1 / 41

WELCOME

WELCOME. WECC COMPLIANCE OUTREACH OPEN WEBINAR November 15, 2012. Agenda . CAR-005 Attachment G Program Administration Updates Upcoming Events. CIP-005 Compliance Analysis Report. http://www.nerc.com/files/CIP-005_Compliance_Analysis_Report.pdf. Compliance Analysis Reports (CAR).

bree
Download Presentation

WELCOME

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. WELCOME WECC COMPLIANCE OUTREACH OPEN WEBINAR November 15, 2012

  2. Agenda • CAR-005 • Attachment G • Program Administration Updates • Upcoming Events

  3. CIP-005Compliance Analysis Report http://www.nerc.com/files/CIP-005_Compliance_Analysis_Report.pdf

  4. Compliance Analysis Reports (CAR) • Analysis of highly violated standards. These reports provide statistical information regarding violations as well as insight on potential causes of the violationsand suggested enhancements.

  5. Internal Controls • “An entity should have a system of internal controls to ensure all Cyber Assets within an ESP are identified, documented and protected.” (page 13)

  6. No Impact to CIP-002-3 • Identify and document the Critical Assets pursuant to R2 with the application of your CAID • Identify and document any Critical Cyber Assets pursuant to R3 with the application of your CCAID • Proceed with CIP-005-3a (and refer to CAR-005) (Page 4)

  7. CIP-005 Process • Draw the ESP around the CCAs identified and documented pursuant to CIP-002-3 R3. • After the ESP boundary has been defined: • Identify all Cyber Assets within the ESP • Identify the ESP access points • Identify the Cyber Assets that perform access control and monitoring of the ESP • Perform annually a cyber vulnerability assessment of all the electronic access points to the ESP • Document the results of the identification and implementation process (Page 4)

  8. Identifying the ESP Access Points • “If traffic enters or leaves the ESP, there is an associated access point allowing for that communication flow.” (page 5)

  9. CIP-005-3a R1.1 • “Access points to the Electronic Security Perimeter(s) shall include any externally connected communication end point (for example, dial-up modems) terminating at any device within the Electronic Security Perimeter(s).” http://www.nerc.com/files/CIP-005-3a.pdf

  10. Where is the problem? Solution? Field devices sending data into the ESP via serial connections

  11. Non-routable data traffic crossing an ESP boundary • “A common error is to presume that an electronic access point is only required for routable networks. In fact, any data traffic that crosses the ESP requires an electronic access point somewhere.” (Page 11)

  12. Identifying the ESP Access Points • “If traffic enters or leaves the ESP, there is an associated access point allowing for that communication flow.” (page 5)

  13. Questions ? Morgan King CISSP-ISSAP, CISA Senior Compliance Auditor, Cyber Security Western Electricity Coordinating Council mking@wecc.biz Cell: 801.608.6652 Office: 801.819.7675

  14. Tim ReynoldsCompliance Engineer - Enforcement Follow up to Attachment G Nov 15, 2012

  15. Agenda • What is Attachment G • When is Attachment G Used • Where can you find it • How does someone use it

  16. What is Attachment G • Developed by WECC to help review the maintenance and testing program for PRC-005, 008, 011, 017 • Helps auditors by showing: • Devices in scope of the standard • Maintenance and Testing intervals

  17. When is Attachment G Used • Audits • Self Reports • Evidence for Completion of Mitigation Plan In addition, please see the PRC-005 presentation from the Sept 2012 CUG for why it is used http://www.wecc.biz/20121015/Lists/Minutes/1/2012%2010%2016%20Reynolds%20PRC-005%20v5.pdf

  18. Where can you find Attachment G • Go to WebCDMS • On the Tab Bar go to Compliance and select Document Download

  19. Where can you find Attachment G • The document will be found under the document name “Attachment G Supplement” • Open the .xlsx spreadsheet

  20. How does someone use it • Instructions Tab: • Basic instructions and summary about each tab • Examples Tab • PRC-005 Transmission Substations Tab • List the substations operating at ≥100 kV including elements designated as BES, or are associated with blackstart cranking paths. • PRC-005 Transmission Devices Tab • List transmission Protection System devices within each of the substations.

  21. How does someone use it

  22. Summary • The Attachment G is available in WebCDMS • The spreadsheet needs to be completed for all audit, self reports, and completion of mitigation plans • The spreadsheets needs to be filled out correctly

  23. Summary • If you have questions during an audit please contact the Compliance Program Coordinator assigned to the audit • If you have questions for a Self Report or Completion of a Mitigation Plan please contact Brent Read (bread@wecc.biz) or Tim Reynolds (treynolds@wecc.biz)

  24. Tim Reynolds Compliance Engineer - Enforcement (801) 883-6883 treynolds@wecc.biz Questions?

  25. Kim IsraelssonLead Data Analyst Self-Certification Schedule US Registered Entities Periodic Data Submittals November 15, 2012 Compliance Open Webinar

  26. What’s in it for Me? • One Schedule for US Registered Entities • Reporting Period January 1 – December 31 • Significant Increase in “Submittal Period” • Eliminates Confusion

  27. What Changed? • Self-Certification Notice: • Will be sent on December 14, 2012 to all US Registered Entities • Forms will be posted and available in webCDMS • Reporting Period: • Entities who submitted in January 2012, the upcoming reporting period will be: • January 1, 2012 through December 31, 2012 • Entities who submitted in July 2012, the upcoming reporting period will be: • July 1, 2012 through December 31, 2012 • Submittal Period: • January 1, 2013 through March 1, 2013 for all US Registered Entities

  28. Where Can I Find Information on Self-Certification? • Go to www.wecc.biz • Select the Compliance Tab • Select United States • Click Self-Certification • http://www.wecc.biz/compliance/United_States/Monitoring/Pages/Self-Certifications.aspx

  29. Blackstart Generating Unit Test Results • Applicable to Entities registered as a GO and GOP • In accordance with EOP-009-0 and EOP-007-WECC-CRT-1.1 • Request posted in webCDMS on January 1, 2013 and Due on January 31, 2013 • WECC will contact the GO’s and GOP’s to provide more information (i.e., submittal data and training) • WECC Blackstart Resource Identification and Testing Form (Attachment A) can be found in webCDMS under Document Download and on the WECC website under Periodic Data Submittal

  30. System Restoration Plan(s) • Applicable to Entities registered as a TOP • EOP-005-1 included in the 2013 WECC Actively Monitored List • WECC will contact the TOP’s to provide more information (i.e., submittal data and training) • Request posted in webCDMS on January 1, 2013 and Due on January 31, 2013

  31. Blackstart Test Results and System Restoration Plan -Training • Training Dates • December 11, 2012 2:00pm-3:00pm (MT) • January 22, 2013 2:00pm-3:00pm (MT) • More information will be posted to the WECC Compliance Website • For questions, contact Compliance Support at 801-883-6879 or via email at compliancesupport@wecc.biz

  32. Kim Israelsson Lead Data Analyst 801-819-7613 kisraelsson@wecc.biz Questions?

  33. Taylor AllredAssociate Compliance Process Analyst Program Administration Updates and Trainings November 15, 2012 Compliance Open Webinar

  34. EFT Server Maintenance Scheduled • Enhanced File Transfer (EFT) Server will be unavailable today, November 15, 2012 from 5:00pm-7:00pm Mountain Time • For questions, contact Compliance Support at 801-883-6879 or via email at compliancesupport@wecc.biz

  35. Misoperation Reminder GO, TO, DP (Own Transmission Protection System) • Third Quarter Misoperation Reports are due to WECC no later than November 30, 2012. • Please submit the Quarterly Misoperation Reporting Form through the Enhanced File Transfer (EFT) Server. • http://www.wecc.biz/Planning/PerformanceAnalysis/Relay/default.aspx.  

  36. MisoperationwebCDMS Process GO, TO, DP (Own Transmission Protection System) • Fourth Quarter Misoperation Reports will be submitted via Compliance Data Management System (webCDMS) • MisoperationwebCDMS Webinar Training will be available

  37. MisoperationwebCDMS Training GO, TO, DP (Own Transmission Protection System) • Training Dates • January 10, 2013 2:00pm-3:00pm (MT) • February 7, 2013 2:00pm-3:00pm (MT) • March 7, 2013 2:00pm-3:00pm (MT) • May 21, 2013 2:00pm-3:00pm (MT)

  38. Upcoming Webinar Trainings • webCDMS& EFT Server Entity User Training • November 29, 2012 2:00pm-3:30pm (MT) • US Self-Certification Training • January 24, 2013 2:00pm-3:00pm (MT) • February 20, 2013 2:00pm-3:00pm (MT)

  39. General Outreach Info • Next Compliance Open Webinar • December 20, 2012 2:00pm (MT) • CIP 101 Training • December 18-19, 2012 Salt Lake City • Next CUG/CIPUG • January 28-30, 2013 Phoenix

  40. Taylor Allred Associate Compliance Process Analyst 801-819-7635 tallred@wecc.biz Questions?

More Related