Skip Ribbon Commands
Skip to main content
Critical Infrastructure Protection

​The items below are provided as resources for Critical Infrastructure Protection (CIP) Compliance Monitoring engagements and implementation of the CIP Standards. 

Information on the Technical Feasibility Exception (TFE) process is also included below.  TFEs are currently available for twelve of the CIP Requirements:

  • CIP-005-5, Requirement R1, Part 1.4;

  • CIP-005-5, Requirement R2, Parts 2.1, 2.2, and 2.3;

  • CIP-006-6, Requirement R1, Part 1.3;

  • CIP-007-6, Requirement R1, Part 1.1;

  • CIP-007-6, Requirement R4, Part 4.3;

  • CIP-007-6, Requirement R5, Parts 5.1, 5.6, and 5.7;

  • CIP-010-2, Requirement R1, Part 1.5; and

  • CIP-010-2, Requirement R3, Part 3.2.

When entering a TFE for the CIP Version 5 Standards, an entity has the option to enter BES Cyber Assets (BCAs) or a BES Cyber System (BCS) that has a number of TFE eligible BCAs associated with it.  A Protected Cyber Asset (PCA), Electronic Access Control or Monitoring System (EACM), or Physical Access Control System (PACS) Covered Asset should be entered individually since they cannot be part of a BCS.

The ReliabilityFirst Compliance Data Management System (webCDMS) is used by the Registered Entity to submit requests for TFEs to ReliabilityFirst. 

If you have any questions regarding the CIP Standards or the TFE process, feel free to contact our Compliance Monitoring or Entity Development departments.



Technical Talk with RF Talk with RF4/17/2023 6:00:00 PM256
Technical Talk with RF Talk with RF5/15/2023 8:00:00 PM257
Technical Talk with RF Talk with RF6/12/2023 6:00:00 PM258
Technical Talk with RF Talk with RF7/17/2023 6:00:00 PM259
Technical Talk with RF Talk with RF8/21/2023 6:00:00 PM260



RF issues November 2022 CMEP Update letter issues November 2022 CMEP Update letter2022-11-08T05:00:00.0000000Z