|
|---|
Category:Slides and Viewgraphs
MONTHYEARML23206A2082023-03-14014 March 2023
RIC 2023 W-15 Introductory Presentation: Empowering Advanced Nuclear Deployment with Non-Power Reactors
ML22298A0122022-10-20020 October 2022
Official Transcript of Proceeding Stakeholder Outreach Meeting on the NRC Staff'S SECT-22-0076 Regarding Expansion of Current Policy on Potential Common-Cause Failures in Digital Instrumentation and Control Systems, Pages 1-105
ML22082A2432022-03-31031 March 2022
M220331: Staff Slides - Joint Meeting of the Federal Energy Regulatory Commission and the Nuclear Regulatory Commission
ML22084A4012022-03-31031 March 2022
M220331: Slides - H. Gugel, NERC - Joint Meeting of the Federal Energy Regulatory Commission and the Nuclear Regulatory Commission
ML22084A4022022-03-31031 March 2022
M220331: Slides - D. Huff, H. Polzin, FERC - Joint Meeting of the Federal Energy Regulatory Commission and the Nuclear Regulatory Commission
ML22084A4042022-03-31031 March 2022
M220331: Slides - E. Katz, FERC Opp - Joint Meeting of the Federal Energy Regulatory Commission and the Nuclear Regulatory Commission
ML22084A4032022-03-31031 March 2022
M220331: Slides - FERC-NRC - Joint Meeting of the Federal Energy Regulatory Commission and the Nuclear Regulatory Commission
ML21081A1652021-03-22022 March 2021
David Lochbaum Presentation
ML21194A2492021-03-11011 March 2021
Introductory Remarks - Commissioner Jeff Baran: Analytics, Machine Learning, and Artificial Intelligence for Nuclear Power Plant Activities
ML21015A1992021-01-21021 January 2021
Presentation - NRC Materials Research for Aging Management of Cables
ML20356A2352020-12-0101 December 2020
Day 3 - Program and Presentations of Workshop: Digital Twin Applications for Advanced Nuclear Technologies, December 1 - 4, 2020 - Part 4 of 5
ML20050P1072020-02-25025 February 2020
M200225: Slides - Sena
ML20050P1022020-02-25025 February 2020
M200225: Slides - Griffith
ML20050P1032020-02-25025 February 2020
M200225: Slides - Lyman
ML20050P1242020-02-25025 February 2020
M200225: Slides - Staff
ML20050P1312020-02-25025 February 2020
M200225: Slides - Wilmshurst
ML12053A2092012-02-22022 February 2012
M120222B - Slides, Briefing on Fort Calhoun
ML11228A2312009-08-13013 August 2009
State-of-the-Art Reactor Consequence Analyses (Soarca); Semi-Annual Briefing for Commission Tas
ML11228A2302009-04-14014 April 2009
State-of-the-Art Reactor Consequence Analyses; Semi-Annual Briefing for Commission Technical Assistants
ML11228A2292008-12-17017 December 2008
Soarca Seismic Issue; Briefing for the Commissioners' Technical Assistants
ML11228A2282008-09-10010 September 2008
State-of-the-Art Reactor Consequence Analyses (Soarca); Semi-Annual Briefing for Commission Technical Assistants
ML11228A2272008-06-0202 June 2008
State-of-the-Art Reactor Consequence Analyses; Briefing for Commission Technical Assistants
ML0425400842004-09-0303 September 2004
2-2 Emergency Preparedness & Exclusion Zone Requirements for Indian NPPs - Bajaj
ML0420803352004-07-21021 July 2004
M040721 - Meeting with ACNW (Slides)
ML0313605022003-05-15015 May 2003
M030515 - Briefing on Results of Agency Action Review Meeting. Slides
ML0300602422002-12-0303 December 2002
Slides - Preliminary Results of Environmental Review St. Lucie, Units 1 & 2, 12/03/2002
ML0227003342002-09-27027 September 2002
Status of NRC Staff Review of Fenoc'S Bulletin 2001-01 Response for Davis-Besse with Handwritten Notes
2023-03-14
[Table view]Some use of "" in your query was not closed by a matching "". |
Text
Highlights of the 2021 Report on Lessons Learned from the FERC-led Cybersecurity Audits 1
Lessons Learned Report - Background
- A staff report derived from the Commission's nonpublic CIP compliance audits conducted over the previous fiscal year.
- Issued publicly on an annual basis to help entities assess cybersecurity risk and compliance with mandatory reliability standards and, more generally, facilitate efforts to improve the security of the nations electric grid.
- Contains recommendations to help users, owners, and operators of the BPS improve their compliance with the CIP Standards and their overall cybersecurity posture.
2
Lessons Learned Report - Background
- The CIP audits are conducted by OER staff, with assistance from OE staff.
- Regional Entity and NERC staff actively participate on the audits and have access to all evidence.
- The Lessons Learned Reports are developed collaboratively by OER and OEIS staff.
- Five (5) annual reports with a total of 64 lessons issued to date:
- 2021 Report (14 lessons learned)
- 2020 Report (12 lessons learned)
- 2019 Report (7 lessons learned)
- 2018 Report (10 lessons learned)
- 2017 Report (21 lessons learned) 3
2021 Lessons Learned Report CIP-002
- Enhance policies and procedures to include evaluation of Cyber Asset misuse and degradation during asset categorization.
CIP-003
- Properly document and implement policies, procedures, and controls for low impact Transient Cyber Assets (TCAs).
CIP-004
- Implement a defined workflow to enhance processes for the verification of electronic access, unescorted physical access, and access to BES Cyber System Information (BCSI).
- Base access to BCSI on need to know.
4
2021 Lessons Learned Report CIP-007
- Enhance physical and logical port protection controls for Cyber Assets.
- Review the system access control program periodically to ensure processes and procedures are implemented as documented.
CIP-009
- Enhance recovery and testing plans to include a sample of any offsite backup images in the representative sample of data used to test the restoration of BES Cyber Systems.
5
2021 Lessons Learned Report CIP-010
- Review configuration change management processes periodically and ensure that they are implemented properly.
- Enhance configuration change management procedures and controls to document and account for differences between test and production environments.
- Improve vulnerability assessments to include credential-based scans of Cyber Assets.
- Properly document and implement policies, procedures, and controls for medium and high impact TCAs.
6
2021 Lessons Learned Report CIP-011
- Enhance policies and procedures to include BCSI spillage investigation and response.
- Enhance policies, procedures, and controls to properly track, document and monitor BCSI storage locations.
Internal Controls
- Enhance internal compliance and controls programs to include control documentation processes and associated procedures pertaining to compliance with the CIP Reliability Standards.
7
8