NERC’s Board of Trustees recently approved a set of 13 documents that comprise the Security Guidelines for the Electricity Sector. These guidelines, prepared by the Critical Infrastructure Protection Advisory Group, are intended to assist the electricity sector respond effectively to a spectrum of threats ranging from simple trespassing to dedicated acts of terror and sabotage by perpetrators whose actions may be cyber or physical in nature.

The guidelines describe general approaches, considerations, practices, and planning philosophies in each of the following areas:

  • Security Guidelines Overview

  • Vulnerability and Threat Assessment

  • Threat Response

  • Emergency Plans

  • Continuity of Business Practices

  • Communications

  • Physical Security

  • Cyber Security

  • Risk Management

  • Access Controls

  • IT Firewalls

  • Intrusion Detection

  • Employment Background Screening

  • Protecting Potentially Sensitive Information



These guidelines are advisory in nature. Each organization is expected to assess its usefulness within the context of its operating environment and subject to its own evaluation of its vulner-ability and risk to its perceived spectrum of threats. Furthermore, these guidelines are intended to be “living” documents. They will evolve just as the threats and challenges to the electric in-frastructure and the tools used to meet those threats and challenges continue to evolve. To download the guidelines, go to: www.nerc.com/~filez/cipfiles.html. –