[Federal Register Volume 77, Number 100 (Wednesday, May 23, 2012)]
[Notices]
[Pages 30517-30518]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-12484]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF ENERGY


Electricity Subsector Cybersecurity Risk Management Process

AGENCY: Office of Electricity Delivery and Energy Reliability, 
Department of Energy.

ACTION: Notice of publication.

-----------------------------------------------------------------------

SUMMARY: This serves as public notification of the publication, by the 
Department of Energy (DOE) of the Electricity Subsector Cybersecurity 
Risk Management Process guideline. The guideline describes a risk 
management process that is targeted to the specific needs of 
electricity sector organizations. The objective of the guideline is to 
build upon existing guidance and requirements to develop a flexible 
risk management process tuned to the diverse missions, equipment, and 
business needs of the electric power industry. The document was posted 
on May 23, 2012.

FOR FURTHER INFORMATION CONTACT: Request for additional information 
should be directed to Matthew Light at [email protected], phone 
202-316-5115.

SUPPLEMENTARY INFORMATION: DOE has published the document entitled: 
Electricity Subsector Cybersecurity Risk Management Process. The 
primary goal of this guideline is to describe a risk management process 
that is targeted to the specific needs of electricity sector 
organizations. The objective of the guideline is to build upon existing 
guidance and requirements to develop a flexible risk management process 
tuned to the diverse missions, equipment, and business needs of the 
electric power industry.
    The Electricity Subsector Cybersecurity Risk Management Process 
guideline was developed by the DOE, in collaboration with the National 
Institute of Standards and Technology (NIST), the North American 
Electric Reliability Corporation (NERC), and representatives from both 
the public and private sector. Additionally, the document was provided 
to the public during two public comment periods. The NIST Special 
Publication 800-39, Managing Information Security Risk provides the 
foundational methodology for this document.
    The Electricity Sector Cybersecurity Risk Management Process 
Guideline is available at: http://energy.gov/node/368191.

    Authority: Homeland Security Presidential Directive 7 (HSPD-7).


[[Page 30518]]


    Issued at Washington, DC on May 18, 2012.
Patricia A. Hoffman,
Assistant Secretary, Electricity Delivery and Energy Reliability.
[FR Doc. 2012-12484 Filed 5-22-12; 8:45 am]
BILLING CODE 6450-01-P