What is NERC CIP?

The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards are a set of regulatory standards that address the security and safety of the cyber systems critical to the operation of the North American Bulk Electric System. These standards include requirements outlining the minimum controls and policies that must be implemented by asset owners and operators to address cyber asset identification, access control and monitoring, system management, information protection, incident identification, and incident response.  The overarching goal of the standards is the assurance of safe and reliable electric system operations. 


End-to-End CIP Training

The NERC CIP Cyber Security Training utilizes a proven framework addressing every required training topic and provides an opportunity for entities to train on their own cyber security policies.  The training includes 13 modules aimed at changing user behavior and reducing risks identified in the cyber security awareness training requirements of CIP-004-6 R1 and CIP-003-6 R2, Attachment 1. The SANS NERC CIP training clarifies topic areas that can be confusing for compliance teams. Since the early days of CIP, the SANS CIP team has worked with regulators and monitors the activity of standards development teams, NERC CIPC, and regional CIP committees and user groups to stay on top of the latest developments.


Learn the Essentials of NERC in a Live Setting

Involved in supporting a NERC CIP program but don't know best practices in NERC CIP protection standards? We've got you covered. Go beyond Security Awareness training by enrolling your staff in ICS456: The Essentials for NERC Critical Infrastructure Protection. It's a live, 5-day training course that empowers students with knowledge of the "what" and the "how" of the version 5/6 standards. Give them the information they need to identify and categorize BES Cyber Systems and help determine practical approaches to meeting NERC CIP compliance and its cyber security objectives. Our students love it!


This is best-in-class NERC CIP training. The courseware provides valuable compliance approaches and software tools for peer collaboration to build consent on implementation."

- Jeff Mantong, Western Area Power Administration (WAPA) , Student at: ICS 456: Essentials for NERC Critical Infrastructure Protection

NERC Expert-Led Cyber Security Training

Our in-house team of experts, a former NERC officer, former directors of CIP Compliance departments and an advisory panel of industry practitioners created the SANS NERC CIP Cyber Security Training. They aligned the content exactly to each of the NERC requirements: When you sit down across the table from your auditor you can be confident they'll clearly see how your training program meets the standard requirements.

Learn more about Our Experts

Who is behind the SANS Security Awareness? Learn more about our experts and the deep level of insight they provide on every possible cyber threat. 

NERC CIP Training Modules

  • Terms and Definitions
  • Operating Interconnected and Interdependent BES Cyber Systems
  • Asset Identification and Requirement Applicability
  • NERC CIP Policy Requirements
  • Electronic Access Controls
  • Physical Access Controls
  • Protecting BES Cyber System Information
  • Incident Response
  • BES Cyber System Recovery
  • CIP-014 Overview