Supply Chain Working Group (SCWG)

​The NERC Board of Trustees (Board) may, on occasion, request technical expertise in developing and prioritizing Compliance products. The Reliability and Security Technical Committee (RSTC) supports these requests through the SCWG on an ad hoc basis.

SCWG Objectives/Duties

  • The RSTC will oversee the SCWG.
  • The SCWG will maintain a roster of technical cyber and operations security experts from the RSTC voting members, alternate members, and other willing participants and conduct the following activities (items from the NERC Board resolution are listed as primary objectives):
  • NERC Board: Identify known supply chain risks and address though guidance documentation or other appropriate vehicles including input to NERC Alerts or the E-ISAC advisories.
  • NERC Board: Partner with National Laboratories to identify vulnerabilities in legacy equipment and develop mitigation practices.
  • NERC Board: Assist where possible the E-ISAC efforts to engage Department of Energy and Department of Homeland Security to explore information sharing and supply chain risk assessments.
  • NERC Board: Assist NERC staff by providing input and feedback associated with the development and execution of supply chain documents.
  • Coordinate with the North American Transmission Forum (NATF) and other industry groups as appropriate to ensure bulk power system (BPS) asset owner supply chain security requirements are clearly articulated.
  • Develop other guidance where needed under the direction of the RSTC.


 Supply Chain Security Guidelines

Cyber Security Risk Management Lifecycle
Guideline | Presentation | Webinar

Guideline | Presentation | Webinar

Risk Considerations for Open Source Software
Guideline | Presentation | Webinar

Risks Related to Cloud Service Providers
Guideline | Presentation | Webinar

Secure Equipment Delivery
Guideline | Presentation | Webinar

Vendor Incident Response
Guideline | Presentation | Webinar

Vendor Risk Management Lifecycle
Guideline | Presentation | Webinar

Procurement Language
 Guideline |Presentation | Webinar