• Home
  • About Us
  • We Are Different
  • Significant Client Project
  • Training
  • Knowledge
  • Recent FERC & NERC Developments
  • Contact

Are You Ready For Your NERC CIP SPOT CHECK AUDIT? Contact Us Immediately @ 248.981.5248 To Prepare Today!

  • Latest News

  • Insights & Ideas

      Catalyst For Change?
      FERC Demands "Culture of Compliance"

  • Client Login

      Email:
      Password:
      Forgot your password?
      powered by sharefile

  • Services

      CIP Compliance Program Assessment & Implementation
      Risk Based Assessments & Cyber Asset Identification
      Threat & Vulnerability Assessments
      Remediation Solution Design & Implementation
      Compliance Management
      CIP Training & Awareness
      Internal Audit Assistance & Teaming
      Audit Documentation Repository Solutions
      Resource Staffing & Teaming
      Violation Settlement & Legal Counsel Support
      Service

Significant Client Projects

A Brief Recap on Our Success Stories…

“The only answer I can make is thanks, and thanks, and many thanks…” Shakespeare’s Twelfth Night 

I wouldn’t dream of trying to match the literary talents of Shakespeare, but I do want to extend my sincere “Thank you” for our success. I can honestly say that I am very pleased and grateful for all that we have accomplished. Success is sometimes hard to measure because it manifests itself in so many ways. We have enjoyed great success in all corners of our practice…excellent results in our strategic partnerships, increased participation in NERC CIPC working groups and regional cyber security user groups, and an unwavering commitment to client service and satisfaction. 

Our results are impressive! 

All of us at Complyant Solutions are passionate about keeping up the good work, grateful for your confidence in us to provide best of breed cyber security services, and once again, thanks for your commitment to our success.

Sherri Ann Palmer, CISA

Cyber Security Services Practice Leader

Here is a brief recap of a few client projects to share more about our recent successes:

Complyant Solutions was engaged to assist the Nation’s largest Reliability Coordinator prepare for their first NERC CIP Spot Check Audit.  This engagement provided assistance for the FIRST Spot Check Audit perfomed solely by NERC Auditors!   The NERC audit covered the “First Thirteen NERC CIP Reliabilty Standards.”  Complyant Solutions performed activities to identify potential areas of non compliance, provide recomendations for internal control procedures and enhancements, and design and assist with the implementation of newly recommended mitigation plans.  The RC was fully prepared for their first NERC CIP Spot Check including “Measures” and audit evidence used to demonstrate compliance with the requirements of the First Thirteen Standards, completed RSAW’s and Compliance Questionairres cross referenced to all Measures and audit evidence, completed Pre-Audit Survey requested by the NERC Audit Team, and Spot Check documenation and materials.  Moreover, RC employees were provided “auditee” training by the Complyant Solutions Team to assist with thier preparation for the NERC Audit, interviews, and inquiries.

Nations largest independent, SEC reporting electric transmission company serving an area of nearly 80,000 square miles in five states. Service area has a population of more than 13 million people and operates approximately 15,000 circuit miles of overhead and underground transmission lines, carrying more than 25,000 megawatts (or 25 billion watts) of electric power -Complyant Solutions performed threat and vulnerability studies to identify areas where the clients’ data systems were vulnerable to unauthorized access by internal and external individuals through the Internet, other public data networks, asynchronous dial-in ports, and local area networks. Additionally, we have assisted with PeopleSoft Financials upgrades relating to designing and testing internal controls. Most importantly, we provided SEC Sarbanes Oxley pre audit IT controls analysis to ensure regulatory compliance, provide on-going day to day network management, and implementation of NERC CIP compliance procedures. We have also tested outsourced IT services provided by third party vendors to ensure compliance needs are met.

Electric Power Generation Agency serving a population of over 750,000 including urban and rural communities throughout Northern California -Complyant Solutions performed a NERC CIP compliance assessment for the purpose of determining gaps against compliance requirements. The scope of the engagement included remediation planning, solution design and implementation over electronic security perimeter(s) and other CIP requirements, budgetary estimates, and assistance with WECC CIP self assessment compliance reporting. We have also developed their CIP-002 Critical Asset Identification Methodology and assisted in the identification of critical assets and critical cyber assets and development of the associated procedures and audit documentation.

Several NERC Responsible Entities- Development and implementation of CIP-002 Risk Based Assessment Methodology for the purpose of determining Critical Assets and Critical Cyber Assets. Additionally, as part of this project the Methodology Framework, implementation procedures, audit deliverables, and documentation to support evidence of compliance were designed.

Information Security Strategy Assessments- The scope of these projects address an assessment of and organizations information security strategy as it relates to Information Technology, including people, processes, and technology with an emphasis on policy and standards, processes, organizational structure, architecture, tools, and budget.  The assessment is conducted using a framework that consists processes and procedures that focus on identifying potential gaps between and entities information security capabilities, policies and procedures, and security industry standard practices for similar organizations.   Additional emphasis has been placed on Sarbanes-Oxley, NERC CIP, and PCI regulatory requirements.

Load Serving Entities - Complyant Solutions is currently assisting smaller NERC registered entities with meeting their unique NERC CIP compliance needs.  Specifically, we have developed an “appropriate” Critical Asset Identification Methodology and assisted with the identification of critical assets. We have also prepared all of the required CIP-002 audit evidence as required to meet compliance measures.



Disclaimer

© 2010 All Rights Reserved

Complyant Solutions' Cyber Security Practice is an integrated team of cyber security consultants, information and control systems technology specialists, and legal counsel professionals who focus on the unique needs of responsible entities to protect the reliability of the Bulk-Electric System. Within the Cyber Security Practice, our professionals deliver consulting services, technology solutions, and IT operations with energy industry expertise to manage compliance, audits, and enforcement actions with the National Electric Reliability Corporation (NERC) Critical Infrastructure Protection reliability requirements and reduce the risks to the Bulk-Electric System.

Admin