Read New Topics

Blog single

Energy Sector

Full NERC CIP-014 Standard

NERC CIP-014 R1

Each Transmission Owner shall perform an initial risk assessment and subsequent risk assessments of its Transmission stations and Transmission substations (existing and planned to be in service within 24 months) that meet the criteria specified in Applicability Section 4.1.1. The initial and subsequent risk assessments shall consist of a transmission analysis or transmission analyses designed to identify any Transmission station(s) and Transmission substation(s) that if rendered inoperable or damaged could result in widespread instability, uncontrolled separation, or Cascading within an Interconnection. [VRF: High; Time-Horizon: Long-term Planning]

Subsequent risk assessments shall be performed:

  • At least once every 30 calendar months for a Transmission Owner that has identified in its previous risk assessment (as verified according to Requirement R2) one or more Transmission stations or Transmission substations that if rendered inoperable or damaged could result in widespread instability, uncontrolled separation, or Cascading within an Interconnection; or
  • At least once every 60 calendar months for a Transmission Owner that has not identified in its previous risk assessment (as verified according to Requirement R2) any Transmission stations or Transmission substations that if rendered inoperable or damaged could result in widespread instability, uncontrolled separation, or Cascading within an Interconnection.
  • The Transmission Owner shall identify the primary control center that operationally controls each Transmission station or Transmission substation identified in the Requirement R1 risk assessment.

NERC CIP-014 R2

Each Transmission Owner shall have an unaffiliated third party verify the risk assessment performed under Requirement R1. The verification may occur concurrent with or after the risk assessment performed under Requirement R1. [VRF: Medium; Time-Horizon: Long-term Planning]

Each Transmission Owner shall select an unaffiliated verifying entity that is either:

  • A registered Planning Coordinator, Transmission Planner, or Reliability Coordinator; or
  • An entity that has transmission planning or analysis experience.

The unaffiliated verifying entity shall either verify the Transmission Owner’s risk assessment performed under Requirement R1 or recommend the addition or deletion of a Transmission station(s) or Transmission substation(s). The Transmission Owner shall ensure the verification is completed within 90 calendar days following the completion of the Requirement R1 risk assessment.

If the unaffiliated verifying entity recommends that the Transmission Owner add a Transmission station(s) or Transmission substation(s) to, or remove a Transmission station(s) or Transmission substation(s) from, its identification under Requirement R1, the Transmission Owner shall either, within 60 calendar days of completion of the verification, for each recommended addition or removal of a Transmission station or Transmission substation:

  • Modify its identification under Requirement R1 consistent with the recommendation; or
  • Document the technical basis for not modifying the identification in accordance with the recommendation.
  • Each Transmission Owner shall implement procedures, such as the use of non-disclosure agreements, for protecting sensitive or confidential information exchanged with the unaffiliated verifying entity.

NERC CIP-014 R3

For a primary control center(s) identified by the Transmission Owner according to Requirement R1 and verified according to Requirement R2 that is not under the operational control of the Transmission Owner, the Transmission Owner shall, within seven calendar days following completion of Requirement R2, notify the Transmission Operator that has operational control of the primary control center of such identification and the date of completion of Requirement R2.[VRF: Lower; Time-Horizon: Long-term Planning]

  • If a Transmission station or Transmission substation previously identified under Requirement R1 and verified according to Requirement R2 is removed from the identification during a subsequent risk assessment performed according to Requirement R1 or a verification according to Requirement R2, then the Transmission Owner shall, within seven calendar days following the verification or the subsequent risk assessment, notify the Transmission Operator that has operational control of the primary control center of the removal.

NERC CIP-014 R4

Each Transmission Owner that owns or operates a Transmission station, Transmission substation, or primary control center identified in Requirement R1 and verified according to Requirement R2, and each Transmission Operator notified by a Transmission Owner according to Requirement R3 that the Transmission Operator’s primary control center has operational control of an identified Transmission station or Transmission substation, shall conduct an evaluation of the potential threats and vulnerabilities of a physical attack to each of their respective Transmission station(s), Transmission substation(s), and primary control center(s) identified in Requirement R1 and verified according to Requirement R2. The evaluation shall consider the following: [VRF: Medium; Time-Horizon: Operations Planning, Long-term Planning]

  • Unique characteristics of the identified and verified Transmission station(s), Transmission substation(s), and primary control center(s);
  • Prior history or attack on similar facilities taking into account the frequency, geographic proximity, and severity of past physical security related events; and
  • Intelligence or threat warnings from sources such as law enforcement, the Electric Reliability Organization (ERO), the Electricity Sector Information Sharing and Analysis Center (ES-ISAC), U.S. federal and/or Canadian governmental agencies, or their successors.

NERC CIP-014 R5

Each Transmission Owner that owns or has operational control of a Transmission station, Transmission substation, or primary control center identified in Requirement R1 and verified according to Requirement R2, and each Transmission Operator notified by a Transmission Owner according to Requirement R3 that the Transmission Operator’s primary control center has operational control of an identified Transmission station or Transmission substation, shall develop and implement a documented physical security plan(s) that covers their respective Transmission station(s), Transmission substation(s), and primary control center(s) within 120 calendar days following the completion of Requirement R2. The physical security plan(s) shall include the following attributes: [VRF: High; Time-Horizon: Long-term Planning]

  • Resiliency or security measures designed to deter, detect, delay, assess, communicate, and respond to potential physical threats and vulnerabilities based on the results of the evaluation conducted in Requirement R4.
  • Law enforcement contact and coordination information.\
  • A timeline for implementing the physical security enhancements and modifications specified in the physical security plan.
  • Provisions to evaluate evolving physical threats, and their corresponding security measures, to the Transmission station(s), Transmission substation(s), or primary control center(s).

NERC CIP-014 R6

Each Transmission Owner that owns or operates a Transmission station, Transmission substation, or primary control center identified in Requirement R1 and verified according to Requirement R2, and each Transmission Operator notified by a Transmission Owner according to Requirement R3 that the Transmission Operator’s primary control center has operational control of an identified Transmission station or Transmission substation, shall have an unaffiliated third party review the evaluation performed under Requirement R4 and the security plan(s) developed under Requirement R5. The review may occur concurrently with or after completion of the evaluation performed under Requirement R4 and the security plan development under Requirement R5.[VRF: Medium; Time-Horizon: Long-term Planning]

Each Transmission Owner and Transmission Operator shall select an unaffiliated third party reviewer from the following:

  • An entity or organization with electric industry physical security experience and whose review staff has at least one member who holds either a Certified Protection Professional (CPP) or Physical Security Professional (PSP) certification.
  • An entity or organization approved by the ERO.
  • A governmental agency with physical security expertise.
  • An entity or organization with demonstrated law enforcement, government, or military physical security expertise.

The Transmission Owner or Transmission Operator, respectively, shall ensure that the unaffiliated third party review is completed within 90 calendar days of completing the security plan(s) developed in Requirement R5. The unaffiliated third party review may, but is not required to, include recommended changes to the evaluation performed under Requirement R4 or the security plan(s) developed under Requirement R5.

If the unaffiliated reviewing entity recommends changes to the evaluation performed under Requirement R4 or security plan(s) developed under Requirement R5, the Transmission Owner or Transmission Operator shall, within 60 calendar days of the completion of the unaffiliated third party review, for each recommendation:

  • Modify its evaluation or security plan(s) consistent with the recommendation; or
  • Document the reason(s) for not modifying the evaluation or security plan(s) consistent with the recommendation.

Each Transmission Owner and Transmission Operator shall implement procedures, such as the use of non-disclosure agreements, for protecting sensitive or confidential information exchanged with the unaffiliated reviewing entity.