Dictionary · NERC CIP-008-5 (Incident Reporting & Response Planning) v5

To serve as a foundation, underlying support, or starting point for something.

To arrange information, things, or a group of people in classes or categories according to shared qualities or characteristics.

To establish, indicate, or verify who or what someone or something is.

To put a new system into effect.

The act of modernizing or bringing someone or something up to date.

To carry out an action, task, or function.

To keep in possession.

To have or maintain possession of something.

To state or describe exactly the nature, scope, or meaning of something.

To establish or ascertain exactly as a result of research or calculation.

To connect or bring relation to someone or something with something else in one's mind.

To record something in detail through photography, writing, or other form.

To put into action.

To keep up; continue a condition or situation; carry on.

To give someone facts or information about something, typically in an official or formal manner.

To answer or say something in reply.

A variation that departs from the standard or norm.

An individual entry in an audit log related to an audited event.

The failure to achieve performance criteria of a regulation or authority.

An action-based exercise where personnel rehearse reactions to an incident scenario, drawing on their understanding of plans and procedures, roles, and responsibilities.

This role focuses on human individuals, partnerships, corporation, limited liability companies, trusts, estates, cooperatives, associations, sole proprietorships, joint stock companies, joint ventures, or other legal entity. Any process or activity that fits into one of these categories should be assigned to this role.

A sequence of steps for doing or achieving something.

A particular series of actions or steps to bring about a certain outcome; series of procedures.

Anything that is put down in permanent form and preserved as evidence.

A Cyber Security Incident that has compromised or disrupted one or more reliability tasks of a functional entity.

A formal statement of a necessary condition; something needed.

Any group or even individual with an organization that has been given a particular responsibility for a particular process.

A set of responsibilities defined in a process and assigned to a person or team.

The position and collection of tasks, duties, obligations that participants undertake to complete a project.

The steps taken during an incident. An incident response plan brings together and organizes the resources for dealing with any event that harms or threatens the security of information assets. Such an event may be a malicious code attack, an unauthorized access to information or systems, the unauthorized use of services, a denial of service attack, or a hoax.

To demonstrate or prove.

A discussion-based exercise where personnel with roles and responsibilities in a particular IT plan meet in a classroom setting or in breakout groups to validate the content of the plan by discussing their roles during an emergency and their responses to a particular emergency situation. A facilitator initiates the discussion by presenting a scenario and asking questions based on the scenario.

To ascertain the performance, reliability, or quality of something.

This limits a Control or Mandate's secondary verb to be put into play as something is happening.

The state of being in accordance with laws, regulations, industry codes, organizational standards, or contractual arrangements.

The North American Electric Reliability Corporation (NERC) or the Regional Entity in their respective roles of monitoring and enforcing compliance with the NERC Reliability Standards.

A group of people that prepares for and resolves events that disrupt an organization's cybersecurity operations.

Actions taken through the use of computer networks that result in an actual or potentially adverse effect on an information system and/or the information residing therein.

The series of actions and processes associated with a security event associated with 'cyberspace' (i.e. the Internet, corporate networks, etc.).

A subset of information in an electronic format that allows it to be retrieved or transmitted. (CNSSI-4009)

The Electricity Sector Information Sharing and Analysis Center (ES-ISAC) shares critical information with industry participants about infrastructure protection. The ES-ISAC serves the electricity sector by facilitating communications between electricity sector participants, federal governments, and other critical infrastructures. It is the job of the ES-ISAC to promptly disseminate threat indications, vulnerabilities, analyses, and warnings, together with interpretations, to help electricity sector participants take protective actions.

Information used to establish facts.

Something done or performed for a specific purpose.

Make a logical or causal connection.

Make part of a whole or set.

A detailed description of the steps necessary to identify, analyze, and correct incidents in order to return service back to normal as quickly as possible and in conformance with applicable standards.

Any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including textual, numerical, graphic, cartographic, narrative, or audiovisual.

A set of statements captured after completion of a project or a portion of a project that describes in a neutral way what did or did not work, along with a statement regarding the risk of ignoring the lesson.