The NERC CIP Evidence Request Tool (ERT) brings structure to the documentation and presentation of data and evidence for the benefit of both registered entities and regulators. The ERT is being adopted by all NERC regions as a key element of CIP audits.
Without the right preparation, the ERT will be a challenging and time-consuming exercise of searching for or data and evidence, extracting it from the source, and transposing it into the ERT format. However, with some advanced planning, entities can leverage techniques and software that will make ERT reporting much easier, while improving the overall quality of cybersecurity programs.
This white paper explores:
- The core requirements and structure of the (ERT)
- The essential role of automation as a dynamic element in the cyber landscape
- Considerations for centralizing, reporting and controlling CIP data