Most Violated Enforceable Standards

Why is CIP-007 was one of the 5 most violated enforceable NERC standards? the all-time leader in Violations?

Do you think Cyber Security is important?

• CIP-007 – Cyber Security — Systems Security Management
• CIP-005 – Cyber Security — Electronic Security Perimeter
• CIP-006 – Cyber Security — Physical Security of Critical Cyber Assets
• PRC-005 – Transmission and Generation Protection System Maintenance and Testing
• CIP-002 – Cyber Security — Critical Cyber Asset Identification

Let’s take a look at the Most Violated NERC Standard – CIP-007! This standard has the most violations of all enforceable NERC Standards. CIP-007 has received double the violations of the second highest violated standard CIP-005, and is currently the all-time leader in violations, that includes all of the non-CIP standards.

This is why 360Factors offers expertise and technological solutions like Predict360 GRC Software that address these CIP requirements.

This standard requires Responsible Entities to define methods, processes, and procedures for securing those systems determined to be Critical Cyber Assets, as well as Non-Critical Cyber Assets within the Electronic Security Perimeters. The Responsible Entity is required to comply with the following requirements:

1. Test Procedures
2. Ports and Services
3. Security Patch Management
4. Malicious Software Prevention
5. Account Management
6. Security Status Monitoring
7. Disposal or Redeployment
8. Cyber Vulnerability Assessment
9. Documentation Review and Maintenance

We can assist electrical utilities to ensure that new cyber assets and changes to existing cyber assets do not adversely affect their audit. Violations will be a thing of the past because 360Factors will manage all your compliance requirements through its flagship regulatory compliance software and will provide an easier way to manage all your NERC Standards, Compliance to these standards, practices, and procedures, Gap Analysis, RSAW, NERC Audits, and Job Task Analysis.