Transmission Control Center Network Cybersecurity

Due to the importance of protecting the Tennessee Valley Authority’s (TVA) operations from external cyber events, we performed an audit of TVA’s transmission control center network cybersecurity. The audit objective was to determine if TVA has sustainable processes for identifying, implementing, and managing the network architecture to reduce the overall cybersecurity risk to TVA resources in their transmission networks.  The audit scope was limited to TVA’s transmission control center network.  We made one recommendation to TVA management. The specifics are being withheld from public release due to their sensitive nature in relation to TVA’s cybersecurity.