On May 30, 2019, WECC hosted a webinar providing an overview of CIP-013-1 (Supply Chain Risk Management), which will become mandatory and enforceable on July 1, 2020 for responsible entities with High and Medium Impact BES Cyber Systems (BCS). This webinar, led by WECC Senior Compliance Auditor Dr. Joseph Baugh, focused on best practices for entities to consider when developing and implementing a supply chain risk management plan and also provided some preliminary information on its potential audit approach for CIP-013-1.

GridSME has collected its top 10 takeaways from the webinar to help responsible entities in the West begin – or continue – to develop their comprehensive supply chain cyber security risk management program under CIP-013-1.

For more background information from GridSME on CIP-013, you can access additional materials here.