GridUnity Certified Compliant with Cybersecurity Standard
Independent Audit Verifies GridUnity’s Information Security Controls and Processes using NIST 800-171
BOSTON, MA, – May 5, 2020 – GridUnity, developers of a software platform used by Independent System Operators and electric utilities to manage customer interconnections and perform advanced grid planning, today announced that they have received their Federal Information Security Management Act (FISMA) compliance audit, passing without a single compliance issue. GridUnity’s software enables the intelligent incorporation of renewable energy sources into the electric grid. This audit verifies that GridUnity ensures the highest level of data security by following a stringent set of baseline security controls from the National Institute of Standards and Technology (NIST) Special Publication 800-171.
GridUnity’s final compliance report on FISMA documents the physical, administrative, and technical safeguards they have implemented, the effectiveness of their risk management strategy, and how their controls achieve FISMA compliance. KirkpatrickPrice, a licensed CPA firm, helped GridUnity through the process of achieving compliance with FISMA, using NIST SP 800-171, and developing a maintenance plan to ensure that the company remains in compliance on an ongoing basis. Annual audits will ensure that GridUnity continues to follow current best practices.
NIST is responsible for developing standards and guidelines to ensure adequate information security for all U.S. federal agency operations and assets. However, the guidelines developed by NIST are not just for federal agencies but are designed to be used as guidance to protect Controlled Unclassified Information (CUI) within the information systems of nonfederal organizations.
“Attaining compliance is not a trivial undertaking, but we prioritized it and allocated the resources necessary to achieve it because we believe that energy data security is, and will continue to be, a critically important issue for utilities,” said GridUnity CEO Brian Fitzsimons. “Protecting our clients’ data with this level of attention to detail and care demonstrates that we share their concerns, which is why they trust us with their information and their customers’. It’s also one of the ways in which we distinguish ourselves in the market, as we are the only provider we know of who has achieved this milestone.”
“FISMA is a stringent framework built on guidelines issued by NIST,” said Joseph Kirkpatrick, Managing Partner with KirkpatrickPrice. “GridUnity’s clients, representing some of the most innovative utilities in the country, will be pleased to know that they have taken this step towards assessing and managing their risks while creating an increased awareness of information security.”