NERC CIP Compliance

Whether you are preparing for your next audit or remediating issues from a previous one, Ampere can assist with your most challenging regulatory situations. We’ve seen the NERC CIP compliance world from all sides: as utility compliance staff/management, Regional CIP auditors, and actual drafters of the standards (including interpretations and guidance). We were forged in this industry and we’ve been woven into the NERC CIP fabric since it started. We have deep experience with FERC, NERC and all 6 Regions. We also speak CISA CPGs, ES/ONG-C2M2, CFATS, 62443 and NIS. Compliance is our thing.

Industrial Cybersecurity

Industrial Control Systems (ICS) and Operational Technologies (OT) are our specialty. We are well versed inDHS CIS Cross-Sector Cyber Performance Goals (CPGs), TSA Pipeline Security Directives, API 1164, ES/ONG-C2M2, NIST 800-53/82, IEC 62443, and all of the relevant methodologies, models and frameworks. We won’t launch NMAP on your control network, we come with our own PPE and we’re ready to take your safety training. Most importantly, we approach the security problem with the business in mind. We can help you reduce downtime and operational costs through managing your assets, controlling change, greater process efficiency and faster root cause analysis.

Controls Review, Design & Testing

Reliance on manual processes, spreadsheets and Outlook calendars will only get you so far. Automation and controls can give you measurable efficiency improvements while also reducing your audit scope and making your audits less painful. We speak the language with certified auditors who understand control objectives, control design and control testing. Make sure the process happens reliably, the same way, every time – and make it easy to prove to your auditor. Better controls directly translates into lower risk for all areas of the business. Fluent in NERC CIP, ES/ONG-C2M2, NIST CSF/RMF/800, CMMC, CFATS, IEC-62443 NIS, CAF and BSI.