Home / Agencies / DOE / 2025-12309
Final Rule

Critical Infrastructure Protection Reliability Standard CIP-015-1-Cyber Security-Internal Network Security Monitoring

Agency
Document Number
2025-12309
Published
July 2, 2025
Effective Date
September 2, 2025

Abstract

The Federal Energy Regulatory Commission (Commission) approves proposed Reliability Standard CIP-015-1 (Cyber Security--Internal Network Security Monitoring), which the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission directs NERC to develop certain modifications to proposed Reliability Standard CIP-015-1 to extend internal network security monitoring to include electronic access control or monitoring systems and physical access control systems outside of the electronic security perimeter. The Commission also provides greater clarity about the term CIP-networked environment as it is used in proposed Reliability Standard CIP-015-1.

Federal Register Source

This document is published by the Office of the Federal Register, National Archives and Records Administration. Access the full regulatory text, preamble, and docket comments below.

View Full Text on FederalRegister.gov →

Opens in new tab · federalregister.gov

Frequently Asked Questions

What is the 2025-12309 Federal Register document?
Document 2025-12309 is a Final Rule published by the Department of Energy in the Federal Register on July 2, 2025, with an effective date of September 2, 2025. The Federal Energy Regulatory Commission (Commission) approves proposed Reliability Standard CIP-015-1 (Cyber Security--Internal Network Security Monitoring), which the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission directs NERC to develop certain modifications to proposed Reliability Standard CIP-015-1 to extend internal network security monitoring to include electronic access control or monitoring systems and physical access control systems outside of the electronic security perimeter. The Commission also provides greater clarity about the term CIP-networked environment as it is used in proposed Reliability Standard CIP-015-1. View the original at https://www.federalregister.gov/documents/2025/07/02/2025-12309/critical-infrastructure-protection-reliability-standard-cip-015-1-cyber-security-internal-network.
Is document 2025-12309 an economically significant rule?
No. Document 2025-12309 is not classified as economically significant under Executive Order 12866. Economically significant rules require OIRA review and are estimated to have impacts of $100 million or more per year.
Data sourced from official state legislatures, IAPP, NCSL, and federal regulatory trackers. See our methodology for details. Retrieved and formatted by PlainRegWatch Editorial

Every figure on PlainRegWatch is rendered directly from state source data, no number is typed in by an editor. This page draws directly on federal and state source data, no figure is typed in by an editor. See our editorial standards & corrections policy, the methodology behind these numbers, or report a data error.