NERC entities have many questions regarding interpretation of the requirements and definitions of NERC CIP Version 5. NERC has provided some guidance on some of these questions, but in very few cases can that guidance be said to be definitive. For the remaining issues, NERC entities need to research whatever guidance is available, but in the end it is up to each entity to determine and document how it will address each issue.
Click here for the presentation slides!
- Tom Alrich, Manager, Cyber Risk Services, Deloitte and Touche LLP
- Steve Parker, President, EnergySec