Quality + Engineering provides professional engineering services in assisting Registered Entities with NERC CIP compliance and ultimately understanding steps that can lead to a more secure cyber security environment for IT systems supporting critical bulk electric system assets.
Quality + Engineering proprietary technologies are US Department of Homeland Security (DHS) designated as ‘Qualified Anti-Terrorism Technologies,’ DHS certified to conduct Critical Infrastructure Protection Forensics, Assurance, Analytics® (CIP-FAA) under the SAFETY ACT, and placed on DHS Approved Products List for Homeland Security. Q+E technologies also are harmonized to the recent FERC guidance to NERC regarding compliance to ‘Red Book’ and ‘Yellow Book’ audit processes.
FERC 126 ¶ 61,038 guidance requires that NERC and Regional Entities “base their compliance audit processes in the U.S. on professional auditing standards recognized in the U.S., such as Generally Accepted Accounting Standards, Generally Accepted Government Auditing Standards (also called Yellow Book), and standards sanctioned by the Institute of Internal Auditors.” (also called Red Book).
Q+E can provide Registered Entity management compliance advisory services in the following areas:
+ Review of evidence and conduct requisite gap analysis. (i.e. CIP 002-009, etc.).
+ Develop procedures, programs or other evidence of compliance as needed.
+ Review of Internal Compliance Programs and Security programs.
+ Provide observations and recommendations for improving the security of the cyber infrastructure.
Q+E specifically focuses on NERC cyber security standards CIP 002 – 009, SCADA, and other control center systems.
Contact Greg Hutchins PE for NERC CIP at 503.233.1012 or 800.COMPETE or GregH@QualityPlusEngineering.com