PAS Compliance - NERC CIP - PAS ICS Integrity - 7.3 - Help - Intergraph

ICS Integrity Help

Language
English
Product
PAS ICS Integrity
Subproduct
ICS
Search by Category
Help
PAS Version
7.3

NERC CIP within ICS Integrity is provided by the PAS Compliance - NERC CIP asset model. This feature allows electric utilities to easily respond to and report their compliance with the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) guidelines.

NERC CIP is needed if you are an electric business, but it is not required for process industries. To use the NERC CIP feature, your license must support this model.

To implement the PAS Compliance - NERC CIP asset model:

  1. Import the PAS Compliance - NERC CIP asset model. For more information, see Loading (Importing) Asset Models.

  2. Create a Compliance - NERC CIP asset. For more information, see Adding, Modifying, and Deleting Assets (Data Owners).

  3. Define your asset hierarchy. For more information, see Understanding and Defining Your Asset Hierarchy.

The following table shows the NERC CIP functions handled by ICS Integrity.

Standard

Requirement

Functionality

CIP-002

R1 Inventory

R2 Review Inventory

  • Maintains accurate inventory of control system assets

  • Facilitates grouping of assets by BES Asset, BES Cyber System

  • Uses workflows to automate reviews of inventory

CIP-003

R1 Cybersecurity Policy

R4 MOC

  • Documents and implements cybersecurity policy through policy management

  • Tracks changes to assets through workflows

CIP-004

R4 Access Management

  • Facilitates role-based access permissions

CIP-005

R1 Access Control and Monitoring

  • Monitors and manages electronic security

  • Maintains electronic access logs

CIP-006

R5-R7 Physical Access

  • Monitors and manages physical security

  • Maintains physical access logs

CIP-007

R1 Ports and Services

R2 Patching

R3 Malicious Code Prevention

R4-R5 Account Management

  • Documents all ports and services

  • Automates patch management including assessment, testing, implementation, and mitigation processes

  • Documents installed anti-malware and status

  • Triggers reviews or incident responses on specific unapproved changes

  • Documents and monitors local access management

CIP-008

R1 Incident Response Plan

R3 Review and Update

  • Facilitates the implementation of incident response workflows to provide documentation

  • Reviews process to drive testing, updates, and communications of changes

CIP-009

R1 Disaster Recovery Plan

R2 Review and Update

  • Facilitates the implementation of disaster recovery workflows to provide documentation

  • Reviews process to drive testing, updates, and communications of changes

CIP-010

R1 Configuration Change Management

R2 Configuration Monitoring

R3 Vulnerability Assessment

  • Documents testing and reconciles detected changes to approved change cases through a workflow engine

  • Detects all changes to the configuration of assets

  • Discovers and reviews published vulnerabilities and applies mitigation strategies