Compliance
NERC CIP
NERC CIP Resources
NERC CIP cyber security standards Timeline (18 CFR Part 39)
| August 8, 2005: | Electricity Modernization Act was enacted; requires a government commission organization to develop reliability standards |
| February 3, 2006: | Government (FERC) commissions NERC to develop the reliability standards |
| August 28, 2006: | NERC submits 8 proposed CIP Reliability Standards CIP-002-1 thru CIP-009-1 |
| December 11, 2006: | FERC issues its assessment of the proposed standards and ask for comments on them, due in February |
| February 12, 2007: | NERC begins addressing comments on the proposed standards |
| July 20, 2007: | FERC proposes to approve the revised standards and gives the community until October 5, 2007 to comment |
| August 6, 2007: | 18 CFR Part 39 is filed on the Federal Register as a proposed rule |
| January 17, 2008: | FERC approves NERC-CIP standards. |
| May 6, 2009: | NERC approves eight revised cyber security standards. |
NERC CIP Compliance Timeline
The timeline below indicates that bulk electricity entities should be substantially compliant with the NERC CIP requirements at this point in time:
| 2007 June-01 |
2007 July-19 |
2007 Sept-09 |
2007 Nov-20 |
2008 Jan-17 |
2008 Q2 |
2009 Q2 |
2010 Q2 |
| Effective Date | FERC Notice of Proposed Rulemaking | Industry Comments | Waiting Period | FERC Approves NERC CIP | Substantially Compliant | Compliant | Auditably Compliant |
| Now |
NERC Links, Regulations, Standards and Guidelines:
Revised NERC CIP Standards
On May 5, 2009, eight revised cyber security standards for the North American bulk power system were approved by the North American Electric Reliability Corporation’s (NERC) independent Board of Trustees. The full download package includes a redline of each standard plus a released version. The individual revision 2 standards can be downloaded below.