NEMA CPSP 5-2023

The primary purpose of a cybersecurity risk assessment is to help organizations understand, control, and mitigate all forms of cyber risk. Owner-operators, integrators, installers, and/or end users with the responsibility of procuring electrical and medical imaging equipment and systems are often tasked with conducting a cybersecurity risk assessment.
As the organizational and asset questions listed in this document are commonly asked of NEMA electrical equipment and medical imaging manufacturers, this document serves as a reference point for further conversations and discussions in a cybersecurity risk assessment.