North American Electric Reliability Corporation- Critical Infrastructure Protection.

The Risk Analysis and Risk Management process provided by Sentryx completely satisfies annual federal and state audits.

CIP Standards Subject to Enforcement

CIP-002-3 Critical Cyber Asset Identification

CIP-003-3 Security Management Controls

CIP-004-3a Personnel and Training

CIP-005-3a Electronic Security Perimeters

CIP-006-3c Physical Security of Critical
                        Cyber Assets

CIP-007-3a Systems Security Management

CIP-008-3 Incident Reporting and Response
                      Planning

CIP-009-3 Recovery Plans for Critical
                      Cyber Assets

Top 5 Reasons to Undertake Risk Analysis and Risk Management:

      1. Avoid security incidents
         and /or breaches.

     2. Ensure that high priority risks are
         aggressively managed and that all
         risks are cost-effectively managed

         throughout the project.

     3. Become a “best in class” practice.

     4. Provide management at all levels with
         the information required to make
         informed decisions on issues critical to
         project success.

     5. Tremendous educational and
         learning experience.

NERC-CIP Compliance and Risk Management

Who is required to comply with NERC-CIP regulations?
All bulk power system owners, operators, and users must comply with NERC-approved Reliability Standards.

What are the Penalties for Violating NERC-CIP?
S
anctioning of confirmed violations is determined pursuant to the NERC Sanction Guidelines and is based heavily upon the Violation Risk Factors and Violation Severity Levels of the standards requirements violated and the violations’ duration. Entities found in violation of any standard must submit a mitigation plan for approval by NERC and, once approved, must execute this plan as submitted.

 

Sentryx Solution for NERC-CIP Compliance and Risk Management
Sentryx provides expert guidance and effective software technology called SPARTAN to address the entirety of NERC-CIP compliance and risk management. Our solution consistently addresses the seven elements of an effective compliance program. Our risk assessment process includes an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of confidential information.

Features and Benefits of SPARTAN Risk Management SaaS

• Spartan provides an accurate and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of the electronic information, whether it be client or company data.

• Definitions and default text aid in understanding of each topic and provide proper vernacular for attestation.

 

• Spartan solutions risk access, develop mitigation plans, and write reports.

• Spartan provides operational compliance through a mature, repeatable, complete, accurate and sustainable process and can become your on-going compliance assessment and monitoring tool.

• Spartan SaaS is an Enterprise Class platform providing Information Technology, Governance Risk and Compliance (IT GRC). Modules include HIPAA, FISMA, PCI-DSS, FERPA, NERC-CIP, Business Continuity Planning.


• Modules can be used individually or in combination when unique compliance requirements share common security controls and help us efficiently keep up with hundreds of tasks associated with each regulatory requirement.

 

• Spartan provides an auditable, password protected, logged documentation tool that meets requirements of internal and external audit standards.

Sentry Cybersecurity Solutions provides a methodology and software that is proactive, adaptable, and consistent with industry best standards.

 

The risk analysis and risk management process includes an accurate and
thorough assessment of the potential
risks and vulnerabilities to the confidentiality, integrity, and availability
of critical information and sensitive data.

An Ongoing Effort that
Requires Process Maturity

 

Peace of Mind

 

There is a Right Way and

Many Wrong Ways

 

Checklist and Spreadsheets

Will Not Pass Audit

Copyright 2013 - 2015 Sentryx Cybersecurity Solutions. All rights reserved.