There are 10-Steps that are guaranteed to help guide your utility through NERC Compliance in an organized, logical fashion. This session presents this 10-Step process and helps form the backbone of the rest of the conference. Come hear how these steps fit together overall before we delve into each one at a time.

• Step 1: Building the Team
• Step 2: Asset Identification and Perimeters (CIP-002, 005, 006)
• Step 3: Assessing Documentation Requirements (CIP-002-009)
• Step 4: Security Management Controls & Training (CIP-003, 004)
• Step 5: Assessing Physical Security Readiness (CIP-006)
• Step 6: Assessing Cyber Security Readiness (CIP-005, 007)
• Step 7: Incident Reporting Process and Recovery Plans (CIP-008, 009)
• Step 8: Implementing Technology to Automate Compliance Requirements
• Step 9: Implementing Processes to Collect Compliance Documentation
• Step 10: NERC CIP Readiness Audit (Pre-Audit Assessment)

This session will deal with Step 7 which highlights the incident reporting process and recovery plans. Speakers will go into detail on how to build an incidence response plan, how to leverage technology for incidence response and how to formulate backup and restore strategies. Once these issues have been addressed, panel members will go into how they’ve managed to exercise the overall plans.

Next up is the actual implementation involved in Steps 8 and 9. This session will delve into the details of automating compliance requirements and collecting compliance documentation using technology. This process will help utilities streamline the process and perform at a higher level overall.

This session will help utilities determine what it means to be “ready” for the NERC CIP Readiness Audit. There are explicit pre-audit assessment processes that utilities should be doing to ensure that the live NERC audit is a success. This session will provide those best practice ideas to make sure utilities are ready for the main event.