The NERC CIP provides a suite of standards that ensure the overall security of computing systems that directly manage the power grids and all supported subsystems or resources. The NERC CIP was created to protect and secure these systems, primarily from acts of cyberterrorism.

The NERC CIP focuses on nine standards that cover the overall guidelines and security for enforcing governance of underlying systems. These standards incorporate the basics of identifying critical assets, creating control mechanism and logical and physical security of these systems to recover these assets in the event of an incident.

The NERC CIP standards include the following:

• Sabotage reporting
• Personnel and training
• Critical cyber asset identification
• Electronic security perimeters
• Security management controls
• System security management
• Physical security of cyber assets
• Recovery plans for critical cyber assets
• Incident reporting and response management