• Home
  • About Us
  • We Are Different
  • Significant Client Project
  • Training
  • Knowledge
  • Recent FERC & NERC Developments
  • Contact

Are You Ready For Your NERC CIP SPOT CHECK AUDIT? Contact Us Immediately @ 248.981.5248 To Prepare Today!

  • Latest News

  • Insights & Ideas

      Catalyst For Change?
      FERC Demands "Culture of Compliance"

  • Client Login

      Email:
      Password:
      Forgot your password?
      powered by sharefile

  • Services

      CIP Compliance Program Assessment & Implementation
      Risk Based Assessments & Cyber Asset Identification
      Threat & Vulnerability Assessments
      Remediation Solution Design & Implementation
      Compliance Management
      CIP Training & Awareness
      Internal Audit Assistance & Teaming
      Audit Documentation Repository Solutions
      Resource Staffing & Teaming
      Violation Settlement & Legal Counsel Support
      Service

Compliance Program Management Services - “Critical” & In “Critical Condition”

Challenge: The Gap Analysis Is Complete - Now The Real Work Begins! 

Do You Have An Effective Compliance Program In Place?

FERC Demands “Culture of Compliance”  The importance of developing and maintaining an effective, enterprise wide compliance program has never been more critical.  FERC commissioners and staff have made it clear that they want companies to adopt a “culture of compliance,” there remains some ambiguity over what that means from a practical perspective.  Whether a company is a gas or power asset owner, operator, or user, regulators expect – if not require – the responsible entity to have enterprise wide processes with common practices and systems in place to support the demonstration of compliance.  With the rising stakes and continued uncertainty around how the various CIP Standard Requirements will be enforced, companies cannot afford to address the regulatory risks with inconsistent and uncommon approaches to regulatory compliance. 

Solution:  Compliance Program Design, Implementation, and Management Assistance from Complyant Solutions.

The Gap Analysis Is Complete - Now The Real Work Begins!  Evidence of what is at risk relating to regulatory compliance can be seen in the different enforcement actions that FERC took in 2007.  Do you have strong procedure enforcement practices in place?  Have new policies and procedure been recently drafted?  Have they been fully implemented and are they enforceable?  How you completed periodic compliance audits and reviews to ensure that  you stay on track and are meeting the compliance requirements?  Are your control activities effective AND efficient?  Have all your employees received cyber security training in a timely manner?  Upon review of the individual regulator cases, most interesting are the insights that can derived from the control activities underlying the incidents.  The root causes stemmed from a variety of factors, including poor procedure enforcement, absence of new policies, disregard for internal reporting requirements, weak control functions, and lack of employee training.  Each of these factors suggests the need for developing and deploying an integrated and enterprise wide compliance management approach that can give management confidence that the enterprise as a whole is taking common and consistent steps to address the NERC CIP Regulatory Standards.

Complyant Solutions has developed a Cyber Security Compliance Framework to help utilities navigate through the complex process of meeting the requirements of NERC CIP Regulatory Standards and establishing the basis for a Cyber Security Compliance Management Plan.  We have also assisted responsible entities with developing and reviewing other programs required by regulatory authorities, including comprehensive Sarbanes-Oxley compliance management plans and processes.

Regulatory Standards only define the requirements, timeframes for compliance, the steps and procedures for compliance without actually defining an effective way to comply with the standard. This simply leaves responsible entities to their own devices to address the challenge of compliance.  This is why many companies are choosing Complyant Solutions to assist them in addressing these compliance challenges.  Complyant Solutions has developed a proprietary methodology leveraging many different security standards and tools including NIST, INTL, ISO, and COBIT to create a cyber security compliance baseline to establish metrics to measure compliance.   Our proprietary Cyber Security Compliance Framework defines the effective security areas and controls necessary to meet most regulatory compliance and most specifically the NERC CIP standards.

WE ARE EXPERIENCED PROFESSIONALS YOU CAN TRUST

Complyant Solutions is the industry leader in control system industry compliance management.  Our unparalleled audit and control expertise and in-depth knowledge of emerging technologies and regulatory compliance have made us the first choice of leading companies.  Protect your Critical Cyber Assets and vital business information.  Compete with Control.  Confidence.  Compliance.  Call on experience you can trust:  The Cyber Security Services team at Complyant Solutions.

DON’T WAIT – CONTACT COMPLYANT SOLUTIONS TODAY TO ASSIST YOU WITH DESIGNING AND SUSTAINING YOUR COMPLIANCE MANAGEMENT PROGRAM, CALL COMPLYANT SOLUTIONS AT 248.981.5248. 

 



Disclaimer

© 2010 All Rights Reserved

Complyant Solutions' Cyber Security Practice is an integrated team of cyber security consultants, information and control systems technology specialists, and legal counsel professionals who focus on the unique needs of responsible entities to protect the reliability of the Bulk-Electric System. Within the Cyber Security Practice, our professionals deliver consulting services, technology solutions, and IT operations with energy industry expertise to manage compliance, audits, and enforcement actions with the National Electric Reliability Corporation (NERC) Critical Infrastructure Protection reliability requirements and reduce the risks to the Bulk-Electric System.

Admin