ABOUT NPCC Governance & Corporate Leadership Team Membership Careers Resources Contact Us PROGRAM AREAS Standards & Criteria Compliance RAPA SAIS COMMITTEES DER Forum Gov/Reg Affairs Reliability Coordinating Regional Standards NEWS Search SIGN IN

Posted: 08/25/2022

Security Bulletin – DOE releases C2M2 Version 2.1

As of June 2022, the U.S. Department of Energy (DOE) released version 2.1 of the Cybersecurity Capability Maturity Model (C2M2) enables organizations to evaluate their cybersecurity capabilities and optimize security investments. A free, user-friendly C2M2 Self-Evaluation Tool is available on both an HTML and a PDF platform. The two versions of the tool both offer interactive features and help text, allow users to securely record results, and automatically generate a detailed, graphical report.

Additional information on the C2M2 Cybersecurity Capability Maturity Model can be accessed by the following links:

Link: DOE C2M2 Release Announcement

Link: C2M2 Cybersecurity Capability Maturity Model Documentation

Link: C2M2 V2.1 HTML-Based Tool

Link: C2M2 PDF-Based Tool Request

TLP: WHITE

  Previous
Next  

  CATEGORIES

Compliance Bulletin Decisions & Notices ERO Enterprise Media Release NERC NPCC Regional Entities & Others Reliability Assessment Security Bulletin

  NEWS ARCHIVES

  Upcoming Events

  News Highlights

Generator Welcome Package is Now Available

January 18, 2023

Save the Date: NPCC 2023 Spring Compliance and Reliability Webinar

January 05, 2023

  Quick Links

NPCC Electrical System Map

NPCC Directory

Security Notice

This is a Northeast Power Coordinating Council, Inc. (NPCC) information system. You have no reasonable expectation of privacy regarding communications or data transiting or stored on NPCC’s information system. At any time and for any lawful purpose, NPCC may monitor, intercept, record, and search any communications or data transiting or stored on this information system. At NPCC’s sole discretion, NPCC may disclose pertinent information to the U.S. Government and its authorized representatives to protect the security of critical infrastructure and key resources, ensure information security, or to comply with any applicable law, regulation, legal process, or enforceable governmental request. By continuing, you acknowledge that you understand and consent to the terms and conditions described in this notice. The actual or attempted unauthorized access, use, or modification of this system is strictly prohibited and may subject violators to criminal, civil, and/or administrative action.