NERC has filed mandatory standard CIP-013-1 for supply chain risk management, requiring controls to mitigate cyber threats and their impact to the reliable operation of the Bulk Electric System. It is important that utilities carefully integrate the required new procurement processes with existing procedures to minimize impacts and maximize effectiveness.
The Key Requirements Include:
Utilities should review their processes and systems, track industry developments, identify existing controls, and plan to develop, adopt, and integrate new controls necessary to meet the requirements of NERC’s mandatory supply chain standards.