Version 4 Critical Infrastructure Protection Reliability Standards

Under section 215 of the Federal Power Act, the Federal Energy Regulatory Commission (Commission) approves eight modified Critical Infrastructure Protection (CIP) Reliability Standards, CIP-002-4 through CIP-009-4, developed and submitted to the Commission for approval by the North American Electric Reliability Corporation (NERC), the Electric Reliability Organization certified by the Commission. The CIP Reliability Standards provide a cybersecurity framework for the identification and protection of "Critical Cyber Assets" to support the reliable operation of the Bulk-Power System. Reliability Standard CIP-002-4 requires the identification and documentation of Critical Cyber Assets associated with "Critical Assets" that support the reliable operation of the Bulk-Power System and introduces "bright line" criteria for the identification of Critical Assets. The Commission approves the related Violation Risk Factors, Violation Severity Levels with modifications, implementation plan, and effective date proposed by NERC.