{"id":1698,"date":"2020-03-13T17:20:46","date_gmt":"2020-03-13T17:20:46","guid":{"rendered":"http:\/\/72.52.228.46\/~itegriti\/?p=1698"},"modified":"2021-04-12T05:28:46","modified_gmt":"2021-04-12T05:28:46","slug":"evidence-request-tool-new-version-4","status":"publish","type":"post","link":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/","title":{"rendered":"What is New in the Evidence Request Tool v4.0?"},"content":{"rendered":"<div class=\"fusion-fullwidth fullwidth-box fusion-builder-row-1 nonhundred-percent-fullwidth non-hundred-percent-height-scrolling\" style=\"--awb-border-radius-top-left:0px;--awb-border-radius-top-right:0px;--awb-border-radius-bottom-right:0px;--awb-border-radius-bottom-left:0px;--awb-flex-wrap:wrap;\" ><div class=\"fusion-builder-row fusion-row\"><div class=\"fusion-layout-column fusion_builder_column fusion-builder-column-0 fusion_builder_column_1_1 1_1 fusion-one-full fusion-column-first fusion-column-last\" style=\"--awb-bg-size:cover;\"><div class=\"fusion-column-wrapper fusion-column-has-shadow fusion-flex-column-wrapper-legacy\"><div class=\"fusion-title title fusion-title-1 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>About the Evidence Request Tool (ERT)<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-1\"><p>Being compliant with the NERC CIP standards is vital for a secure and reliable electric grid. A critical component of performing a compliance audit is the gathering of evidence to support audit findings. The six regions, as delegates of NERC, perform compliance audits and exercise a degree of independence; historically, this meant each region issued a request for information prior to the audit and the Responsible Entity provided the requested information.<\/p>\n<p>In the course of developing the reliability standard audit worksheets (RSAWs), the RSAW Development Team met with industry representatives to develop a better set of RSAWs. Part of that discussion centered on what types of evidence would be requested to demonstrate compliance with the CIP Standards. Since the RSAWs could not provide that level of detail, the industry representatives sought more transparency in the evidence requests that the regions send to Responsible Entities as part of the audit process. Additionally, there was a request from the industry representatives to standardize the evidence requests across the Electric Reliability Organization (ERO) \u2013 this was especially important to Responsible Entities operating in multiple regions.<\/p>\n<p>The CIP Evidence Request Tool (ERT) is a common request for information that will be available for use by all regions. The tool will help the ERO Enterprise be more consistent and transparent in its audit approach. It will also help Responsible Entities (especially those that operate in multiple regions) fulfill these requests more efficiently by understanding what types of evidence are useful in preparation for an audit.<\/p>\n<\/div><div class=\"fusion-text fusion-text-2\"><div class=\"mceTemp\"><\/div>\n<div id=\"attachment_1700\" style=\"width: 610px\" class=\"wp-caption aligncenter\"><img decoding=\"async\" aria-describedby=\"caption-attachment-1700\" class=\"wp-image-1700 size-medium lazyload\" data-src=\"http:\/\/72.52.228.46\/~itegriti\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-600x267.jpg\" alt=\"Figure 1: Evidence Request Flow. Source: NERC CIP Evidence Request Tool User Guide v4.0\" width=\"600\" height=\"267\" data-srcset=\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-200x89.jpg 200w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-400x178.jpg 400w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-600x267.jpg 600w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-768x341.jpg 768w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-800x355.jpg 800w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic-1200x533.jpg 1200w, https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/ERT-Article-Graphic.jpg 1229w\" data-sizes=\"(max-width: 600px) 100vw, 600px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/267;\" \/><p id=\"caption-attachment-1700\" class=\"wp-caption-text\">Figure 1: Evidence Request Flow. Source: NERC CIP Evidence Request Tool User Guide v4.0<\/p><\/div>\n<\/div><div class=\"fusion-text fusion-text-3\"><p>Figure 1 above shows a summary of the evidence request flow. The ERT contains a Level 1 tab with the initial evidence needed to begin the evidence submission process. Level 1, in general, asks for two different types of evidence. The first type is the programs, processes, and procedures that an audit team will need to review to determine compliance. The second type is the detail tabs used to form populations for sample selection which will feed into Level 2. Level 2 asks for detailed information about individual items selected by the audit team.<\/p>\n<p>Each line of the Level 1 and Level 2 tabs contains a \u201cRequest ID,\u201d which uniquely identifies each request. These Request IDs follow the format <strong><em>CIP-sss-Rr-Lm-nn<\/em><\/strong>, where:<\/p>\n<ul>\n<li><strong><em>sss<\/em><\/strong> is the three-digit CIP Reliability Standard number<\/li>\n<li><strong><em>r<\/em><\/strong> is the Requirement number within the Standard<\/li>\n<li><strong><em>m<\/em><\/strong> is the level of the evidence request, either \u201c1\u201d for Level 1 or \u201c2\u201d for Level 2 corresponding to Level 1, etc.<\/li>\n<li><strong><em>nn<\/em><\/strong> is a two-digit request number within the Standard, Requirement, and Level<\/li>\n<\/ul>\n<p>For example, CIP-003-R3-L1-03 is the third Level 1 evidence request for CIP-003, R3.<\/p>\n<p>On the 10<sup>th<\/sup> of February, 2020, NERC released the fourth version of the ERT spreadsheet, which is available <a href=\"https:\/\/www.nerc.com\/pa\/comp\/CAOneStopShop\/CIP%20Evidence%20Request%20Tool%20v4.0.xlsx\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>. The guide to the ERT tool v4.0 is available <a href=\"https:\/\/www.nerc.com\/pa\/comp\/CAOneStopShop\/CIP%20Evidence%20Request%20Tool%20User%20Guide%20v4.0.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n<\/div><div class=\"fusion-title title fusion-title-2 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>What is New in ERT v4.0<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-4\"><p>So, what is new in the latest version of the ERT tool? We will try to highlight the most important changes. For a complete list of the changes from the previous version, you may click <a href=\"https:\/\/www.nerc.com\/pa\/comp\/CAOneStopShop\/Evidence%20Request%20Tool%20v4.0%20Changes.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>. The changes discussed will be grouped by CIP standard.<\/p>\n<p><strong>CIP-002<\/strong><\/p>\n<p>Besides providing the \u201cthe process that was implemented to identify each of the high impact and medium impact BES Cyber Systems\u201d described in R1, responsible entities are now requested to \u201cprovide evidence of the implementation of that process.\u201d<\/p>\n<p>In request R1-L1-03, questions 4, 5, 6, 9, 10, and 11 have been removed and replaced by new evidence requirements (questions 6 \u2013 12) which are related with the possibility of Cyber Assets being misused or degraded and their impact on generation systems.<\/p>\n<p>Request R1-L1-04 now refers only to Transmission systems, while the new request R1-L1-05 refers to Generation assets. The \u201cold\u201d requests 05 and 06 have now been renumbered to 06 and 07 respectively.<\/p>\n<p><strong>CIP-003<\/strong><\/p>\n<p>Request R1-L1-01 has been modified to read \u201cProvide evidence that the cyber security policies that address compliance with CIP-003 R1 were approved by a CIP Senior Manager,\u201d instead of \u201cProvide the cyber security policies that address compliance with CIP-003 R1.\u201d In addition, request R1-L1-09 is now applicable to Removable Media \u201cused\u201d and not \u201cauthorized.\u201d<\/p>\n<p><strong>CIP-005<\/strong><\/p>\n<p>Requirement R2 has now two new evidence requests: Request L1-02 has been added to \u201cProvide detailed explanation on the use of remote access for third-parties\u201d, while request L1-03 asks responsible entities to provide evidence on \u201cwhat electronic access controls (multi-factor, encryption, etc.) and Cyber Asset(s) are used to authenticate individuals for remote access.\u201d<\/p>\n<p><strong>CIP-007<\/strong><\/p>\n<p>Request R3-L1-02 has been removed and consolidated into request R2-L2-01.<\/p>\n<p><strong>CIP-008<\/strong><\/p>\n<p>A new request has been added to requirement R3. Request R3-L1-02 asks the responsible entities to provide evidence supporting what the entity has considered to be &#8220;technology determined to impact the ability to execute the plan.&#8221; In addition, the entity must provide evidence if they \u201chad any changes to such technology during the audit period.\u201d<\/p>\n<p><strong>CIP-009<\/strong><\/p>\n<p>Request R2-L1-02 has been modified to address requirement R2 Part 2.2. According to the revised request, responsible entities must provide evidence \u201cof each test of a representative sample of information used to recover BES Cyber System functionality and that the information is useable and compatible with current configurations during the audit period.\u201d<\/p>\n<p>In addition, a new request with ID R2-L1-03 has been added, which addresses requirement R2 Part 2.3, stating that \u201cFor each recovery plan provided in the response to CIP-009-R1-L1-01, provide evidence of each operational exercise of the recovery plan in an environment representative of the production environment during the audit period.\u201d<\/p>\n<p>Further, two new requests were added to provide evidence for the implementation of requirement 3. Request R3-L1-02 asks the entities to show evidence \u201cfor any change to roles and responsibilities, responders, or technology determined to impact the ability to execute the recovery plan.\u201d Finally, request R3-L1-03 is meant to provide evidence on what the entity has considered to be &#8220;technology determined to impact the ability to execute the plan.&#8221;<\/p>\n<p><strong>CIP-013<\/strong><\/p>\n<p>Request R1-L1-02 has been modified to address requirement R2 and has been renamed to R2-L1-01. The request asks to \u201cprovide a listing of each procurement of vendor products or services\u2026 for high and\/or medium impact BES Cyber Systems\u201d by using the Procurement tab in the ERT spreadsheet. In addition, request ID R1-L1-03 has been deleted as it is no longer applicable.<\/p>\n<p><strong>CIP-014<\/strong><\/p>\n<p>Request R1-L1-01 has been modified and now entities must \u201cprovide dated results of assessment of substations for applicability under CIP-014-2.\u201d The assessment results must include \u201cplanned and existing Transmission stations\/substations.\u201d In addition, the entities must provide a \u201clist of planned and existing Transmission stations\/substations that, if rendered inoperable or damaged, could result in instability, uncontrolled separation, or Cascading within an Interconnection.\u201d<\/p>\n<p>Further, request ID R2-L1-01 has also been modified to ask for \u201cdated results of the third party review of the results of the assessment of substations\u201d, including \u201cdocumented qualifications of the verifying third party, recommendations related to the risk assessments, evidence of modifications pursuant to recommendations, and evidence of procedures implemented to protect sensitive and confidential information.\u201d<\/p>\n<\/div><div class=\"fusion-title title fusion-title-3 fusion-sep-none fusion-title-text fusion-title-size-two\" style=\"--awb-text-color:#182857;--awb-margin-bottom:5px;--awb-margin-bottom-small:3px;--awb-font-size:32px;\"><h2 class=\"fusion-title-heading title-heading-left fusion-responsive-typography-calculated\" style=\"margin:0;font-size:1em;--fontSize:32;line-height:0.78;\"><h3><strong>Conclusion<\/strong><\/h3><\/h2><\/div><div class=\"fusion-text fusion-text-5\"><p>The ERT is a very handy tool for NERC responsible entities that are preparing evidence ahead of the audit period. The latest version 4.0 introduces many changes in Level 1 evidence requests, which entities must take note of while preparing for their next audit. Entities are highly encouraged to review both the new ERT user guide and the complete list of changes from version 3.0. <a href=\"http:\/\/72.52.228.46\/~itegriti\/\" target=\"_blank\" rel=\"noopener noreferrer\">ITEGRITI<\/a> has the knowledge and the experience to help entities navigate through the changes in the ERT tool and provide the evidence appropriate for the audit. <a href=\"http:\/\/72.52.228.46\/~itegriti\/contact\/\" target=\"_blank\" rel=\"noopener noreferrer\">Contact<\/a> the experts to learn more.<\/p>\n<\/div><div class=\"fusion-clearfix\"><\/div><\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":10,"featured_media":1703,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2179],"tags":[1776],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.0 (Yoast SEO v23.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is New in the Evidence Request Tool verson 4.0?<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is New in the Evidence Request Tool v4.0?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\" \/>\n<meta property=\"og:site_name\" content=\"kw022024\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/itegriti\" \/>\n<meta property=\"article:published_time\" content=\"2020-03-13T17:20:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-12T05:28:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"450\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Anastasios Arampatzis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TassosAramp\" \/>\n<meta name=\"twitter:site\" content=\"@itegriti\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Anastasios Arampatzis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\"},\"author\":{\"name\":\"Anastasios Arampatzis\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\"},\"headline\":\"What is New in the Evidence Request Tool v4.0?\",\"datePublished\":\"2020-03-13T17:20:46+00:00\",\"dateModified\":\"2021-04-12T05:28:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\"},\"wordCount\":1796,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png\",\"keywords\":[\"6 Minute Read\"],\"articleSection\":[\"Compliance\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\",\"name\":\"What is New in the Evidence Request Tool verson 4.0?\",\"isPartOf\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png\",\"datePublished\":\"2020-03-13T17:20:46+00:00\",\"dateModified\":\"2021-04-12T05:28:46+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png\",\"width\":800,\"height\":450},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itegriti.com\/kw022024\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What is New in the Evidence Request Tool v4.0?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#website\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"name\":\"ITEGRITI\",\"description\":\"cybersecurity | compliance | managed services\",\"publisher\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#organization\",\"name\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\",\"url\":\"https:\/\/itegriti.com\/kw022024\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"contentUrl\":\"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png\",\"width\":600,\"height\":100,\"caption\":\"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services\"},\"image\":{\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/itegriti\",\"https:\/\/x.com\/itegriti\",\"https:\/\/www.linkedin.com\/company\/itegriti\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673\",\"name\":\"Anastasios Arampatzis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g\",\"caption\":\"Anastasios Arampatzis\"},\"description\":\"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.\",\"sameAs\":[\"http:\/\/www.welcometobora.com\",\"https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/\",\"https:\/\/x.com\/TassosAramp\"],\"url\":\"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What is New in the Evidence Request Tool verson 4.0?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/","og_locale":"en_US","og_type":"article","og_title":"What is New in the Evidence Request Tool v4.0?","og_url":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/","og_site_name":"kw022024","article_publisher":"https:\/\/www.facebook.com\/itegriti","article_published_time":"2020-03-13T17:20:46+00:00","article_modified_time":"2021-04-12T05:28:46+00:00","og_image":[{"width":800,"height":450,"url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png","type":"image\/png"}],"author":"Anastasios Arampatzis","twitter_card":"summary_large_image","twitter_creator":"@TassosAramp","twitter_site":"@itegriti","twitter_misc":{"Written by":"Anastasios Arampatzis","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#article","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/"},"author":{"name":"Anastasios Arampatzis","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673"},"headline":"What is New in the Evidence Request Tool v4.0?","datePublished":"2020-03-13T17:20:46+00:00","dateModified":"2021-04-12T05:28:46+00:00","mainEntityOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/"},"wordCount":1796,"commentCount":0,"publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png","keywords":["6 Minute Read"],"articleSection":["Compliance"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/","url":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/","name":"What is New in the Evidence Request Tool verson 4.0?","isPartOf":{"@id":"https:\/\/itegriti.com\/kw022024\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage"},"thumbnailUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png","datePublished":"2020-03-13T17:20:46+00:00","dateModified":"2021-04-12T05:28:46+00:00","breadcrumb":{"@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#primaryimage","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2020\/03\/What-is-New-in-the-Evidence-Request-Tool-v4.0-1.png","width":800,"height":450},{"@type":"BreadcrumbList","@id":"https:\/\/itegriti.com\/kw022024\/2020\/compliance\/evidence-request-tool-new-version-4\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itegriti.com\/kw022024\/"},{"@type":"ListItem","position":2,"name":"What is New in the Evidence Request Tool v4.0?"}]},{"@type":"WebSite","@id":"https:\/\/itegriti.com\/kw022024\/#website","url":"https:\/\/itegriti.com\/kw022024\/","name":"ITEGRITI","description":"cybersecurity | compliance | managed services","publisher":{"@id":"https:\/\/itegriti.com\/kw022024\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itegriti.com\/kw022024\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itegriti.com\/kw022024\/#organization","name":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services","url":"https:\/\/itegriti.com\/kw022024\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/","url":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","contentUrl":"https:\/\/itegriti.com\/kw022024\/wp-content\/uploads\/2016\/06\/ItegritiLogo_600x100.png","width":600,"height":100,"caption":"ITEGRITI CORPORATION | Cybersecurity | Compliance | Managed Services"},"image":{"@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/itegriti","https:\/\/x.com\/itegriti","https:\/\/www.linkedin.com\/company\/itegriti\/"]},{"@type":"Person","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/6fa12fbccd5abc86c2ce14ffbb619673","name":"Anastasios Arampatzis","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itegriti.com\/kw022024\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/adff645e812a27c2d07dd3c43fc9cd32?s=96&d=mm&r=g","caption":"Anastasios Arampatzis"},"description":"Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years\u2019 worth of experience in managing IT projects and evaluating cybersecurity. During his service in the Armed Forces, he was assigned to various key positions in national, NATO and EU headquarters and has been honoured by numerous high-ranking officers for his expertise and professionalism. He was nominated as a certified NATO evaluator for information security. Anastasios\u2019 interests include among others cybersecurity policy and governance, ICS and IoT security, encryption, and certificates management. He is also exploring the human side of cybersecurity - the psychology of security, public education, organizational training programs, and the effect of biases (cultural, heuristic and cognitive) in applying cybersecurity policies and integrating technology into learning. He is intrigued by new challenges, open-minded and flexible. Currently, he works as a cybersecurity content writer for Bora - IT Security Marketing. Tassos is a member of the non-profit organization Homo Digitalis.","sameAs":["http:\/\/www.welcometobora.com","https:\/\/www.linkedin.com\/in\/anastasiosarampatzis\/","https:\/\/x.com\/TassosAramp"],"url":"https:\/\/itegriti.com\/kw022024\/author\/anastasios-arampatiz\/"}]}},"_links":{"self":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1698"}],"collection":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/comments?post=1698"}],"version-history":[{"count":6,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1698\/revisions"}],"predecessor-version":[{"id":1993,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/posts\/1698\/revisions\/1993"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media\/1703"}],"wp:attachment":[{"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/media?parent=1698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/categories?post=1698"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itegriti.com\/kw022024\/wp-json\/wp\/v2\/tags?post=1698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}