Technical brochure
TB 892 WG D2.45

Impacts of governance regulations and constraints on EPU sensitive data distribution and location of data storage

The scope of this Technical Brochure (TB) offers guidelines for assessing the impact of governance regulations and constraints on electric power utility (EPU) sensitive data distribution and location of storage in accordance with the approved terms of reference. This TB uses a broad definition of data to include any information such as descriptive information, parametric information, schematics and pictures. Personal information is extremely sensitive because it can be used to influence or coerce authorized personnel to collaborate in accomplishing an attack on EPU’s systems. Critical infrastructure information can be used for unauthorized access to and use of their systems. Sensitive information also includes any information that requires a notification of a breach to a designated authority. The guideline will provide recommendations that identify the relationship between governance response requirements and their dependency on enabling security systems to ensure the confidentiality and integrity of sensitive data. Specifically, this TB addresses regulations that enforce constraints regarding read/write privileges and storage locations. Consideration is also given to local restrictions regarding identification of local national authority, security requirements imposed on sensitive data, local definitions of sensitive data, sensitive data transfer and approved requirements, and sensitive data breach notification requirements.

To read this article subscribe to ELECTRA. Single edition, annual options and CIGRE membership are available. Access to all editions is free for CIGRE members.

Already have an account? Sign in

Subscribe now

D2

Information systems telecommunications and cybersecurity

This Technical Brochure has been created by a Working Group from the CIGRE Information systems telecommunications and cybersecurity Study Committee which is one of CIGRE's 16 domains of work.
D2 provides guidance, shares knowledge, and develops best practices and publications for the application of information technology to the critical and core business systems in the electricity supply chain, including smart meters, asset performance monitoring and management, energy management systems (EMS), internet of things (IoT) and machine learning/ big data.

Learn more
Top of page