CIP 007 – Cyber Security – Systems Security Management
Purpose: Manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the BES.
- Document enabled ports justification
- Maintain listening ports
- Maintain evidence of configuration files of host-based firewalls and evidence of protection in place against unnecessary physical input/output ports
- Document patch management monitored sources
- Review security patches every 35 days and produce evidence
- Maintain installation records or alternative mitigation plans.
- Produce evidence and records of mitigation
- Deploy system hardening, antivirus, policies, and maintain evidence
- Automates ports, services, user accounts documentation
- Automates (with integration) security patch management
- Documents access evidence
- Maintains and tracks procedural controls
- Configures reminders and workflows to alert appropriate parties
- Helps develop the necessary policies and procedures.
- Automates evidence of ports, services, users and services to meet the requirement
- Centralized document management
- Dynamic evidence population for audits