T&D World Magazine

Software Helps Utilities Comply with Critical Infrastructure Protection Standards

Scalable Software, LLC, has announced two new solutions to help electric utilities comply with upcoming Critical Infrastructure Protection (CIP) standards issued by the North American Electric Reliability Council (NERC). Scalable's NERC CIP solutions provide electric utilities the comprehensive capabilities and services needed to cost-effectively achieve, demonstrate and maintain IT compliance with anticipated NERC CIP standards across Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and corporate networks.

The new NERC CIP standards, expected to take effect in May, are mandated to protect the bulk electric systems in North America. Many electric utilities wanting to get ahead of the curve in preparation for NERC CIP implementation are quickly learning that creating, documenting and managing their policies can be a costly and time-consuming process, in addition to the difficult tasks of deploying and tracking compliance.

Patrick McBride, Scalable's vice president of Compliance Solutions, said many electric companies are finding themselves unprepared for the new challenges set forth by NERC CIP. "With final approval of NERC CIP standards slated for May, NERC CIP compliance is now the top agenda item for CSOs and CISOs in the electric utility industry," said McBride. "Scalable realizes the timeliness associated with achieving NERC CIP compliance and our new solution offerings are exactly what companies need to get started on their NERC CIP IT compliance initiatives."

Scalable's new NERC CIP solutions include both a Quick Start and Multi-Regulatory Compliance offering. Scalable's NERC CIP Quick Start Solution provides the services and capabilities required for utilities to cost-effectively achieve and demonstrate compliance for their initial 2006 NERC CIP audit. The solution is suitable for municipals, cooperatives and other electric utilities, enabling them to:

  • Identify NERC CIP policy and control gaps
  • Rapidly develop and deploy a compliant policy and control framework
  • Create a comprehensive cyber asset inventory
  • Deploy a cost-effective platform for managing ongoing IT compliance costs

Scalable's NERC CIP Multi-Regulatory Compliance Solution provides utilities facing multiple regulatory mandates the capabilities needed to cost-effectively achieve NERC CIP compliance while at the same time satisfying the requirements of other regulatory mandates such as SOX, HIPAA or others. The solution provides customers the critical capabilities needed to:

  • Identify policy and gaps with multiple regulatory mandates
  • Create and deploy a single, rationalized policy and control framework
  • Automate key audit management, compliance assessment and other compliance management processes
  • Deploy Scalable's IT compliance and asset management software throughout the organization
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.