © ReliabilityFirst Corporation

16 16 CIP-006-1 R1 Possible Audit Approach (cont’d) For each physical security plan identified above, verify: The plan contains a provision requiring a review of the physical security plan at least annually. © ReliabilityFirst Corporation

17 17 CIP-006-1 R1 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the Physical Security Perimeter documentation to ensure: All Cyber Assets within the associated Electronic Security Perimeter reside within the Physical Security Perimeter. Where physically possible, a six-wall boundary must be established as the Physical Security Perimeter. If it is not possible to establish said six-wall boundary, then the Responsible Entity must deploy alternate measures to protect the Physical Security Perimeter. Note that when a six-wall boundary is not possible, acceptance of risk is not an option. In such cases some form of alternate measure must be deployed to control entry to the Physical Security Perimeter. All access points through the Physical Security perimeter are identified. © ReliabilityFirst Corporation

18 18 CIP-006-1 R1 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the Physical Security Perimeter to ensure: The Physical Security Perimeter is completely enclosed by a six- wall boundary. In the case where an alternative measure to a six- wall boundary was implemented: Confirm that installation of a six-wall boundary was not possible; Confirm that the alternative measures are adequate to control access to the Critical Cyber Assets; and Confirm that the alternative measures have been implemented. For a sample of Cyber Assets within the associated Electronic Security Perimeter, examine the Cyber Asset to assure it resides within the Physical Security Perimeter. Procedures for unescorted access are observed. © ReliabilityFirst Corporation

19 19 CIP-006-1 R2 Annotated Text R2. Physical Access Controls — The Responsible Entity shall document and implement the operational and procedural controls 1 to manage physical access at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. The Responsible Entity shall implement one or more 2 of the following physical access methods: 1 Operational and procedural controls are those processes, whether implemented in hardware such as a card key system, or implemented as procedural instructions to people such as security guards, designed to control access to the Physical Security Perimeter. 2 FERC in Order 706 P 572 stated a preference for “defense in depth,” or implementation of two or more complementary security measures. Until this preference is adopted into the standard, one physical defensive measure is sufficient for compliance with CIP-006-1. © ReliabilityFirst Corporation

20 20 CIP-006-1 R2 Annotated Text (cont’d) R2.1. Card Key: A means of electronic access where the access rights of the card holder are predefined in a computer database. Access rights may differ from one perimeter to another. R2.2. Special Locks: These include, but are not limited to, locks with “restricted key” systems, magnetic locks that can be operated remotely, and “man-trap” systems. R2.3. Security Personnel: Personnel responsible for controlling physical access who may reside on-site or at a monitoring station 3. R2.4. Other Authentication Devices: Biometric, keypad, token, or other equivalent devices that control physical access to the Critical Cyber Assets. 3 A central station where multiple access points may be monitored by camera or other method. © ReliabilityFirst Corporation

21 21 CIP-006-1 R2 Items for Consideration – Pre-audit 1.Describe the operational and procedural controls are implemented to manage physical access at access points to the Physical Security Perimeter. a.Are there any physical access points for which 24- hour/7-day access control cannot be implemented? b.Are there any personnel, including vendors and contractors, who can bypass the physical access controls? For example, janitorial staff in a leased office environment. © ReliabilityFirst Corporation

22 22 CIP-006-1 R2 Possible Audit Approach For a sample of Physical Security Perimeters, examine the documentation of the physical access controls for each access point. Ensure the documentation addresses: Continuous control of access to the Physical Security Perimeter. The mechanism used to control access includes one or more of the following: Card key; Special locks; Security personnel; and/or Biometric, keypad, token or other authentication device. © ReliabilityFirst Corporation

23 23 CIP-006-1 R2 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the measures implemented to confirm control of entry at each access point. © ReliabilityFirst Corporation

24 24 CIP-006-1 R3 Annotated Text R3. Monitoring Physical Access — The Responsible Entity shall document and implement the technical and procedural controls for monitoring physical access 1 at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Unauthorized access attempts 2 shall be reviewed immediately 3 and handled in accordance with the procedures specified in Requirement CIP-008. One or more of the following monitoring methods shall be used 4 : 1 Monitoring requires the recognition of both authorized and unauthorized access attempts. 2 As there may be many innocuous reasons for an unauthorized access attempt to be signaled by an automated system, the entity will presumably investigate and filter out those innocuous unauthorized attempts before invoking the incident response provisions of CIP-008-1. © ReliabilityFirst Corporation

25 25 CIP-006-1 R3 Annotated Text (cont’d) R3. Monitoring Physical Access — The Responsible Entity shall document and implement the technical and procedural controls for monitoring physical access 1 at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Unauthorized access attempts 2 shall be reviewed immediately 3 and handled in accordance with the procedures specified in Requirement CIP-008. One or more of the following monitoring methods shall be used 4 : 3 The dictionary definition of “immediately” says, “Without interval of time.” In the context of this standard it should be understood as meaning “without unnecessary or undue delay.” 4 This is a rare case where the standard is prescriptive. The entity may implement alarms or human observation or both. By the language of the standard nothing else is acceptable. © ReliabilityFirst Corporation

26 26 CIP-006-1 R3 Annotated Text (cont’d) R3.1. Alarm Systems: Systems that alarm to indicate a door, gate or window has been opened without authorization. These alarms must provide for immediate notification 3 to personnel responsible for response 5. R3.2. Human Observation of Access Points: Monitoring of physical access points by authorized personnel as specified in Requirement R2.3. 3 The dictionary definition of “immediately” says, “Without interval of time.” In the context of this standard it should be understood as meaning “without unnecessary or undue delay.” 5 The personnel responsible for response are not necessarily those responsible for incident handling per CIP-008-1. © ReliabilityFirst Corporation

27 27 CIP-006-1 R3 Items for Consideration – Pre-audit 1.Describe the technical and procedural controls for monitoring physical access at access points to the Physical Security Perimeter. a.Are there any physical access points for which 24-hour/7-day access monitoring cannot be implemented? b.How are unauthorized access attempts detected and handled? © ReliabilityFirst Corporation

28 28 CIP-006-1 R3 Possible Audit Approach For a sample of Physical Security Perimeters, examine the documentation of the controls for monitoring physical access at each access point to ensure: Monitoring is performed continuously at each access point. Unauthorized access attempts are reviewed immediately. Unauthorized access attempts are handled in accordance with the incident response procedure developed pursuant to CIP- 008. One or both of the following methods is used: Alarm systems which provide immediate notification of unauthorized access attempts to response personnel; and/or Human observation of access points. © ReliabilityFirst Corporation

29 29 CIP-006-1 R3 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters: Examine the measures implemented to monitor entry at each access point. If any access point to the Physical Security Perimeter uses an alarm system, select one access point and observe the response as a representative of the Responsible Entity triggers the alarm system. Ensure designated response personnel are notified immediately. © ReliabilityFirst Corporation

30 30 CIP-006-1 R4 Annotated Text R4. Logging Physical Access — Logging shall record sufficient information to uniquely identify individuals 1 and the time of access twenty-four hours a day, seven days a week. The Responsible Entity shall implement and document the technical and procedural mechanisms for logging physical entry at all access points to the Physical Security Perimeter(s) using one or more of the following logging methods or their equivalent: 1 If shared or “loaner” credentials are used, such as in the case of a forgotten key card, some mechanism must be in place to uniquely identify the user of such credentials. © ReliabilityFirst Corporation

31 31 CIP-006-1 R4 Annotated Text (cont’d) R4.1. Computerized Logging: Electronic logs produced by the Responsible Entity’s selected access control and monitoring method. R4.2. Video Recording: Electronic capture of video images of sufficient quality to determine identity 2. 2 The resulting images must be able to reliably identify each individual gaining access. © ReliabilityFirst Corporation

32 32 CIP-006-1 R4 Annotated Text (cont’d) R4.3. Manual Logging: A log book or sign-in sheet, or other record of physical access maintained by security or other personnel 3 authorized to control and monitor physical access as specified in Requirement R2.3. 3 The language of this sub-requirement makes it clear that unsupervised sign-in is not permitted. © ReliabilityFirst Corporation

33 33 CIP-006-1 R4 Items for Consideration – Pre-audit 1.How is physical access logged? © ReliabilityFirst Corporation

34 34 CIP-006-1 R4 Possible Audit Approach For a sample of Physical Security Perimeters, examine the documentation of logging mechanisms at each access point to ensure: Logging of entry at the access point is continuous. Logging identifies the individual obtaining access. Logging identifies the date and time access was granted. Logging is performed using at least one of the following methods: Computerized logging; Video recording; or Manual logging. © ReliabilityFirst Corporation

35 35 CIP-006-1 R4 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the logging mechanisms at a sample of access points to ensure: Logging of entry at each access point is continuous. Logging identifies the individual obtaining access. If shared or “loaner” access credentials are sometimes used, ensure a log is kept of the assignment and return of these access credentials. If computerized logging is used, examine a sample of the log to ensure: Individuals are identified; and The date and time of access are recorded. © ReliabilityFirst Corporation

36 36 CIP-006-1 R4 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the logging mechanisms at a sample of access points to ensure: If video recording is used, review a sample of such recording to ensure the images are of sufficient quality to determine an individual’s identity. If manual logging is used, examine the log to ensure: Individual identities are recorded; The authorizing party is recorded; and Date and time of entry are recorded. © ReliabilityFirst Corporation

37 37 CIP-006-1 R5 Annotated Text R5. Access Log Retention — The responsible entity shall retain physical access logs for at least ninety calendar days. Logs related to reportable incidents shall be kept in accordance with the requirements of Standard CIP-008 1 1 Three calendar years © ReliabilityFirst Corporation

38 38 CIP-006-1 R5 Items for Consideration – Pre-audit 1.How are access logs retained for the required minimum 90-day period? 2.How are access logs related to reportable incidents retained for the required three-year period? © ReliabilityFirst Corporation

39 39 CIP-006-1 R5 Possible Audit Approach For the logs reviewed pursuant to Requirement R4 above, ensure the physical access logs are kept for at least 90 calendar days. Ensure provision is made to keep logs related to reportable incidents in accordance with the requirements of CIP-008-1. © ReliabilityFirst Corporation

40 40 CIP-006-1 R6 Annotated Text R6. Maintenance and Testing — The Responsible Entity shall implement a maintenance and testing program to ensure that all physical security systems under Requirements R2, R3, and R4 function properly. The program must include, at a minimum, the following: R6.1. Testing and maintenance of all physical security mechanisms on a cycle no longer than three years 1. 7 See the discussion of time-based terminology in the CIP-002 presentation. © ReliabilityFirst Corporation

41 41 CIP-006-1 R6 Annotated Text (cont’d) R6.2. Retention of testing and maintenance records 2 for the cycle determined by the Responsible Entity in Requirement R6.1. 2 The installation of a new physical security system may be reasonably presumed to have been the initial testing and maintenance of the system. Systems older than the cycle time identified in the testing and maintenance program must have been tested and maintained no longer than one cycle ago at the initial compliance date. In other words, a clock starts at the last documented testing and maintenance date (or the installation date) for each system. If the time on that clock exceeds the identified cycle time, then the testing and maintenance for that physical security system is overdue. © ReliabilityFirst Corporation

42 42 CIP-006-1 R6 Annotated Text (cont’d) R6.3. Retention of outage records 3 regarding access controls, logging, and monitoring for a minimum of one calendar year 4. 3 Retention of outage records implies the requirement to keep outage records. 4 See the separate discussion of time-based terminology above. This is an unusual situation in that records need only be kept for one calendar year. The most conservative reading of this language would indicate that outage records need be kept for only the current calendar year. Any correction of this deficiency must be done through an interpretation or revision of the standard via the standards development process. © ReliabilityFirst Corporation

43 43 CIP-006-1 R6 Items for Consideration – Pre-audit 1.How are physical access controls tested? Are physical access controls at high traffic, readily accessible sites (such as control centers) tested more frequently than remote, infrequently accessed sites (such as substations)? 2.How are outages of physical access control, logging, and monitoring systems detected and logged? © ReliabilityFirst Corporation

44 44 CIP-006-1 R6 Possible Audit Approach For each Physical Security Perimeter, identify the Responsible Entity’s associated maintenance and testing program for physical security systems. The language of the standard indicates that each Entity must have one maintenance and testing program. Note that the Responsible Entity may have one maintenance and testing program per function for which the entity is registered. © ReliabilityFirst Corporation

45 45 CIP-006-1 R6 Possible Audit Approach (cont’d) For each maintenance and testing program identified, ensure: The maintenance and testing program applies to all systems used for: Physical access control; Physical access monitoring; Physical access alerting; and Physical access logging. The maintenance and testing program ensures that all applicable systems function properly. © ReliabilityFirst Corporation

46 46 CIP-006-1 R6 Possible Audit Approach (cont’d) For each maintenance and testing program identified, ensure: The maintenance and testing program is executed on a cycle determined by the Responsible Entity. Said cycle may not be longer than three years. The maintenance and testing program requires records of the results of execution of the program to be kept for at least one full cycle. The maintenance and testing program requires outage records to be kept for all applicable systems. The maintenance and testing program requires a retention period of one calendar year for outage records. © ReliabilityFirst Corporation

47 47 CIP-006-1 R6 Possible Audit Approach (cont’d) For a sample of Physical Security Perimeters, examine the schedule for execution of the maintenance and testing program. If no execution of the program has yet occurred, no further action is needed. If an execution of the program has occurred, examine the records of the most recent execution of the program. For a sample of Physical Security Perimeters, examine the outage records for all applicable systems. Ensure the outage records are kept for at least one year. © ReliabilityFirst Corporation

Download ppt "1 CIP-006-1 Physical Security of Critical Cyber Assets A Compliance Perspective Lew Folkerth CIP Compliance Workshop Baltimore, MD August 19-20, 2009 ©"

Similar presentations

1 COMPUTER GENERATED & STORED RECORDS CONTROLS Presented by COSCAP-SA.

1 COMPUTER GENERATED & STORED RECORDS CONTROLS Presented by COSCAP-SA.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.

Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.
Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.

Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.
Lock Out/Tag Out Training 2012. Lock-Out/Tag-Out OSHA Definition. Lockout/Tagout (LOTO) refers to specific practices and procedures to safeguard employees.

Lock Out/Tag Out Training Lock-Out/Tag-Out OSHA Definition. Lockout/Tagout (LOTO) refers to specific practices and procedures to safeguard employees.
Software Quality Assurance Plan

Software Quality Assurance Plan
Section Six: Foreign Ownership, Control, or Influence (FOCI)

Section Six: Foreign Ownership, Control, or Influence (FOCI)
1 Compliance Guidance for Initial Compliance Review Dates Lew Folkerth 2Q2010 Webinar June 22, 2010.

1 Compliance Guidance for Initial Compliance Review Dates Lew Folkerth 2Q2010 Webinar June 22, 2010.
Cleveland School District Gerald Finley, Property Manager Friday, July 27, 2012.

Cleveland School District Gerald Finley, Property Manager Friday, July 27, 2012.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.
Darren T. Nielsen, M.Ad., CISA, CPP, PCI, PSP, CBRA, CBRM Senior Compliance Auditor, Cyber Security Salt Lake City, UT Office CIP-006 V3 to CIP-006 V5.

Darren T. Nielsen, M.Ad., CISA, CPP, PCI, PSP, CBRA, CBRM Senior Compliance Auditor, Cyber Security Salt Lake City, UT Office CIP-006 V3 to CIP-006 V5.
Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Ports and Services An Audit Approach ReliabilityFirst CIP Webinar Thursday, September 30, 2010 Lew Folkerth, Senior Engineer - Compliance.

1 Ports and Services An Audit Approach ReliabilityFirst CIP Webinar Thursday, September 30, 2010 Lew Folkerth, Senior Engineer - Compliance.
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Information Security Policies and Standards

Information Security Policies and Standards
IS Audit Function Knowledge

IS Audit Function Knowledge
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Computer Security: Principles and Practice

Computer Security: Principles and Practice

Similar presentations

Ads by Google