Today’s LiveWire Spotlight examines Lessons Learned issued by Commission Staff who attended a series of CIP Version 5 cyber security audits in 2016 and 2017.  The document identifies improvement opportunities to an entity’s security framework that will best assure compliance and address issues not explicitly covered in the standards.

Although the Lessons Learned identified by FERC’s Staff are not a guarantee of compliance, auditors tend to give special consideration to Responsible Entities who make a good faith attempt to adhere to the Commission’s recommendations.