NERC CIP Compliance

Automate data collection for audit success.

Continual compliance with NERC CIP regulations is best managed through automated data collection and on-demand reporting from pre-populated report libraries within the Industrial Defender ASM.


Industrial Defender ASM for NERC Compliance

Meeting the requirements for NERC CIP is no easy task. To reduce the challenge of meeting compliance, Industrial Defender ASM® offers the most advanced and comprehensive NERC CIP compliance solution that empowers electric utilities to ensure compliance both with version 3 and version 5. From the PLCs on the plant floor to servers in your data center, Industrial Defender ASM automatically collects the necessary information across your heterogeneous asset base, analyzes it, reports anomalies, and provides turnkey solutions to ease the compliance reporting burden.

Platform Compliance Benefits:

  • Maintain a current and accurate asset inventory with continuous notification of any deviation from baselines
  • Simplify monitoring and management with a centralized device baseline configuration repository
  • Ensure system performance and reliability standards are met with configuration monitoring and exception notification
  • Automate and streamline the compliance audit process without recurring consulting services
  • Support both normal management operations and periodic compliance audits with continuous and on-demand reporting and on-demand reporting
Report Guide:

Capabilities, Features and Reports for NERC CIP v5 Success

With Industrial Defender ASM your peers have successfully reduced compliance documentation preparation by 80%!

Download the NERC CIP Report Showcase to review a collection of sample reports the Industrial Defender ASM compliance reporting application can produce to demonstrate compliance with various NERC CIP audit requirements to save time and money and improve operational effectiveness.


NERC CIP version 5

To ensure compliance with the requirements, and ultimately avoid fines, begin collecting and documenting evidence from your control systems and substations now.

Find out how our solution facilitates audit success.


Examine How Industrial Defender ASM Maps to v5 Requirements

Industrial Defender ASM Automates
compliance with these requirements
002BES Cyber System Categorization 003Security Management Controls 004Personnel & Training 005Electronic Security Perimeter 006Physical Security of CCAs 007System Security Management 008Incident Reporting and Response Planning 009Recovery Plans for CCAs 010Change Management and Vulnerability 011Information Protection
Impact Rating Awareness Recovery Plan Specifications
15 Month Review Management Approval Cyber Security Training Visitor Control Program Implementation and Testing
  Leadership Personnel Risk Assessment   PACS Maintenance and Testing Review, Update and Communicate Review, Update and Communicate  
  Delegation   Physical Access Controls        

5 Tips for NERC CIP v5 Audit Success

Here’s a sampling of Industrial Defender ASM™ features helping customers today:



Access Revocation

Know who has access to your assets.

Use Case: An employee has been terminated at the end of the work day. As per NERC CIP-004-5.1 Access Revocation, this user’s remote access to assets must be removed within 24 hours of the termination.

  • The challenge is identifying all assets on which the employee has a user account meeting the 24-hour time frame requirement.
  • The solution is using Industrial Defender ASM to automate finding all devices and systems with a designated user account and creating time stamped documentation of disabled user accounts.
centralize audit documentation NERC


Systems Security Management

Automate and centralize audit documentation.

The Work Automation component of Industrial Defender ASM can be used to document the patching steps for assets within your environment. The collaboration capability of this component allows multiple teams to participate in the patch process. The tool guides teams through the patch process providing the time frame, asset lists, related documents, reports, approvers and auditing logs needed for a successful project in a single, centralized location.

Work Automation is just one feature of the Industrial Defender ASM platform that helps organizations comply with NERC CIP-007-5 Cyber Security – Systems Security Management.

Export Users for NERC Compliance


Export User Settings

Export feature to ease compliance.

Latest Industrial Defender ASM 6.2 feature release serves compliance needs. Watch the demo to see how you can use the EXPORT USER SETTINGS feature to assist with:

  • NERC CIP compliance
  • Disaster recovery
  • QA to a production migration
  • FleetView deployment


NERC CIP v5 Reporting

Ready-to-go reports.

Industrial Defender ASM™ comes with built-in reports for six CIPs providing the base needed to generate over 90 unique reports!

  • Automated data collection. The data needed to satisfy NERC CIP v5 reporting can be automatically captured using Industrial Defender ASM. Operators do not need to manually visit each system or device in order to perform data collection. This is a huge time saving feature for everyone!
  • Continuous monitoring. Industrial Defender ASM provides the ability to continuously monitor and report on devices in real-time. Gone are the days of using Excel spreadsheets to store static device data once every couple of years. Continuous monitoring improves situational awareness and an organization’s security posture while ensuring up-to-date, on-demand reports for audit success.


No-reboot Deployment

Prepare for success.

We asked NERC audit experts, what’s the key to CIP-010 audit success? Answer – start now and automate. Find out how quickly you can be automating collection of configuration change evidence. Talk with an ICS specialist today about our no-reboot deployment.


Industrial Defender ASM

The platform behind the success.