Page 29 of 44
NERC Reliability Standard Audit Worksheet
asset and not used for time-sensitive protection or time-sensitive control functions. a. For these identified assets, obtain as evidence the devices used to control electronic access and the low impact BES Cyber Systems for which they control access. 2. For each asset identified as containing a low impact BES Cyber System(s) per CIP-002, the Responsible Entity has an obligation to determine the necessary inbound and outbound routable protocol communications between low impact BES Cyber System(s) and Cyber Asset(s) outside the asset containing the low impact BES Cyber System(s) when entering or leaving the asset and not used for time-sensitive protection or time-sensitive control functions. The Responsible Entity must be able to provide a technically sound explanation as to how its electronic access permissions and controls are consistent with the security objective of permitting only necessary inbound and outbound access to low impact BES Cyber Systems. 3. The audit team should assess the effectiveness of the Responsible Entity’s electronic access control plan as well as the Responsible Entity’s adherence to its electronic access control plan. 4. For the inbound and outbound communications that the Responsible Entity has determined to be necessary, the Responsible Entity must identify the electronic access controls used to effectively control access to and from the low impact BES Cyber System(s). 5. The ten reference models included in the Guidelines and Technical Basis section of the Standard provide examples that Responsible Entities may reference for their electronic access controls. Reference models 9 and 10 outline approaches for segmenting network traffic such that there is no routable protocol communications to the low impact BES Cyber System(s). a. Model 9 uses layer-2 network segmentation (VLANs) to control access. The configuration of the devices used to accomplish this must be documented by the Responsible Entity and assessed for its effectiveness in meeting the standard’s objective of controlling access to the low impact BES Cyber System(s). b. In Model 10, a single device receives both serial traffic destined for low impact BES Cyber System(s) and routable traffic destined for non-BES Cyber Asset(s). The device, as depicted in the model, logically isolates the serial traffic from the routable traffic. The configurations for the device must be documented by the Responsible Entity and assessed to determine whether or not the electronic access controls effectively meet the objective of controlling access to the low impact BES Cyber System(s). Attachment 1, Section 5 1. The means of verifying the mitigation of the introduction of malicious code to a low impact BES Cyber System differs depending on whether a Transient Cyber Asset is managed by the Responsible Entity in an ongoing or an on-demand manner. The verification for a Transient Cyber Asset managed in an ongoing manner focuses on the process of preventing malware from being introduced to the Transient Cyber Asset. The verification for a Transient Cyber Asset managed in an on-demand manner
NERC Reliability Standard Audit Worksheet Audit ID: Audit ID if available; or REG-NCRnnnnn-YYYYMMDD RSAW Version: RSAW_CIP-003-7_2019_v1 Revision Date: May 14, 2019 RSAW Template: RSAW2018R4.0 11
Made with FlippingBook - Online magazine maker