Companies often struggle with ongoing operational, cybersecurity, and CIP compliance responsibilities. While it is tough to recruit, train and retain quality CIP resources, it can be even harder to find qualified and dependable consultants who can ease the burden from:

  • Having more projects or tasks than time or resources to manage
  • Ever growing task lists that don’t seem to end
  • Preparation activities for upcoming audits

ITEGRITI can help in many capacities, including:

  • Asset inventory and site walkdowns
  • Exercise design and facilitation
  • Supply chain management: policy and supplier assessments
  • Vulnerability Assessments
  • CIP program and compliance assessments
  • CIP audit and SME preparation
  • NIST CSF Security Assessments
  • TSA SD2 program development and assessment


Experience > Process > Results
The ITEGRITI leadership team is involved in every project, initially through advisory, project scoping and organization, and then through direct assignment or oversight roles. Our experience includes:

  • NERC experience since 2006, completed projects in all regions throughout the U.S. and Canada, supporting utilities, transmission, municipalities, cooperatives, and generation representing coal, natural gas, and renewables – wind, solar, hydro and geothermal.
  • Management, oversight or service on over 300 projects in cybersecurity, compliance, and audit.
  • Industry and consulting backgrounds, IT and OT operational experience.

ITEGRITI will design an approach that follows the Plan, Do, Check, Adjust model. Our delivery team will have access to tools and templates to provide consistency in deliverables, manage team workflow and deliverables, and assist with timely and accurate reporting. Our tools include:

  • An approach that mirrors NERC audit and data requests.
  • A database to manage data requests, workflows, reviews, and disposition with reports that dynamically provide Data Request status by Manager, Assignee, Status.
  • Surveys and control self assessments that are viewable from computers, tablets and cell phones.
  • An available SFTP site for the sharing of sensitive information.

Case Study

An ITEGRITI client had a growing list of cybersecurity, compliance, process improvement, training and organizational change management concerns but lacked internal resources for timely completion of tasks. We reviewed the list with our client, identified dependencies and critical path, anticipated level of effort, and organizational priority. They contracted our team to lead and help complete priority items on their task list, working both independently and in collaboration with their employees, vendors, and other contractors.  ITEGRITI managed efforts in an Agile fashion and by working together our client was able to meet internal and external deadlines.

We have now completed over a dozen projects for this client supporting NERC corporate compliance, IT compliance, CIP program management, enterprise applications, generation, transmission, renewables, critical infrastructure operations, cybersecurity, telecommunications, and physical security.


“Michael and the ITEGRITI team has partnered with us to advance and mature our cyber security capabilities across the technology that operates our critical energy infrastructure, in the midst of an evolving regulatory environment and threat landscape. ITEGRITI seamlessly integrated into our team, providing valuable industry expertise and practical solutions to imbed these new capabilities into the way we work at Duke Energy. Fantastic insights, tangible results. Thank you for the partnership!

Brian Savoy
SVP, Business Transformation & Technology
Duke Energy Corporation

View More Projects