You are here

Cybersecurity Risk Management Process (RMP) Guideline - Final (May 2012)

This electricity subsector cybersecurity Risk Management Process (RMP) guideline was developed by the Department of Energy, in collaboration with the National Institute of Standards and Technology (NIST) and the North American Electric Reliability Corporation (NERC). The RMP is written with the goal of enabling organizations— regardless of size or organizational or governance structure—to apply effective and efficient risk management processes and tailor them to meet their organizational requirements. This guideline may be used to implement a new cybersecurity program within an organization or to build upon an organization’s existing internal cybersecurity policies, standard guidelines, and procedures.