ILT-U-4001
Electronic Security Perimeter Proficiency Testing Scheme (ESP-PTS). Cyber Security — Electronic Security Perimeter(s) according to NERC CIP-005-7
DETERMINATION | METHOD |
| ESP boundary and EAP identification | Technical analysis of network architectures, trust boundaries, and communication paths according to NERC CIP-005-7 principles |
| Access control validation | Analysis of firewall rules, ACLs, routing policies, and communication restrictions |
| Assessment of communication justification | Technical interpretation of authorized connectivity and associated business or operational justification |
| Interactive Remote Access (IRA) security assessment | Evaluation of VPN architectures, Intermediate Systems, MFA implementation, and encryption controls |
| Monitoring and malicious traffic detection evaluation | Analysis of logs, IDS/IPS alerts, and monitoring evidence associated with communication security controls |
| Vendor remote access evaluation | Assessment of vendor session visibility, access control capability, and remote access governance |
| Detection of unauthorized communication paths | Structured cybersecurity review of communication reachability and network exposure |
| Identification of cybersecurity inconsistencies and compliance deviations | Technical assessment of configuration, architecture, or operational deviations associated with CIP-005-7 principles |
| Documentation and classification of findings | Recording, classification, and technical justification of identified findings using ILT reporting templates |
Related products
ILT-U-1887
External Interface Security Assessment. GB 44495 (Clause 7.1 & 8.3) Phase 1 – Foundation Level
