The identification of critical assets (CAs) and critical cyber assets (CCAs) is the foundation for compliance with the CIP reliability standards. The erroneous exclusion of CAs and / or CCAs can result in noncompliance.  The erroneous inclusion of CAs and / or CCAs causes Responsible Entities to incur needless expense when executing their NERC CIP compliance initiatives.  If you have already identified your CAs and CCAs, Encari can provide an objective third-party review of your risk-based assessment methodology and its execution to assess the effectiveness of your NERC CIP-002 Critical Asset and Critical Cyber Asset identification efforts.  If you have not completed this identification process, Encari can work with you to develop, document and execute your risk-based assessment methodology and, most importantly, meet the measures for compliance with the NERC CIP-002 requirements.