Critical Infrastructure Protection (CIP) relates to the preparedness and response to serious incidents for the overall critical infrastructure. For the past several years, NERC CIP reliability standards have moved up in position as some of the most violated standards. At SOS Intl, our NERC CIP services encompass Decision Directive 63 and a broad range of solutions that assist with existing as well as emerging challenges within the energy industry. 

Using a three phased approach, our SOS Intl consultants individually customize each NERC CIP project taking into account the number of facilities as well as registration types. Our consultants take a risk-based approach to addressing NERC CIP compliance requirements while monitoring Smart Grid interoperability and other technological developments in the energy industry. Our three phased approach consists of:

• Assessing the governance, regulatory and compliance environment
• Developing and implementing a transformation plan
• Monitoring, reviewing and sustaining transformation

By first assessing the governance, regulatory and compliance environment, SOS Intl can provide multiple service options to support the NERC CIP compliance requirements such as:

• Audit Preparation
• Mock Audit
• Spot Checking
• Gap Analysis
• Self Reporting Assistance
• Self Certification
• NERC Data Submittals
• Critical Cyber Asset Identification

• Information Security Policy
• Logical Access Policy
• Physical Access Policy
• Systems Development Life Cycle Policy
• Change Management Policy
• Incident Handling Policy
• Disaster Recovery Plan 

SOS Intl can also support enhancements in the IT security infrastructure in areas such as:

• Advanced Persistent Threat Evaluation
• Remote Access
• Encryption
• Single Sign-On
• Identity Management
• Logical Access and Provisioning
• SCADA/EMS Security
• Vulnerability Assessment