I don't normally talk about work, mainly because it's hard to explain exactly what I do outside of "work on computers". Today's a big day at work though, so I'm going to talk a little about it.
A couple of years ago the electric industry got together and agreed to self-regulate cyber and physical security for "critical assets". They came up with a list of nine standards that each contained multiple requirements. What it meant for us is that we had to basically, completely change the way we were doing everything. Procedures had to be written and new processes had to be implemented in order to comply with these standards. The standards have both their good and their bad, but a fair amount of them are probably going to be beneficial to us (and the industry as a whole) in the end.
At any rate, as of tomorrow we have to be "auditably compliant" on all of the standards. Some of them went into effect this time last year, but the rest, and most of the more difficult ones, go into effect tomorrow. So today's the big day. Cross all our "T"s and dot all our "i"s. That kind of thing. We've spent more than two years working towards this day. It's nice to finally be at this point and to feel like we've got it all under control.
Have a good Tuesday.
--Paul
No comments:
Post a Comment