NERC CIP-004 · BULK ELECTRIC SYSTEM · MANDATORY TRAINING

NERC CIP-004
Personnel & Training Compliance

CIP-004 requires documented cybersecurity awareness training for all personnel with Electronic or Physical Access to BES Cyber Systems. ThreeShield delivers CIP-004 compliant training programs with the evidence packages and documentation that NERC examination teams expect.

Book CIP-004 Training Full NERC CIP Compliance →
AnnualCIP-004 training must be completed at least once every 15 calendar months per person
All AccessRequired for anyone with Electronic or Physical Access to BES Cyber Systems - not just IT staff
DocumentedTraining records must be maintained and produced on request during NERC audits
CalgaryThreeShield delivers CIP-004 training in person across Alberta and virtually to all regions

What CIP-004 Actually Requires

📋

R1 — Security Awareness

Personnel must receive security awareness content at least quarterly through direct communications such as emails, posters, or briefings. This is distinct from the annual training requirement and needs its own documentation trail.

🎓

R2 — Cybersecurity Training

Annual training covering: applicable cybersecurity policies; physical and electronic access controls; proper use of and access to BES Cyber Systems; handling and disposal of sensitive data; action plans for incidents; and other topics as applicable. Training must be completed before access is granted to new personnel.

🔍

R3 — Personnel Risk Assessment

Background checks must be completed for all personnel before granting access to BES Cyber Systems. ThreeShield advises on scope, acceptable background check providers, and documentation of results consistent with NERC examination expectations.

📁

R4 — Access Management

Processes for granting, reviewing, and revoking logical and physical access must be documented and tested. ThreeShield's CIP-004 engagement reviews your access management process and identifies gaps before your next NERC examination.

Who Needs This Training

Anyone with Electronic Access or Physical Access to BES Cyber Systems requires CIP-004 training - including control room operators, field technicians, IT staff, contractors, and vendor personnel with ongoing access. The scope is broader than most organizations initially assume.

📊

Evidence Packages

ThreeShield delivers training with NERC examination-ready documentation: attendance records, training content evidence, completion certificates, and policy acknowledgment forms formatted the way NERC auditors expect to see them.

Training Delivery Options

Self-Serve

DIY via Lavawall®

For organizations with internal compliance staff who need documentation and evidence support

  • CIP-004 training content and curriculum
  • Attendance and completion tracking
  • Evidence package templates
  • Quarterly awareness content calendar
Get Curriculum Package
Recommended

Instructor-Led Training

ThreeShield delivers CIP-004 training directly to your BES personnel

  • In-person delivery at your Alberta facility or virtual
  • Content tailored to your specific BES Cyber Systems and role types
  • Control room operators, field technicians, and IT staff sessions
  • Complete documentation package for NERC examination
  • Quarterly awareness program setup
Book Instructor-Led Training
Fully Managed

Done-for-You

Complete CIP-004 compliance program management

  • Annual training program management
  • Quarterly awareness content delivery
  • Access management process documentation
  • Background check process review
  • NERC examination support
  • Integration with CIP-005 and CIP-007 programs
Book Done-for-You

CIP-004 Training — Ready When You Are

Don't let training documentation become a gap in your next NERC examination. ThreeShield delivers CIP-004 compliant training with everything examination teams expect to see.

Book CIP-004 Training Book a Time Online →

Also covers CIP-005 ESP Assessments · CIP-007 Vulnerability Assessments · Full NERC CIP Compliance