OMB.report

Federal forms, ICRs, and supporting documents

Information Collection Request

FERC-725B, RM25-8 Proposed Rule, Mandatory Reliability Standards for Critical Infrastructure Protection (CIP)

ICR 202602-1902-001 · OMB 1902-0248 · Received in OIRA

Forms and Documents
DocumentTypeStatusAvailability
CIP-003-11_implementation_plan_november_2024.pdf Supplementary Document Uploaded 2026-03-17 Available
cip-003-11.pdf Supplementary Document Uploaded 2026-03-17 Available
NOPR RM25-8 supporting statement.docx Supporting Statement A Uploaded 2026-03-17 Repair queued
RM25-8-000 (Published).pdf Supplementary Document Uploaded 2026-03-17 Missing upstream
RM25-8-000 (Issued).docx Supplementary Document Uploaded 2026-03-17 Repair queued
FERC Takes Action to Enhance Reliability of the U.S. Electric Grid _ Federal Energy Regulatory Commission.pdf Supplementary Document Uploaded 2025-12-04 Available
18 CFR Part 35.pdf Supplementary Document Uploaded 2023-05-03 Repair queued
16 U.S.C. 824o.pdf Supplementary Document Uploaded 2023-05-03 Repair queued
16 U.S.C.824d.pdf Supplementary Document Uploaded 2023-05-03 Repair queued
16 U.S.C. 824s-1.pdf Supplementary Document Uploaded 2023-05-03 Repair queued
IC Document Collections
IC IDCollectionTypeStatusForm
279511 CIP-003-11 One-time Year1-3 New
278342 CIP-013-3 One-time 1-3 Years Unchanged
278341 CIP Standards 11-4.1 One-time 1-3 years Unchanged
278340 CIP Standards 10-5 One-time 1-3 Years Unchanged
278339 CIP Standards 009-7.1 One-time 1-3 years Unchanged
278338 CIP Standards 008-7.1 One-time 1-3 years Unchanged
278337 CIP Standards 007-7.1 One-time 1-3 years Unchanged
278336 CIP Standard 006-7.1 One-time 1-3 years Unchanged
278335 CIP Standard 005-8 One-time 1-3 years Unchanged
278334 CIP Standards 004-8 One-time 1-3 years Unchanged
278333 CIP-003-10 One-time 1-3 years Unchanged
276137 CIP-15-1 Internal Network Security Monitoring (INSM) Unchanged
270745 CIP-12-2 RD24-3 One-time Years 1-3 Unchanged
259874 Annual informational filing required where Commission has granted incentive rate treatment (18 CFR 35.48(h)) Unchanged
259873 Voluntary filing seeking incentive rate treatment for cybersecurity investment (18 CFR 35.48(b)) Unchanged
250321 CIP Standards 11-4.1 Unchanged
250320 CIP Standards 10-5 Unchanged
250319 CIP Standards 009-7.1 Unchanged
250318 CIP Standards 008-7.1 Unchanged
250317 CIP Standards 007-7.1 Unchanged
250316 CIP Standard 006-7.1 Unchanged
250315 CIP Standard 005-8 Unchanged
249467 CIP Standard CIP-002-7 Modified
249406 CIP-014-3 Unchanged
239914 CIP-012-2 RD24-3 Ongoing Unchanged
233612 CIP-013-3 Unchanged
231302 CIP-003-11 Modified
181478 CIP Standards 004-8 Unchanged
ICR Details
1902-0248 202602-1902-001
Received in OIRA 202511-1902-002
FERC FERC-725B
FERC-725B, RM25-8 Proposed Rule, Mandatory Reliability Standards for Critical Infrastructure Protection (CIP)
Revision of a currently approved collection   No
Regular 03/17/2026
  Requested Previously Approved
06/30/2026 06/30/2026
264,225 258,552
2,893,619 2,405,177
0 0
On December 20, 2024, NERC submitted proposed Reliability Standard CIP-003-11 for Commission approval. NERC explains that, in response to the SolarWinds Orion platform attack, and at the direction of the NERC Board of Trustees, NERC staff assembled a team of cybersecurity experts and compliance experts called the Low Impact Criteria Review Team (LICRT) that developed a report that discussed the potential threats and risks posed by a coordinated attack on low impact BES Cyber Systems. NERC’s modifications made in Reliability Standard CIP-003-11 reflect many of the recommendations from the LICRT. NERC states that the Reliability Standard would enhance reliability by mitigating the risk posed by a coordinated attack utilizing distributed low impact BES Cyber Systems. NERC explains that, to address the threat of a coordinated attack on dispersed low impact BES Cyber Systems, the proposed Standard adds controls to: (1) authenticate remote users, (2) protect the authentication information in transit, and (3) detect malicious communications to or between assets containing low impact BES Cyber Systems with external routable connectivity.
US Code: 16 USC 824s-1 Name of Law: Federal Power Act
   US Code: 16 USC 824d Name of Law: Federal Power Act
   US Code: 16 USC 824o Name of Law: Federal Power Act
  
US Code: 16 USC 824s-1 Name of Law: Federal Power Act
1902-AG37 Proposed rulemaking 90 FR 45685 09/23/2025
No
  Total Request Previously Approved Change Due to New Statute Change Due to Agency Discretion Change Due to Adjustment in Estimate Change Due to Potential Violation of the PRA
Annual Number of Responses 264,225 258,552 0 5,673 0 0
Annual Time Burden (Hours) 2,893,619 2,405,177 0 488,442 0 0
Annual Cost Burden (Dollars) 0 0 0 0 0 0
Yes
Changing Regulations
No
Program Change due to Agency discretion includes one-time burden from RM24-8 NOPR already comment and filed on and RM25-8 NOPR 1,673 Responses and 257,642 Annual Burden hrs of new one-time burden
$222,071
No
    No
    No
No
No
No
No
Kayla Williams 410 786-5887 [email protected]
  No
On behalf of this Federal agency, I certify that the collection of information encompassed by this request complies with 5 CFR 1320.9 and the related provisions of 5 CFR 1320.8(b)(3).
The following is a summary of the topics, regarding the proposed collection of information, that the certification covers:
 
 
 
 
 
 
 
    (i) Why the information is being collected;
    (ii) Use of information;
    (iii) Burden estimate;
    (iv) Nature of response (voluntary, required for a benefit, or mandatory);
    (v) Nature and extent of confidentiality; and
    (vi) Need to display currently valid OMB control number;
 
 
 
If you are unable to certify compliance with any of these provisions, identify the item by leaving the box unchecked and explain the reason in the Supporting Statement.
03/17/2026