Ampyx Cyber Blog
The Intersection of Regulation & Resilience
Inside the ERPQ: How One Form Shapes Your Audit
NERC's Currently Compliant Episode 9 introduced the consolidated Entity Risk Profile Questionnaire (ERPQ). What the podcast did not draw is the bigger picture: with ICE eliminated and continuous internal controls evaluation now embedded across CMEP, the ERPQ is the entry point into how the ERO Enterprise sees you for every monitoring cycle.
Redesigning the Machine: NERC Board Accepts Transformational Standards Modernization Plan
The NERC Board has approved a historic transformation of the standards development process to meet the speed of the modern grid. Aiming for a 12–18 month timeline, the new framework re-engineers how NERC addresses risks from data centers, IBRs, and VPPs. Read our deep dive into the 2027 roadmap, the new SME pool, and the upcoming shift in voting eligibility.
NERC’s CIP Roadmap and the Future of Grid Cybersecurity
NERC’s new CIP Roadmap signals a major shift in how cyber risk will be regulated across the power grid. This Policy Pulse explains what NERC released, why it matters, what standards and guidance are coming next, and how utilities, generators, and grid operators should prepare for expanding CIP scope and enforcement.
ERO CMEP 2026: Oversight in the Age of Transformation
The Electric Reliability Organization’s (ERO) 2026 Compliance Monitoring and Enforcement Program Implementation Plan (CMEP) signals a new era in how risk-based oversight keeps pace with a rapidly transforming grid. Released in October, the plan refines NERC’s compliance priorities for the coming year, retiring Incident Response as a distinct risk element and introducing Grid Transformation as a central theme.