WASHINGTON, D.C. – Staff of the Federal Energy Regulatory Commission (FERC) and the North American Electricity Reliability Corporation (NERC) today published a report on cyber planning for response and recovery that outlines best practices for the electric utility industry.
The joint staffs of FERC and NERC, and the NERC Regional Entities, developed today's report after interviewing subject matter experts from eight electric utilities of varying size and function. The report includes the joint staffs' observations on their defensive capabilities and on the effectiveness of their Incident Response and Recovery (IRR) plans.
The report identifies common elements among the IRR plans: They define their scope, computer security events and incidents, staff roles and responsibilities, levels of authority for response, reporting requirements, requirements and guidelines for external communications and information sharing, and procedures to evaluate performance.
Full Announcement | Cyber Planning for Response and Recovery Study
