Today’s LiveWire Spotlight looks at the CMEP Risk Element “Threats to Cyber Systems” which applies risk-based principles in assessing compliance to the NERC standards addressing electric system microprocessor-based technology and communications vulnerabilities. It calls for Registered Entities to maintain Internal Controls that demonstrate the proactive steps they take to reduce the consequences of cyber threats.

The in-effect version of the 2015 CMEP and its supporting materials are posted on various sections of NERC’s web site. The Regional Entities have developed and are executing their specific implementation plans, attached as appendices to the CMEP.