Policies and Procedures
To remain in regulatory compliance with NERC Reliability Standards, electric utilities need to develop and enforce effective policies and procedures. Most entities have already begun creating new compliance documentation for latest version of the standards, which recognize BES Cyber Systems as the center of focus for compliance. While there is no one-size-fits-all approach to developing and maintaining these policies and procedures, CRSI knows the essential elements of a sustainable document program. This includes:
- A gap analysis of enterprise-wide any policy and procedure
- Revisions or updates to current NERC compliance documentation
- Implementation of policies and procedures from the ground up
Though this tends to be the foundation for any company’s compliance initiatives, it is important to consider other enhancements to policies and procedures to further strengthen your company’s culture of compliance. These enhancements include implementation or review of:
- NERC Standards and Requirements Attachments and Forms
- RSAW Preparation
- Workflows and Diagrams
- Internal Controls Evaluations
- Training Programs
CRSI also offers document creation for additional security requirements, not only NERC requirements. CRSI specializes in program creation and implementation of a robust documentation hierarchy with templated evidence artifacts. CRSI recognizes the fact that the majority of evidence artifacts will require a templated document to ensure universal information is captured accurately, timely, and consistently. Much documentation is required to be created for all types of entities and not just for regulatory requirements. CRSI specializes in the identification of these additional document creations based on the client’s vision and direction.
While strong policies and procedures are crucial in passing a NERC CIP audit and for your company to stay protected, it is important to recognize the additional enhancements that will further serve your company’s growing compliance structure.
CRSI strategically partnered with more than 250 electric utilities in the last five (5) years for their NERC CIP Compliance Solutions. To find out more about how to create your Security Compliance Roadmap, call us today to schedule a free, no obligation consultation.