From us-nerc-cip
NERC Critical Infrastructure Protection expert. Reference-depth framework plugin with scope determination, evidence checklist, and SCF-backed assessment guidance for BES Cyber Systems.
How this skill is triggered — by the user, by Claude, or both
Slash command
/us-nerc-cip:us-nerc-cip-expertThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Reference-depth expertise for **NERC Critical Infrastructure Protection (CIP)**
Reference-depth expertise for NERC Critical Infrastructure Protection (CIP)
Reliability Standards, represented in SCF as usa-federal-nerc-cip-2024. This
plugin bundles the SCF crosswalk (122 SCF controls to 204 framework controls)
with NERC CIP-specific assessment context.
usa-federal-nerc-cip-2024NERC CIP is the cybersecurity and physical security standards family for Bulk Electric System (BES) reliability. It focuses on identifying BES Cyber Systems, categorizing impact, protecting electronic and physical perimeters, managing personnel risk, hardening systems, responding to incidents, recovering from events, protecting information, and managing supply chain risk. For GRC work, the assessor needs to see repeatable evidence tied to registered functions, assets, impact ratings, and Reliability Standard requirements.
NERC Reliability Standards apply across interconnected North American bulk power system jurisdictions through NERC, Regional Entities, and applicable regulatory authorities. Scope analysis starts with registered entity functions such as BA, DP, GO, GOP, RC, TO, TOP, and TP, then maps Facilities, assets, BES Cyber Systems, Electronic Security Perimeters, Physical Security Perimeters, and associated cyber assets. Do not treat NERC CIP as a generic IT security framework; applicability depends on BES reliability functions and asset impact categorization.
Evidence usually centers on CIP-002 BES Cyber System categorization records, asset inventories, impact rating rationale, security management controls, personnel training and risk assessment records, access authorization lists, electronic access control evidence, physical access control evidence, system hardening baselines, vulnerability assessments, patch management records, incident response plans and exercises, recovery plans and tests, protected information handling procedures, and supply chain risk management plans.
Cadence varies by CIP standard and requirement. Assessors should preserve the entity's compliance calendar, recurring evidence, dated approvals, test results, change records, and exception handling. Incident response, recovery testing, access reviews, vulnerability assessments, patch evaluation, configuration change management, and training records need dates and scope that align with the specific requirement being assessed.
NERC develops and enforces Reliability Standards with Regional Entities; FERC approves and enforces standards in the United States. Non-compliance can lead to findings, mitigation plans, settlement activity, penalties, and enhanced oversight. Assessment output should separate control evidence and likely gaps from legal conclusions about violation risk or penalty exposure.
NERC CIP overlaps with NIST CSF, NIST 800-53, ISO 27001, CIS Controls, and utility-specific operational technology security programs. Use the SCF crosswalk for control mechanics, but keep NERC CIP reporting focused on BES Cyber System categorization, registered functions, impact ratings, audit-ready evidence, and Reliability Standard requirement structure.
/us-nerc-cip:scope - determine applicability/us-nerc-cip:assess - run a gap assessment/us-nerc-cip:evidence-checklist - enumerate evidence requirementsAll three delegate to /grc-engineer:gap-assessment with SCF framework ID
usa-federal-nerc-cip-2024 for the control-by-control mechanics, and wrap the
results in NERC CIP-specific terminology.
Full-depth plugins add framework-specific workflow commands tied to the audit ritual. Candidates for this framework:
/us-nerc-cip:bes-cyber-system-scope - build or review CIP-002
categorization and impact-rating evidence./us-nerc-cip:access-review-pack - assemble CIP access authorization,
revocation, and review evidence./us-nerc-cip:vulnerability-and-patch-review - assess vulnerability
assessment, patch evaluation, mitigation, and exception evidence./us-nerc-cip:incident-exercise-review - review incident response plan,
testing, lessons learned, and reportability evidence.Guides completion of development work by verifying tests, detecting environment, and presenting structured options for merge, PR, or cleanup.
Guides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.
Dispatches multiple subagents concurrently for independent tasks without shared state. Use when facing 2+ unrelated failures or subsystems that can be investigated in parallel.
4plugins reuse this skill
First indexed Jul 18, 2026
npx claudepluginhub vantainc/claude-grc-engineering --plugin us-nerc-cip