Show Filters

Top Results

As the electric grid becomes increasingly digital, the need for robust cybersecurity protocols is more important than ever. The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance standards were established to maintain the reliability and security of the bulk power system.

Utilities are required to have CIP compliance programs in place that addresses all NERC CIP standards.

Non-compliance with NERC standards may put the grid at risk and have significant impacts on companies through monetary fines, penalties, and reputational harm.

Our experience has shown that leading practice NERC CIP compliance programs have:

  • A clear accountability model and ownership of NERC reliability standards
  • Programs and procedures which define how NERC compliance-related work is performed
  • Training for personnel who perform work and others who need to be aware of NERC compliance
  • Work management and tool integration that supports timely completion of work
  • Oversight practices that ensure the work is performed according to standards and quality evidence is collected
  • Continuous monitoring of cybersecurity risks and vulnerabilities
  • Implementation of security controls commensurate with the risk level
  • Development of incident response plans

By taking a proactive approach to cybersecurity, utilities can not only meet their compliance obligations but also strengthen the overall security posture for their bulk electric system.

Case Studies

NERC Compliance Services

At ScottMadden, we have supported transmission, generation, and IT groups to build, deploy, educate, monitor, and validate their NERC compliance programs. We have deep knowledge of NERC Critical Infrastructure Protection (CIP) and Operations & Planning (O&P) Order 693 standards. We bring more than 35 years of experience working with utilities across North America, and we can help you address the challenges of NERC compliance and create a successful and cost-effective compliance program.

Services Include:

  • NERC program assessment
  • NERC compliance implementation
  • NERC program development and recovery
  • NERC audit support and technical advisory
  • Field visits to validate controls and procedure execution
  • Education and NXTGEN Training
  • Process improvement
  • Change management
  • Risk management

Our Experts

Todd Ponto Director

Welcome to ScottMadden!

Sussex Economic Advisors is now part of ScottMadden. We invite you to learn more about our expanded firm. Please use the Contact Us form to request additional information.