NERC CMEP Manual v9 looks like housekeeping. Three signals underneath matter:

- GIS joins IIA-IPPF in the authoritative guidance stack
- Appendix 4C moved across 28 pages
- CCAs finally retired from the Sampling Guide

Full analysis at https://ampyxcyber.com/blog/ferc-issues-orders-on-virtualization-and-low-impact-what-changed-and-what-you-need-to-do-bn4xr-lxdba

NERC CIP doesn't sit still. Neither does our CIP bootcamp.

Dallas, TX. Aug 11-14. 3.5 days. In-person.
- CIP-002 through CIP-015
- CMEP v8 and the new Internal Controls Monitoring approach
- Virtualization & Low Impact

28 CPEs. 3 CIPC exam attempts.

https://ampyxcyber.com/nerc-cip-bootcamp

Stop chasing checklists.

Our 3.5-day NERC CIP Bootcamp moves past the theory into the technical reality of the grid. From CIP-002 to the new CIP-015, Low Impact to Virtualization, learn to stay ahead of your adversaries and your auditors.

Register here: https://ampyxcyber.com/training

Stop chasing checklists.

Our 3.5-day NERC CIP Bootcamp moves past the theory into the technical reality of the grid. From CIP-002 to the new CIP-015, Low Impact to Virtualization, learn to stay ahead of your adversaries and your auditors.

Register here: https://ampyxcyber.com/training

NERC Industry Survey: Physical Supply Chain Risk Management
https://www.surveymonkey.com/r/SCS-PhysicalRiskReport

Supply Chain Subcommittee (SCS) is seeking industry feedback on physical supply risks to inform the physical supply risk report.

FERC approved Orders 918 & 919 today. CIP virtualization standards, new low-impact controls, and an updated Control Center definition. All registered entities affected. 24 and 36 month implementation windows. Start your assessments now.

Full breakdown: https://ampyxcyber.com/blog/ferc-issues-orders-on-virtualization-and-low-impact-what-changed-and-what-you-need-to-do