1 / 10

CIP Submittals - July 2010

CIP Submittals - July 2010. Tony Purgar June 22, 2010. Topics. Background Portal Update CIP 002 thru 009 Self Certification Forms Functional Specific (i.e. BA, RC, TOP – SCC, Other) Nuclear CIP Supplemental Questionnaire Portal Timing Reporting Periods Q & A. Background.

chanel
Download Presentation

CIP Submittals - July 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CIP Submittals - July 2010 Tony Purgar June 22, 2010

  2. Topics • Background • Portal Update • CIP 002 thru 009 Self Certification Forms • Functional Specific (i.e. BA, RC, TOP – SCC, Other) • Nuclear • CIP Supplemental Questionnaire • Portal Timing • Reporting Periods • Q & A

  3. Background • ReliabilityFirst has been collecting CIP Self Certifications, in the ReliabilityFirst Portal, on a bi-annual basis since 2008. • Custom portal forms have been developed and are updated for each bi-annual self certification data collection. • The forms are identified as CIP 002 – 009 and are function specific (i.e. BA, RC, TOP, etc) • In Jan – 2010, ReliabilityFirst introduced the CIP 002 – 009 Nuclear Form • ReliabilityFirst has been collecting a CIP Supplemental Questionnaire, in the ReliabilityFirst Portal, on a bi-annual basis since 2009.

  4. Portal Update • CIP 002 – 009 Forms are being updated for the July 2010 data collection. • Each form includes specific questions about the Risk Based Assessment Methodology (RBAM), Critical Assets, Critical Cyber Assets, Cyber Security Policy and the identification of the Senior Manager per CIP-003 R2 • Each form collects a registered entity’s compliance status with schedule/explanation, for each CIP Requirement, per the (Revised) Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-1. • The plan includes tables that specify the compliance schedules for entities. • Compliance Status options are: Not Started (NS), Begin Work (BW), Substantially Compliant (SC), Compliant (C), Auditable Compliant (AC).

  5. Portal Update • CIP 002-009 Nuclear Form • Introduced in Jan-2010 • Being utilized for the second time in July 2010 • Applies to Registered Entities who own or operate a nuclear unit. • Content is same as functional specific forms • Current updates include: • One form must be filled out for each nuclear unit • Collection of the nuclear unit name (since collecting on form per unit)

  6. Portal Update • CIP Supplemental Questionnaire • As of 5/25/10, NERC announced to the Regional Entities that this questionnaire would not be administered by the regions for the July 2010 CIP data collection. • Plans are to administer this questionnaire in Jan-2011 using a section 1600 data request.

  7. Portal Timing • CIP 002 – 009 Self Certification Forms • 7/1/10 – Start Date (Forms available in the Portal) • 8/2/10 – Due Date (Entity Submittal date) • 8/16/10 – Lockout Date (Forms no longer available)

  8. Reporting Period • CIP 002 – 009 Self Certification Forms • Per “NERC Compliance Process Bulletin #2010-002: Update to 2010 CMEP Implementation Plan”: • Compliance_Process_Bulletin_2010-002_Update_2010 Implementation Plan.pdf • With CIP V2 standards effective on 4/1/10, special consideration was needed for the 2010 bi-annual CIP self certifications.

  9. Reporting Period • CIP 002 – 009 Self Certification Forms • Self-certification due in July 2010 will cover compliance with CIP Version 1 standards for the period from 1/1/10 – 3/31/10. • Self-certification due in January 2011 will cover compliance with CIP Version 2 standards for the period April 1, 2010 through December 31, 2010. • It is expected that this will be the last bi-annual self certification. • Plans are to release annual CIP Self Certification forms (similar to dynamic Portal self cert forms) for use in latter 2011.

  10. Questions • Questions should be emailed to Matt Thomas (matt.thomas@rfirst.org), Subject: “CIP WEBINAR” • Questions will considered in the order they are received • Clarifying questions are welcome and we’ll do our best to answer during the question period • Challenges to a position should be addressed to the presenter and will be taken offline

More Related