Solutions



NERC Critical Infrastructure Protection (CIP)

The ongoing drive for operational efficiencies in the electrical power industry has created the need for power generation, transmission and distribution, and demand management to be measured, monitored and reported in real-time. This also has created the need to sometimes connect the underlying plant management and control systems to their respective corporate IT networks through what can be less than secure network segmentation techniques. The additional visibility into operations has yielded business benefits; however it also has introduced a new set of threats and vulnerabilities.

The Agiliance Solution

Agiliance delivers a NERC CIP software solution on the IT-GRC 3.0 platform. Agiliance has developed a new generation of software that combines critical asset data, SCADA vulnerabilities, corporate network security, security policies, and compliance with regulations to deliver a top-down risk-based view in a single application.

The Agiliance IT-GRC solution for NERC CIP is a web-based enterprise application that delivers an optimum solution:

  • Automated security testing covers critical cyber assets called out in regulations 3, 5 and 7 of NERC CIP.
  • e-Survey based automation links responses directly to control results covering the remaining regulations.
  • Results from each of the areas can be correlated and transformed into risk-based dashboards.
  • Plant operations, security managers and risk managers can take direct action for mitigation or remediation without impacting operational integrity.

Agiliance Key Capabilities

Agiliance implements an Open Connector Architecture that consolidates information from a variety of security and system automation tools:

  • Vulnerability scanners
  • Security incident management and change management systems
  • IT asset management systems, User Access Control and Audit Support
  • Interfaces to Plant Data Management Systems, DCS and SCADA systems
Agiliance Solution for NERC

The Agiliance IT-GRC Application maps to all eight standards for NERC CIP. The Open Connector Architecture allows aggregation of data from security automation tools, system automation as well as plant data and SCADA systems

FEATURES

  • Consolidated e-survey assessment questionnaires from operations and compliance teams
  • Common Control Framework with 10,000+ controls allows controls to be tested against multiple regulations. and standards
  • Consistent, automated asset classification as well as risk and compliance scoring – dashboards and audit reports
  • Built-in mitigation, remediation and ticketing workflow

BENEFITS

  • Faster time-to-compliance – vastly improved speed and efficiency of assessments and audit preparation
  • Integrate regulations, mandates and automation information from security tools and SCADA networks
  • A top-down view of the organization’s risk and compliance status that integrates internal measurements with operational objectives

Live Demo Sign Up