NP-View’s Solutions to NERC-CIP Compliance

Culture of Compliance

NP-View enables all users to secure critical assets and comply with ease. Building compliance understanding fosters a compliant culture.

Automated NERC-CIP Reports

Save time with NP-View's automated reports for CIP-005 and CIP-003 audits. Identify interactive remote access with path analysis.

Collecting Evidence

NP-View gives compliance and networking teams the ability to prepare and document the correct evidence in a fraction of the time.

Risk-Based Assessments

By investing in risk-based compliance, organizations can build cyber resiliency. NP-View aids in efficient risk-based compliance verification.

Rules & Justifications

Use NP-View to prepare reports on access rules and justifications for all assets supported in the solution.

Mock Audits

Use NP-View to perform test runs of NERC-CIP audits and gauge your compliance against NERC standards, alleviating the stress for your organization.

“If we didn’t have a software platform in place and one of our clients were to be audited, then it would be all hands on deck trying to figure out how to comply with the audit process to avoid financial penalties. Essentially, compliance would be a guessing game.”

— Chris Martin-Berry, Systems Engineer, Crown Computers

Full Case Study

NERC-CIP Report

NP-View allows compliance teams to collect and report evidence for the following requirements:

 

 
  • CIP-002 – BES Cyber System Categorization; impact rating and 15-month review
  • CIP-003 – Security Management Control; cyber security policy
  • CIP-005 – Electronic Security Perimeter; remote access management
  • CIP-007 – System Security Management; ports and services
  • CIP-010 – Change Management and Vulnerability; configuration change management, configuration monitoring, vulnerability assessment

“Network Perception’s NP-View is basically what’s used by the auditors, so we figured if that’s what they use, that’s what we wanted to use as well.”

— David Fletcher, Lead Cybersecurity Analyst, PSEG

Full Case Study

Resources to Learn More:

Evidence Collection
Blog
Have You Prepared the Right Evidence for Your Upcoming Audit?
Read More
White Paper
NERC CIP 003 Whitepaper
Read More
White Paper
NERC CIP 005 Whitepaper
Read More

NERC-CIP Compliance FAQ

NERC (North American Electric Reliability Corporation) standards are a set of mandatory cybersecurity and operational standards developed by NERC and enforced by the Federal Energy Regulatory Commission (FERC) in the United States and the National Energy Board (NEB) in Canada.

Yes, NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) is mandatory for all entities that are defined as "Bulk Electric System" (BES) owners or operators in North America. This includes entities that own or operate high-voltage electric transmission lines, generation facilities, and control centers.

The purpose of the NERC CIP standards is to ensure the reliability and security of the North American power grid by establishing cybersecurity standards that BES owners and operators must follow. These standards are enforced by NERC, and non-compliance can result in significant penalties and fines. Therefore, compliance with NERC CIP is mandatory for all BES owners and operators in North America.

Ready to Get Started?

Request a Demo