Industries RIDM - Regulations, Guidelines and Manuals
- » March 14, 2018 WebEx – FERC Security Program Requirements and Cyber Brief
- » May 31, 2017 WebEx – Webinar Controlling Security Sensitive Material
- » March 8, 2017 WebEx - Revision 3A and Cyber Briefing
- » May 11, 2016 WebEx – Revision 3A and Cyber Briefing
- » Security Document Revision 3A
- » Revision 3 and 3A Changes
- » Frequently Asked Question to Revision 3 and 3A (FAQs)
- » FERC Hydro Cyber/SCADA Security Checklist – Form 3 (fillable)
Guide on Best Practices for Controlling Security Sensitive Material. The guide is a starting point for information security planning and proposes a range of Security Sensitive Material protection strategies with examples of how to identify and manage sensitive information. The guide is not prescriptive and is not intended to substitute as policy or set any minimum standard for compliance.
Security Assessment Template for Group 2 Dams - A template for the Security Assessment of Group 2 dams has been prepared from a joint effort between a volunteer licensee group and FERC staff. The template consists of three parts: (1) a Microsoft Word file formatting the assessment methodology, assessment findings, recommendations and conclusions in sufficient detail to satisfy the Security Program requirements; (2) The FERC Hydro Security Inspection Form, to be filled out by the licensee (included in the MS Word base report form; and, (3) a Microsoft Excel spreadsheet used to evaluate all the security components applicable to all critical assets identified at the site. An analysis of foot, land, and water avenues of approach are included in the spreadsheet. Use of this template is not a requirement, and is provided for licensee consideration on a voluntary basis.
Sample Security Plan - A sample of a Security Plan was requested from several FERC licensees. The following (redacted) document has been created by a volunteer licensee group to fulfill that purpose. Use of this format is not a requirement, and is provided for licensee consideration on a voluntary basis only. Other Security Plan formats and content will be considered by the FERC.
Security Letters - The following letters were issued by FERC
regarding security concerns at hydropower dams after September 11,
- » January 23, 2009
- » January 16, 2009
- » March 5, 2003
- » November 18, 2002
- » June 7, 2002
- » November 21, 2001
- » October 16, 2001
Dam Assessment Matrix for Security and Vulnerability Risk (DAMSVR) - DAMSVR is a vulnerability assessment methodology for dams developed by FERC, USBR, USACE, ASDSO, and Foos Associates LLC (now Security Management Solutions).