RRC Files Standards with RCA
RRC Files Standards with RCA
On July 7, 2025, the RRC Board of Directors adopted Board Resolution 20250707-01, 20250707-02, 20250707-03, and 20250707-04 that approved and authorized the filing of the Critical Infrastructure Protection (CIP) standards listed below with the Regulatory Commission of Alaska (RCA). On September 29, 2025, the RRC Board of Directors adopted Board Resolution 20250929-03 that approved amending the CIP standards to include the penalty matrix and authorized the filing of the CIP standards with the RCA:
- RRC-CIP-002-1 BES Cyber System Categorization
- RRC-CIP-003-1 Security Management Controls
- RRC-CIP-004-1 Personnel & Training
- RRC-CIP-005-1 Electronic Security Perimeters
- RRC-CIP-006-1 Physical Security of BES Cyber Systems
- RRC-CIP-007-1 System Security Management
- RRC-CIP-008-1 Incident Reporting and Response Planning
- RRC-CIP-009-1 Recovery Plans for BES Cyber Systems
- RRC-CIP-010-1 Configuration Change Management and Vulnerability Assessments
- RRC-CIP-011-1 Information Protection
- RRC-CIP-012-1 Communications between Control Centers
- RRC-CIP-013-1 Supply Chain Risk Management
- RRC-CIP-014-1 Physical Security
- RRC-CIP-015-1 Internal Network Security Monitoring
On October 29, 2025, the RRC filed the above standards with the RCA. The filing is linked here.
Based on the filing, the RCA opened Matter No. TE9-9001, which has a public comment deadline of November 14, 2025, and statutory deadline of December 15, 2025.