FERC Seeks Comments on FERC-725B Reliability Standards Information Collection Extension

Legal Status This site displays a prototype of a “Web 2.0” version of the daily
Federal Register. It is not an official legal edition of the Federal
Register, and does not replace the official print version or the official
electronic version on GPO’s govinfo.gov.

The documents posted on this site are XML renditions of published Federal
Register documents. Each document posted on the site includes a link to the
corresponding official PDF file on govinfo.gov. This prototype edition of the
daily Federal Register on FederalRegister.gov will remain an unofficial
informational resource until the Administrative Committee of the Federal
Register (ACFR) issues a regulation granting it official legal status.
For complete information about, and access to, our official publications
and services, go to About the Federal Register on NARA's archives.gov.

The OFR/GPO partnership is committed to presenting accurate and reliable
regulatory information on FederalRegister.gov with the objective of
establishing the XML-based Federal Register as an ACFR-sanctioned
publication in the future. While every effort has been made to ensure that
the material on FederalRegister.gov is accurately displayed, consistent with
the official SGML-based PDF version on govinfo.gov, those relying on it for
legal research should verify their results against an official edition of
the Federal Register. Until the ACFR grants it official status, the XML
rendition of the daily Federal Register on FederalRegister.gov does not
provide legal notice to the public or judicial notice to the courts.

Legal Status

Notice

You may be interested in this older document that published on 02/17/2026 with action 'Notice of information collection and request for comments.' View Document

Commission Information Collection Activities (FERC-725B). Comment Request; Extension

A Notice by the Federal Energy Regulatory Commission on 04/27/2026

• 1.

1.
This document has a comment period that ends in 32 days.
(05/27/2026)

Thank you for taking the time to create a comment. Your input is important.

Once you have filled in the required fields below you can preview and/or submit your comment to the Energy Department for review. All comments are considered public and will be posted online once the Energy Department has reviewed them.

You can view or you may also comment via Regulations.gov at /documents/2026/04/27/2026-08168/commission-information-collection-activities-ferc-725b-comment-request-extension.

It appears that you have attempted to comment on this document before
so we've restored your progress.
.
1.
2. Comment * What is your comment about? Upload File(s) Note: You can attach your comment as a file and/or attach supporting
documents to your comment. Attachment Requirements.

Email this will NOT be posted on regulations.gov

Opt to receive email confirmation of submission and tracking number? Tell us about yourself! I am... * An Individual An Organization Anonymous First Name * Last Name * City Region State Alabama Alaska American Samoa Arizona Arkansas California Colorado Connecticut Delaware District of Columbia Florida Georgia Guam Hawaii Idaho Illinois Indiana Iowa Kansas Kentucky Louisiana Maine Maryland Massachusetts Michigan Minnesota Mississippi Missouri Montana Nebraska Nevada New Hampshire New Jersey New Mexico New York North Carolina North Dakota Ohio Oklahoma Oregon Pennsylvania Puerto Rico Rhode Island South Carolina South Dakota Tennessee Texas Utah Vermont Virgin Islands Virginia Washington West Virginia Wisconsin Wyoming Zip Country Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia, Plurinational State of Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, the Democratic Republic of the Cook Islands Costa Rica Côte d'Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran, Islamic Republic of Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Korea, Democratic People's Republic of Korea, Republic of Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macao Macedonia, the Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States of Moldova, Republic of Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestine, State of Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Barthélemy Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Martin (French part) Saint Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Sint Maarten (Dutch part) Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and the South Sandwich Islands South Sudan Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan, Province of China Tajikistan Tanzania, United Republic of Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates United Kingdom United States United States Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela, Bolivarian Republic of Viet Nam Virgin Islands, British Virgin Islands, U.S. Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Phone Organization Type * Company Organization Federal State Local Tribal Regional Foreign U.S. House of Representatives U.S. Senate Organization Name * You are filing a document into an official docket. Any personal
information included in your comment text and/or uploaded
attachment(s) may be publicly viewable on the web. I read and understand the statement above.

2. Please review the Regulations.gov privacy notice and user notice.
3. Document Details Published Content - Document Details Agencies Department of Energy Federal Energy Regulatory Commission Agency/Docket Number Docket No. IC26-16-000 Document Citation 91 FR 22530 Document Number 2026-08168 Document Type Notice Pages 22530-22533 (4 pages) Publication Date 04/27/2026 Published Content - Document Details

• PDF Official Content
  • View printed version (PDF) Official Content
• Document Details Published Content - Document Details Agencies Department of Energy Federal Energy Regulatory Commission Agency/Docket Number Docket No. IC26-16-000 Document Citation 91 FR 22530 Document Number 2026-08168 Document Type Notice Pages 22530-22533 (4 pages) Publication Date 04/27/2026 Published Content - Document Details
• Document Dates Published Content - Document Dates Comments Close 05/27/2026 Dates Text Comments on the collection of information are due May 27, 2026. Published Content - Document Dates

• Table of Contents Enhanced Content - Table of Contents This table of contents is a navigational tool, processed from the
  headings within the legal text of Federal Register documents.
  This repetition of headings to form internal navigation links
  has no substantive legal effect.

  -

  -

  -

  -

  Enhanced Content - Table of Contents

• Related Documents Enhanced Content - Related Documents FederalRegister.gov uses the agency dockets published with the document to display related documents.

| Docket No. IC26-16-000
(2 Documents) |
| --- |
| Date | | Action | Title |
| | 2026-04-27 | Notice of information collection and request for comments. | Commission Information Collection Activities (FERC-725B). Comment Request; Extension |
| | 2026-02-17 | Notice of information collection and request for comments. | Commission Information Collection Activities (FERC-725b); Comment Request; Extension |

Enhanced Content - Related Documents

• Public Comments Enhanced Content - Public Comments Comments are being accepted - .

Enhanced Content - Public Comments
- Regulations.gov Data Enhanced Content - Regulations.gov Data Additional information is not currently available for this document.

Enhanced Content - Regulations.gov Data

- Sharing Enhanced Content - Sharing Shorter Document URL https://www.federalregister.gov/d/2026-08168 Email Email this document to a friend Enhanced Content - Sharing

• Print Enhanced Content - Print
  • Enhanced Content - Print
• Document Statistics Enhanced Content - Document Statistics Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.

Page views 0
as of
04/25/2026 at 2:15 am EDT Enhanced Content - Document Statistics
- Other Formats Enhanced Content - Other Formats This document is also available in the following formats:

JSON Normalized attributes and metadata XML Original full text XML MODS Government Publishing Office metadata More information and documentation can be found in our developer tools pages.

Enhanced Content - Other Formats
- Public Inspection Public Inspection This PDF is FR Doc. 2026-08168 as it appeared on Public Inspection on
04/24/2026 at 8:45 am.

It was viewed
4
times while on Public Inspection.

If you are using public inspection listings for legal research, you
should verify the contents of the documents against a final, official
edition of the Federal Register. Only official editions of the
Federal Register provide legal notice of publication to the public and judicial notice
to the courts under 44 U.S.C. 1503 & 1507. Learn more here.

Public Inspection
Published Document: 2026-08168 (91 FR 22530) This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Document Headings Document headings vary by document type but may contain
the following:

1. the agency or agencies that issued and signed a document
2. the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to
3. the agency docket number / agency internal file number
4. the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details.

Department of Energy

Federal Energy Regulatory Commission

1. [Docket No. IC26-16-000]

AGENCY:

Federal Energy Regulatory Commission.

ACTION:

Notice of information collection and request for comments.

( printed page 22531)

SUMMARY:

In compliance with the requirements of the Paperwork Reduction Act of 1995, the Federal Energy Regulatory Commission (Commission or FERC) is soliciting public comment on the currently approved information collection, FERC-725B, (Mandatory Reliability Standards, Critical Infrastructure Protection (CIP). There are no changes to the reporting requirements with this information collection. No comments were received on the 60-day notice that ended on April 20, 2026.

DATES:

Comments on the collection of information are due May 27, 2026.

ADDRESSES:

Send written comments on FERC-725B to OMB through https://www.reginfo.gov/​public/​do/​PRA/​icrPublicCommentRequest?​ref_​nbr= 202604-1902-005. You can also visit https://www.reginfo.gov/​public/​do/​PRAMain and use the drop-down under “Currently under Review” to select the “Federal Energy Regulatory Commission” where you can see the open opportunities to provide comments. Comments should be sent within 30 days of publication of this notice.

Please submit a copy of your comments to the Commission via email to DataClearance@FERC.gov. You must specify Docket No. (IC26-16-000) and the FERC Information Collection number (FERC-725B) in your email. If you are unable to file electronically, comments may be filed by USPS mail or by hand (including courier) delivery:

• Mail via U.S. Postal Service Only: Federal Energy Regulatory Commission, Secretary of the Commission, 888 First Street NE, Washington, DC 20426.
• All other delivery methods: Federal Energy Regulatory Commission, Secretary of the Commission, 12225 Wilkins Avenue, Rockville, MD 20852. Docket: To view comments and issuances in this docket, please visit https://elibrary.ferc.gov/​eLibrary/​search. Once there, you can also sign up for automatic notification of activity in this docket.

FOR FURTHER INFORMATION CONTACT:

Kayla Williams, (202) 502-6468. DataClearance@FERC.gov.

SUPPLEMENTARY INFORMATION:

Title: FERC-725B (Mandatory Reliability Standards, Critical Infrastructure Protection (CIP)).

OMB Control No.: 1902-0248.

Type of Request: Three-year extension of the FERC-725B information collection requirements with no changes to the reporting requirements.

Abstract: On August 8, 2005, Congress enacted the Energy Policy Act of 2005. ] The Energy Policy Act of 2005 added a new section 215 to the FPA, ] which requires a Commission-certified Electric Reliability Organization to develop mandatory and enforceable Reliability Standards, ] including requirements for cybersecurity protection, which are subject to Commission review and approval. Once approved, the Reliability Standards may be enforced by the Electric Reliability Organization subject to Commission oversight, or the Commission can independently enforce Reliability Standards.

On February 3, 2006, the Commission issued Order No. 672, ] implementing FPA section 215. The Commission subsequently certified NERC as the Electric Reliability Organization. The Reliability Standards developed by NERC become mandatory and enforceable after Commission approval and apply to users, owners, and operators of the Bulk-Power System, as set forth in each Reliability Standard. ] The CIP Reliability Standards require entities to comply with specific requirements to safeguard critical cyber assets. These standards are result-based and do not specify a technology or method to achieve compliance, instead leaving it up to the entity to decide how best to comply.

On January 18, 2008, the Commission issued Order No. 706, ] approving the initial eight CIP Reliability Standards, CIP version 1 Standards, submitted by NERC. Subsequently, the Commission has approved multiple versions of the CIP Reliability Standards submitted by NERC, partly to address the evolving nature of cyber-related threats to the Bulk-Power System. On November 22, 2013, the Commission issued Order No. 791, ] approving CIP version 5 Standards, the last major revision to the CIP Reliability Standards. The CIP version 5 Standards implement a tiered approach to categorize assets, identifying them as high, medium, or low risk to the operation of the Bulk Electric System (BES) ] if compromised. High impact systems include large control centers. Medium impact systems include smaller control centers, ultra-high voltage transmission, and large substations and generating facilities. The remainder of the BES Cyber Systems ] are categorized as low impact systems. Most requirements in the CIP Reliability Standards apply to high and medium impact systems; however, a technical controls requirement in Reliability standard CIP-003, described below, applies only to low impact systems. Since 2013, the Commission has approved new and modified CIP Reliability Standards that address specific issues such as supply chain risk management, cyber incident reporting, ( printed page 22532) communications between control centers, and the physical security of critical transmission facilities. ]

The CIP Reliability Standards currently consist of 12 standards specifying a set of requirements that entities must follow to ensure the cyber and physical security of the Bulk-Power System. There are 12 currently effective cybersecurity standards and one cybersecurity standard that has been approved by the Commission and was enforceable as of July 1, 2022. There is also one physical security standard.

• CIP-002-5.1a Bulk Electric System Cyber System Categorization: requires entities to identify and categorize BES Cyber Assets for the application of cyber security requirements commensurate with the adverse impact that loss, compromise, or misuse of those BES Cyber Systems could have on the reliable operation of the BES.
• CIP-003-10 Security Management Controls: requires entities to specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES Cyber Systems against compromise that could lead to mis-operation or instability in the BES.
• CIP-004-8 Personnel and Training requires entities to minimize the risk against compromise that could lead to mis-operation or instability in the BES from individuals accessing BES Cyber Systems by requiring an appropriate level of personnel risk assessment, training, and security awareness in support of protecting BES Cyber Systems.
• CIP-005-8 Electronic Security Perimeter(s): requires entities to manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security Perimeter in support of protecting BES Cyber Systems against compromise that could lead to mis-operation or instability in the BES.
• CIP-006-7.1 Physical Security of Bulk Electric System Cyber Systems: requires entities to manage physical access to BES Cyber Systems by specifying a physical security plan in support of protecting BES Cyber Systems against compromise that could lead to mis-operation or instability in the BES.
• CIP-007-7.1 System Security Management: requires entities to manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES Cyber Systems against compromise that could lead to mis-operation or instability in the BES.
• CIP-008-7.1 Incident Reporting and Response Planning: requires entities to mitigate the risk to the reliable operation of the BES as the result of a cybersecurity incident by specifying incident response requirements.
• CIP-009-7.1 Recovery Plans for Bulk Electric System Cyber Systems: requires entities to recover reliability functions performed by BES Cyber Systems by specifying recovery plan requirements in support of the continued stability, operability, and reliability of the BES.
• CIP-010-5 Configuration Change Management and Vulnerability Assessments: requires entities to prevent and detect unauthorized changes to BES Cyber Systems by specifying configuration change management and vulnerability assessment requirements in support of protecting BES Cyber Systems from compromise that could lead to mis-operation or instability in the BES.
• CIP-011-4.1 Information Protection: requires entities to prevent unauthorized access to BES Cyber System Information by specifying information protection requirements in support of protecting BES Cyber Systems against compromise that could lead to mis-operation or instability in the BES.
• CIP-012-2 Communications between Control Centers: requires entities to protect the confidentiality and integrity of Real-time Assessment and Real-time monitoring data transmitted between Control Centers.
• CIP-013-3 Supply Chain Risk Management: requires entities to mitigate cybersecurity risks to the reliable operation of the BES by implementing security controls for supply chain risk management of BES Cyber Systems.
• CIP-014-3 Set out to identify and protect Transmission stations and Transmission substations, and their associated primary control centers, that if rendered inoperable or damaged as a result of a physical attack could result in instability, uncontrolled separation, or Cascading within an Interconnection.
• CIP-015-1 purpose is to improve the probability of detecting anomalous or unauthorized network activity in order to facilitate improved response and recovery from an attack. The CIP Reliability Standards, viewed as a whole, implement a defense-in-depth approach to protecting the security of BES Cyber Systems at all impact levels. ] The CIP Reliability Standards are objective-based and allow entities to choose compliance approaches best tailored to their systems. ]

| | Number and
type of

respondent 13 | Annual
number of
responses per
respondent | Total number
of responses | Average burden per response (hours) 14 &
cost per response | Total annual burden (hours) & total

annual cost 15 ($)
CIP-003-10
CIP-002-7, CIP-004-8, CIP-005-8, CIP-006-7.1, CIP-007-7.1, CIP-008-7.1, CIP-009-7.1, CIP-010-5, CIP-011-4.1
CIP-013-3
CIP-014-3
CIP-012-2
CIP-15-1
( printed page 22533)
Total Burden of FERC-725B

Comments: Comments are invited on: (1) whether the collection of information is necessary for the proper performance of the functions of the Commission, including whether the information will have practical utility; (2) the accuracy of the agency's estimate of the burden and cost of the collection of information, including the validity of the methodology and assumptions used; (3) ways to enhance the quality, utility and clarity of the information collection; and (4) ways to minimize the burden of the collection of information on those who are to respond, including the use of automated collection techniques or other forms of information technology.

Dated: April 22, 2026.

Debbie-Anne A. Reese,

Secretary.

Footnotes

1.

 Energy Policy Act of 2005, Public Law 109-58, sec. 1261 et seq., 119 Stat. 594 (2005).

1. 16 U.S.C. 824o.

3.

 FPA section 215 defines Reliability Standard as a requirement, approved by the Commission, to provide for reliable operation of existing bulk-power system facilities, including cybersecurity protection, and the design of planned additions or modifications to such facilities to the extent necessary to provide for reliable operation of the Bulk-Power System. However, the term does not include any requirement to enlarge such facilities or to construct new transmission capacity or generation capacity. Id. at 824o(a)(3).

1. Rules Concerning Certification of the Elec. Reliability Org.; and Procedures for the Establishment, Approval, and Enf't of Elec. Reliability Standards, Order No. 672, 71 FR 8661 (Feb. 17, 2006), 114 FERC ¶ 61,104, order on reh'g, Order No. 672-A, 71 FR 19814 (Apr. 28, 2006), 114 FERC ¶ 61,328 (2006).

5.

 NERC uses the term “registered entity” to identify users, owners, and operators of the Bulk-Power System responsible for performing specified reliability functions with respect to NERC Reliability Standards. See, e.g., Version 4 Critical Infrastructure Protection Reliability Standards, Order No. 761, 77 FR 24594 (Apr. 25, 2012), 139 FERC ¶ 61,058, at P 46, order denying clarification and reh'g, 140 FERC ¶ 61,109 (2012). Within the NERC Reliability Standards are various subsets of entities responsible for performing various specified reliability functions. We collectively refer to these as “entities.”

6.

 Order No. 706, 122 FERC ¶ 61,040 at P 1.

1. Version 5 Critical Infrastructure Protection Reliability Standards, Order No. 791, 78 FR 72755 (Dec. 13, 2013), 145 FERC ¶ 61,160 (2013), order on reh'g, Order No. 791-A, 146 FERC ¶ 61,188 (2014).

8.

 In general, NERC defines BES to include all Transmission Elements operated at 100 kV or higher and Real Power and Reactive Power resources connected at 100 kV or higher. This does not include facilities used in the local distribution of electric energy.
See
NERC, Bulk Electric System Definition Reference Document, Version 3, at page iii (August 2018). In Order No. 693, the Commission found that NERC's definition of BES is narrower than the statutory definition of Bulk-Power System. The Commission decided to rely on the NERC definition of BES to provide certainty regarding the applicability of Reliability Standards to specific entities. See Mandatory Reliability Standards for the Bulk-Power System, Order No. 693, 72 FR 16415 (Apr. 4, 2007), 118 FERC ¶ 61,218, at PP 75, 79, 491, order on reh'g, Order No. 693-A, 72 FR 49717 (July 25, 2007), 120 FERC ¶ 61,053 (2007).

9.

 NERC defines BES Cyber System as “[o]ne or more BES Cyber Assets logically grouped by a responsible entity to perform one or more reliability tasks for a functional entity.” NERC, Glossary of Terms Used in NERC Reliability Standards, at 5 (2020), https://www.nerc.com/​files/​glossary​of​terms.pdf (NERC Glossary of Terms). NERC defines BES Cyber Asset as

A Cyber Asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, mis-operation, or non-operation, adversely impact one or more Facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES Cyber Asset is included in one or more BES Cyber Systems.

ID. at 4.

1. See, e.g., Order No. 791, 78 FR 72755; Revised Critical Infrastructure Protection Reliability Standards, Order No. 822, 81 FR 4177 (Jan. 26, 2016), 154 FERC ¶ 61,037, reh'g denied, Order No. 822-A, 156 FERC ¶ 61,052 (2016); Revised Critical Infrastructure Protection Reliability Standard CIP-003-7—Cyber Security—Security Management Controls, Order No. 843, 163 FERC ¶ 61,032 (2018).

11.

Order No. 822, 154 FERC ¶ 61,037 at 32.

12.

Order No. 706, 122 FERC ¶ 61,040 at 72.

13.

The number of respondents is based on the NERC Compliance Registry as of June 22, 2025. Currently there are 1,508 unique NERC Registered, subtracting 16 Canadians Entities yields 1492 U.S. entities.

15.

The estimates for cost per hour are $77.30/hour (averaged based on the following occupations):

[FR Doc. 2026-08168 Filed 4-24-26; 8:45 am]

BILLING CODE 6717-01-P

Published Document: 2026-08168 (91 FR 22530)