In an email to the National Institute of Standards and Technology's (NIST) Smart Grid Cybersecurity Working Group (CSWG), it was announced that the CSWG Testing and Certification subgroup has completed the draft SGIP document, “Guide for Assessing the High-Level Security Requirements in NISTIR 7628, Guidelines for Smart Grid Cyber Security.” The document provides a foundation to facilitate a security assessment based on the NISTIR 7628 high-level security requirements. The agency released the smart grid security guidelines in the NISTIR 7628 document in 2010, but some utilities have struggled with using the document in order to create real world security policies. This guide is written to provide a foundation to facilitate a security assessment based on the NISTIR 7628 high-level security requirements implemented within an effective risk management program.

NIST and the CSWG are requesting review comments on the document. Comments should be provided to Sandy Bacik (sandy.bacik@enernex.com) by Monday, January 16, 2012. To help with the comment resolution process, please use the comment form.

Below are the links for the comment form and the pdf documents of the Assessment Guide:

• Assessment Guide link to the pdf with line numbers: http://collaborate.nist.gov/twiki-sggrid/pub/SmartGrid/CSCTGTesting/NISTIR_7628_Assessment_Guide-v0p9.pdf 
• Assessment Guide companion spreadsheet link to the pdf: http://collaborate.nist.gov/twiki-sggrid/pub/SmartGrid/CSCTGTesting/NISTIR_7628_Assessment_Guide_Companion_Spreadsheet-v1p0.pdf
• Comment form: http://collaborate.nist.gov/twiki-sggrid/pub/SmartGrid/CSCTGTesting/Assessment_Guide_Comment_Form.xls