June 29, 2018

The “NATF Supply Chain Risk Management Guidance” and “NATF CIP-013-1 Implementation Guidance” documents have been posted to the NATF public website for industry use.  

The “NATF Supply Chain Risk Management Guidance” white paper describes practices for establishing and implementing a supply chain cyber security risk management plan.  “NATF CIP-013-1 Implementation Guidance” is an associated document that the NATF has submitted to NERC for consideration as Implementation Guidance as an approach to comply with CIP-013.

These documents are geared to benefit members and the industry and respond to the NERC board resolution of August 2017 where it asked for industry assistance via the drafting of white papers.