Electric Utility Cybersecurity Risk Management Guide
The electricity subsector1 cybersecurity Risk Management Process (RMP) guideline has been developed by a team of government and industry representatives to provide a consistent and repeatable approach to managing cybersecurity risk across the electricity subsector. It is
intended to be used by the electricity subsector, to include organizations responsible for the generation, transmission, distribution, and marketing of electric power, as well as supporting
organizations such as vendors. The RMP is written with the goal of enabling organizations— regardless of size or organizational or governance structure—to apply effective and efficient
risk management processes and tailor them to meet their organizational requirements. This guideline may be used to implement a new cybersecurity program within an organization or to build upon an organization’s existing internal cybersecurity policies, standard guidelines, and
Download "Cybersecurity Risk Management Process Guideline - Final - May 2012.pdf"