You need to know what you have before you can protect it. This assessment evaluates your BES Cyber System identification, categorization, and impact rating practices across all CIP-002-5.1a requirements β because an accurate asset inventory is the foundation every other CIP standard depends on.
CIP-002 requirements differ based on the impact categorization of your BES Cyber Systems. Select the highest level that applies to your environment. This determines which Attachment 1 criteria and sub-requirements are assessed.
BES Cyber Systems not meeting High or Medium thresholds. No discrete asset-by-asset identification required β but cyber security plan obligations under CIP-003 apply.
BES Cyber Systems meeting Attachment 1 Part 2 criteria. Full discrete identification, CIP Senior Manager approval, and 60-day update obligations apply.
BES Cyber Systems meeting Attachment 1 Part 1 criteria. All R1, R2, R3 requirements apply, including 6-year stability assessments and strictest identification obligations.
Your assessment results and CIP-002 compliance gap report will be emailed to you as a PDF.
Work email required. Gmail, Hotmail, Yahoo etc. not accepted.
You're all set! Redirecting to your assessmentβ¦
Questions are tailored to your selected impact level.