Download
1 / 5
50 likes | 71 Views
ERCOT Information Classification. Process Update Technical Advisory Committee April 7, 2005. ERCOT Information Classification Why?. Business Drivers Good business practice Good risk management practice Document policy and procedures Compliance Drivers Applicable laws (i.e. DHS)
E N D
ERCOT Information Classification Process Update Technical Advisory Committee April 7, 2005
ERCOT Information ClassificationWhy? Business Drivers • Good business practice • Good risk management practice • Document policy and procedures Compliance Drivers • Applicable laws (i.e. DHS) • PUCT rules • 2004 security audit recommendations • Protocols
ERCOT Information ClassificationThe Objective Establish policy/procedures/processes that keep: • Security risk information secure • MP Protected Information protected • Public information public
ERCOT Information ClassificationThe Process Step 1 - Develop policy (classification definitions), guidelines and handling procedures Step 2 - Develop implementation plan for ERCOT roll-out Step 3 - Communicate/educate ERCOT Staff and MP’s on policy implementation Step 4 - Implementation Step 5 - Ongoing compliance / process review and monitoring We are at Step 1- A draft policy document has been routed to market, feedback received and market calls scheduled to discuss
ERCOT Information ClassificationWhen? Preliminary Timeline • Approve Policies Q2 ‘05 • Finalize Plans Q3/4 ‘05 • Communicate/Educate Q3/4 ‘05 • Initiate Implementation Q4 ‘05
