November 10, 2014

CIP-006 Physical Security of Critical Cyber Assets

Standard CIP-006-6 is intended to ensure the implementation of a physical security program for the protection of Critical Cyber Assets. Standard CIP-006-6 should be read as part of a group of standards numbered Standards CIP-002 through CIP-009.

Within the text of Standard CIP-006-6, “Responsible Entity” shall mean:

  • Reliability Coordinator
  • Balancing Authority
  • Interchange Authority
  • Transmission Service Provider
  • Transmission Owner
  • Transmission Operator
  • Generator Owner
  • Generator Operator
  • Load Serving Entity
  • NERC
  • Regional Entity

The following are exempt from Standard CIP-006-6:

  • Facilities regulated by the U.S. Nuclear Regulatory Commission or the Canadian Nuclear Safety Commission.
  • Cyber Assets associated with communication networks and data communication links between discrete Electronic Security Perimeters.
  • Responsible Entities that, in compliance with Standard CIP-002-6, identify that they have no Critical Cyber Assets

See the NERC website for more details regarding Critical Infrastructure Protection Standards.


CIP-006 Compliance Software Solution

Learn more about how Gatekeeper helps you exceed CIP requirements. Gatekeeper streamlines CIP compliance auditing with electronic logging, monitoring, and reporting of access to physical areas.