This electricity subsector cybersecurity Risk Management Process (RMP) guideline was developed by the Department of Energy, in collaboration with the National Institute of Standards and Technology (NIST) and the North American Electric Reliability Corporation (NERC). The RMP is written with the goal of enabling organizations— regardless of size or organizational or governance structure—to apply effective and efficient risk management processes and tailor them to meet their organizational requirements. This guideline may be used to implement a new cybersecurity program within an organization or to build upon an organization’s existing internal cybersecurity policies, standard guidelines, and procedures.
For more information about how OE is enhancing the security and reliability of the nation's electric grid and reducing the risk of energy disruptions due to cyber attack, visit the Cybersecurity page.
