NERC CIP Audit Workshop

Compliance with the NERC CIP standards is only half the battle. Once compliance programs are in place, it is necessary to collect documentation and evidence of that compliance, and prepare to provide such evidence to auditors. EnergySec’s team of experts has developed a 2-day workshop that prepares entity personnel to successfully navigate the audit process from preparation, to execution, to post-audit negotiations. Attendees will obtain an understanding of the NERC Rules of Procedures (RoP), Compliance Monitoring and Enforcement Program (CMEP), Inherent Risk Assessments (IRA), Internal Controls Evaluation (ICE), and the audit process as documented in the ERO Auditors Handbook. The class, taught by a team of former regional entity auditors, will feature live exercises that build participant skills, and provide experience in a simulated audit environment.

Class Outline

  • Background and Authority
  • NERC Rules of Procedure
  • IRA
  • ICE
  • The Audit Process
  • Evidence
  • RSAWs
  • Interview Strategies
  • How to “Argue” with an Auditor
  • Live Exercises

Denver, CO – September 21-22, 2016
Columbus, OH – October 12-13, 2016
San Antonio, TX – November 9-10, 2016
Phoenix, AZ – January 23-24, 2017

Steven_Parker 112x150

Steven Parker

Steven Parker, CISA, CISSP, is President of EnergySec, and is a founding director of the organization. He has been engaged in critical infrastructure protection within the electric sector since 2001, including 8 years as a senior security staff member at PacifiCorp.  Mr. Parker was also part of the team that established the NERC CIP audit program at the Western Electricity Coordinating Council (WECC).  His experience includes a broad range of security disciplines including e-commerce, identity management, intrusion detection, forensics, incident response and investigations, security event monitoring, and NERC CIP compliance.

Wally Magda Headshot 112x150

Wally Magda

Wally Magda is a recognized cyber security expert for Industrial Control Systems (ICS) with over 22 years of utility experience. His deep security experience spans military, nuclear missile command and control, intelligence agencies, corporate enterprise and industrial control systems. He is a retired Western Electricity Coordinating Council (WECC) NERC CIP auditor.

Wally currently brings his passion and unique experience into conducting cyber and physical security training courses and assessments specific to ICS and NERC CIP.

He has a Bachelor of Science degree in Management Information Systems (MIS). His professional certifications include ISACA Certified Information Systems Auditor (CISA), ISC2 Certified Information Systems Security Professional (CISSP), ISA Certified Automation Professional (CAP), SANS GIAC Global Industrial Cyber Security Professional (GICSP) & Certified Incident Handler (GCIH), ASIS Physical Security Professional (PSP). He is also a Senior Member of the Information Systems Security Association (ISSA).

Brent Castagnetto Headshot 112x150

Brent Castagnetto

Brent most recently served as Manager, CIP Audits and Investigations for the Western Electricity Coordinating Council (WECC), the organization charged with compliance oversight for the Western Interconnection. Brent has more than six years direct experience auditing the CIP standards and helping the industry with compliance.

Leonard Chamberlin Headshot 112x150

Leonard Chamberlin

Leonard Chamberlin is a graduate of Tulane University with a B.S. in Computer Science.  He is a Certified Information Systems Security Professional (CISSP) with over 17 years of experience in large-scale digital network engineering, information technology, and industrial control system security.  During seven of those years, he was a consultant for Entergy in New Orleans, responsible for design, procurement, configuration, installation, monitoring, maintenance, training, documentation, change management, disaster recovery, and North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) compliance of their IP-based substation communications.  Prior to his time at Entergy, Leonard’s consulting work focused primarily on telecommunications clients, including partnering to create his own consulting firm.

Most recently, Leonard completed five years of service as an Energy Industry Analyst focusing on cyber security for the Federal Energy Regulatory Commission (FERC).  Leonard worked in the Office of Electric Reliability and in the Office of Energy Infrastructure Security.   Leonard was technical lead on audits (both observational and FERC-led), network architecture reviews, investigations, and NERC notice of penalties teams.  Leonard was team-lead for office involvement in the development of the National Institute of Standards and Technology (NIST) cybersecurity framework, resulting from Executive Order 13636.  He also participated in the NIST Smart Grid Interoperability Panel and Federal Smart Grid Task Force.

Leonard is currently a senior consultant with Archer Energy Solutions, using his unique experiences as both a regulator and as a cybersecurity professional in IT/OT environments to assist clients in improving their security postures and NERC CIP compliance programs.  Leonard also recently attained Certified Information Systems Auditor (CISA) certification.

Leonard holds a level four proficiency in Japanese, which has helped ensure successful projects when working with Japanese clients and delegations in the past.  Leonard is continuing his Japanese studies and hopes to eventually put those skills to use to facilitate improved collaboration with the Japanese on mutual threat actors and vulnerabilities that our two countries face.

Bryan Carr Headshot 112x150

Bryan Carr

Bryan most recently served as a Senior Auditor for Cyber and Physical Security at WECC for the past four years. Prior to joining WECC, he served as CIP Compliance Program Manager at PacifiCorp, a large investor-owned utility in the northwest U.S. Bryan has a very strong background in generation environments.