Today’s LiveWire Spotlight is the second in a series concerning the implementation of the Critical Infrastructure (CIP) Version 5 standards applicable to High-Impact and Medium-Impact BES Cyber Systems. Today’s focus is on requirements with the IAC qualifier in CIP v5 – requiring protections to be applied “in a manner that Identifies, Assesses, and Corrects deficiencies…” FERC has since rejected the qualifier, but will allow the requirements to be assessed in a risk-based manner consistent with the Reliability Assessment Initiative.
The new CIP Version 5 requirements applicable to High-Impact and Medium-Impact BES Cyber Systems take effect on April 1. Clients must have their initial evidence of compliance available for inspection at that time.