CIP-003: Cyber Security Measures
- M1. The Responsible Entity shall make available documentation of its cyber security policy as specified in Requirement R1. Additionally, the Responsible Entity shall demonstrate that the cyber security policy is available as specified in Requirement R1.2. (Retirement approved by FERC effective January 21, 2014.)
- M2. The Responsible Entity shall make available documentation of the assignment of, and changes to, its leadership as specified in Requirement R2.
- M3. The Responsible Entity shall make available documentation of the exceptions, as specified in Requirement R3. (Retirement approved by FERC effective January 21, 2014.)
- M4. The Responsible Entity shall make available documentation of its information protection program as specified in Requirement R4.
- M5. The Responsible Entity shall make available its access control documentation as specified in Requirement R5.
- M6. The Responsible Entity shall make available its change control and configuration management documentation as specified in Requirement R6.
Copyright © Cloud Software Group, Inc. All rights reserved.