Page 28 of 44
NERC Reliability Standard Audit Worksheet
Incident; (2) using a drill or tabletop exercise of a Reportable Cyber Security Incident; or (3) using an operational exercise of a Reportable Cyber Security Incident. Attachment 1, Section 4.6 Verify the Responsible Entity updated each Cyber Security Incident response plan, if needed, within 180 calendar days after completion of a Cyber Security Incident response plan(s) test or actual Reportable Cyber Security Incident. Attachment 1, Section 4 Verify the Responsible Entity is prepared to achieve the security objective of minimizing the adverse impact to the BES of a possible Cyber Security Incident affecting low impact BES Cyber Systems. Attachment 1, Section 5.1, 5.2 Verify the Responsible Entity has documented one or more plans to mitigate the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Transient Cyber Assets. Attachment 1, Section 5.1, 5.2 Verify the Responsible Entity has implemented its plans to mitigate the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Transient Cyber Assets. Attachment 1, Section 5.1, 5.2 Verify the Responsible Entity has achieved the objective of mitigating the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Transient Cyber Assets. Attachment 1, Section 5.3.1 Verify the Responsible Entity has documented one or more plans to detect malicious code on Removable Media using a Cyber Asset other than a BES Cyber System. Attachment 1, Section 5.3.2 Verify the Responsible Entity has documented one or more plans to mitigate the threat of detected malicious code on the Removable Media prior to connecting Removable Media to a low impact BES Cyber System. Attachment 1, Section 5.3 Verify the Responsible Entity has implemented its plans to mitigate the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Removable Media. Attachment 1, Section 5.3 Verify the Responsible Entity has achieved the objective of mitigating the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Removable Media. Note to Auditor: Attachment 1, Section 3 1. For each asset identified as containing a low impact BES Cyber System(s) per CIP-002, the list of assets should identify those assets that have routable protocol communications between low impact BES Cyber System(s) and Cyber Asset(s) outside the asset containing the low impact BES Cyber System(s) when entering or leaving the
NERC Reliability Standard Audit Worksheet Audit ID: Audit ID if available; or REG-NCRnnnnn-YYYYMMDD RSAW Version: RSAW_CIP-003-7_2019_v1 Revision Date: May 14, 2019 RSAW Template: RSAW2018R4.0 10
Made with FlippingBook - Online magazine maker