How do you know you have only low impact systems?
Low Impact versus Out of Scope, what’s the difference?
What does CIP-002 require?
How do you document and defend your CIP-002 BES Cyber System Categorization process
Policy and management requirements
CIP Senior Manager
Security plans for Low Impact systems
Low Impact requirements
Incident Response planning
Physical Security requirements
Electronic security, LERC and LEAP
Security Awareness programs
What type of evidence is required
What to expect in an audit
Writing effective RSAW narratives
NERC’s Compliance Monitoring and Enforcement program
What you need to know
Inherent Risk Assessments
Internal Controls Evaluations
Internal Compliance Program reviews
Self-reporting and Self-certification
The audit process