Dictionary · NERC CIP-003-6 (Security Management Controls) v6

To deal with an issue.

To officially accept as satisfactory.

To record something in detail through photography, writing, or other form.

To keep in possession.

To supply or make something available for use.

To gain, secure, or acquire something, usually by planned action or effort.

To examine or evaluate formally with the intent of making changes if necessary.

To answer or say something in reply.

To experience or go through.

The act or process of making or becoming different; altering.

To modernize or bring up to date.

To establish, indicate, or verify who or what someone or something is.

To formally announce.

To manage the operation, function, or behavior of a person or thing.

To have or maintain possession of something.

To put a new system into effect.

The purpose of this task is to systematically examine an information system or product to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of proposed security measures, and confirm the adequacy of such measures after implementation.

Official permission or approval given by the senior executives of an organization.

An administrative action officially declaring a particular individual requires access to specified sensitive or classified information in order to perform their assigned duties.

The word or phrase by which an individual, family, organization, or thing is known or referred to.

Information regarding a failure to act in accordance with applicable standards and regulations.

The act of giving notice of or reporting something formally or officially.

The ability of people to physically gain access to a computer system or facility.

People who are employed by and work directly within an organization.

Devices that relies on the proper application of physical barriers and deterrents to control behavior. It's through the use of physical controls that an organization controls physical access to facilities and systems. They also assist in maintaining the operating environments necessary to continue information processing and delivery activities.

Strengthen or support, especially with additional personnel or material.

A Cyber Security Incident that has compromised or disrupted one or more reliability tasks of a functional entity.

Any group or even individual with an organization that has been given a particular responsibility for a particular process.

An action taken that addresses an incident and assesses the level of containment and control activity required.

The protection of Bulk Electronic System (BES) Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electronic System (BES).

To ascertain the performance, reliability, or quality of something.

The purpose of this task is to teach a person or animal a skill or behavior.

The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.

In Information Technology: the combination of logical and physical components and resources and are grouped into the specific classes (information, systems, software, hardware, people).

The protection of assets from theft, vandalism, natural disasters, and accidental damage.

An individual entry in an audit log related to an audited event.

The verification of the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system.

One or more Bulk Electric System (BES) Cyber Assets logically grouped by a responsible entity to perform one or more reliability tasks for a functional entity.

A situation that involves or threatens to involve one or more of the following, or similar, conditions that impact safety or Bulk Electric System (BES) reliability: a risk of injury or death; a natural disaster; civil unrest; an imminent or existing hardware, software, or equipment failure; a Cyber Security Incident requiring emergency assistance; a response by emergency services; the enactment of a mutual assistance agreement; or an impediment of large scale workforce availability.

A single senior management official with overall authority and responsibility for leading and managing implementation of and continuing adherence to the requirements within the NERC CIP Standards, CIP-002 through CIP-011.

The act of distributing things into classes or categories of the same type.

This Triggering Event takes place when the condition of someone or something does not conform to the documented policies and standards has been discovered.

A process for managing configuration changes and variances in configurations.

A step-by-step outline of the processes and procedures to be performed to bring a cyber system back to working order after an incident has occurred.

Formal document that provides an overview of the cybersecurity requirements for an Information Technology and industrial control system and describes the cybersecurity controls in place or planned for meeting those requirements.

The process of managing and resolving cybersecurity events that disrupt the organization's operations and restoring services.

Actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein.

The series of actions and processes associated with a security event associated with 'cyberspace' (i.e. the Internet, corporate networks, etc.).

The functions and duties of personnel who are responsible for triaging, and resolving events regarding cybersecurity events that disrupt operations and alerting interested personnel and affected parties in conformance with pertinent standards.

The extent to which individuals of an organization or those who have access to an organizations information understand their individual responsibilities regarding cybersecurity risks and the need to identify, assess, and mitigate these risks in light of the increasing volume and sophistication of cyber threats.

A set of criteria for the provision of security services.

A detailed description of the steps necessary to implement cybersecurity in conformance with applicable standards.

Authorizing subordinates to make certain decisions.

A detailed description of the steps necessary to assign a task or responsibility to another role in conformance with applicable standards.

The state of being connect through standard phone line and analog modem to access the Internet at data transfer rates (DTR) of up to 56 Kbps.

The process of making or arriving at a decision.

The Electricity Sector Information Sharing and Analysis Center (ES-ISAC) shares critical information with industry participants about infrastructure protection. The ES-ISAC serves the electricity sector by facilitating communications between electricity sector participants, federal governments, and other critical infrastructures. It is the job of the ES-ISAC to promptly disseminate threat indications, vulnerabilities, analyses, and warnings, together with interpretations, to help electricity sector participants take protective actions.

The logical border surrounding a network to which Critical Cyber Assets are connected and for which access is controlled.

A cyber asset that performs electronic access control of the Electronic Security Perimeter(s) or BES Cyber Systems.

Information used to establish facts.

A term referring to a grouping of users.

The process or act of establishing who or what someone or something is.

The purpose of this task is to use hotlines and emergency contacts to alert the appropriate individuals to the occurrence of a security event.

Make part of a whole or set.

The direction and supervision of activities undertaken to restore service and operations after a disruption.

A human being.

The process of creating incident response plans.

The measures taken so that information and information systems are protected from unauthorized access, use, disclosure, disruption, modification, or destruction.

User-initiated access by a person employing a remote access client or other remote access technology using a routable protocol. Remote access originates from a Cyber Asset that is not an Intermediate System and not located within any of the Responsible Entity’s Electronic Security Perimeter(s) or at a defined Electronic Access Point (EAP). Remote access may be initiated from: 1) Cyber Assets used or owned by the Responsible Entity, 2) Cyber Assets used or owned by employees, and 3) Cyber Assets used or owned by vendors, contractors, or consultants. Interactive remote access does not include system-to-system process communications.

A particular point or position in space.

Direct user-initiated interactive access or a direct device-to-device connection to a low impact BES Cyber System(s) from a Cyber Asset outside the asset containing those low impact BES Cyber System(s) via a bi-directional routable protocol connection. Point-to-point communications between intelligent electronic devices that use routable communication protocols for time-sensitive protection or control functions between Transmission station or substation assets containing low impact BES Cyber Systems are excluded from this definition (examples of this communication include, but are not limited to, IEC 61850 GOOSE or vendor proprietary protocols).

A Cyber Asset interface that controls Low Impact External Routable Connectivity. The Cyber Asset containing the LEAP may reside at a location external to the asset or assets containing low impact Bulk Electric System (BES) Cyber Systems.