I’m pleased to announce that I will join Steve Parker and Karl Perman of EnergySec for a second webinar discussing interpretation issues with CIP version 5 and what NERC entities can do about them – given that the compliance date remains April 1, 2016.
The first webinar, which took place on May 20 at 10 to 11 AM Pacific Time, discussed issues with CIP-002-5.1, including such favorites as the Memorandum on “programmable” and the meaning of “adversely impact” in the BES Cyber Asset definition. If you couldn’t attend that webinar (or even if you could), you can listen to the recording here. You can access the slides here and the Q&A document here.
The second webinar will take place on June 18 at 10-11 AM Pacific, and will discuss issues with CIP-003-6 through CIP-011-2. You can sign up for that webinar here. As usual, even if you can’t attend at that time, you should still sign up so you will automatically receive the recording link when it’s available. Here’s the story on the new webinar:
NERC entities have many questions regarding interpretation of the requirements and definitions of NERC CIP Version 5. NERC has provided some guidance on some of these questions, but in very few cases can that be said to be definitive. For the remaining issues, NERC entities need to research whatever guidance is available; but in the end, it is up to each entity to determine and document how it will address the issue.
Three well-known specialists on CIP Version 5, Steve Parker and Karl Perman of EnergySec and Tom Alrich of Deloitte & Touche LLP, will identify certain major issues with CIP v5 and provide recommendations on how NERC entities can address each one. Topics in this webinar include the meaning of “external routable connectivity” and configuration baselining in CIP-010.
Note: At the SPP and WECC meetings last week, more than a few people asked if I was still doing my blog – they noticed I hadn’t posted in a month. I’m pleased to say that reports of my death are greatly exaggerated (to quote Mark Twain). I have been overwhelmed (in a good way) with my first month and a half at Deloitte, but the spigot is back on and you should see a lot of posts in the near future – probably all you can stand!
The views and opinions expressed here are my own and don’t necessarily represent the views or opinions of Deloitte & Touche LLP.