*Document system configuration and access control (Task ID: R3-9792)

*Implement controls to prevent unauthorized access tools and data. (Task ID: R3-9794)

*Communicate with user and system owners as part of due dilligence (Task ID: R3-9182)

*Develop an asset inventory of both hardware and software. Link this inventory to other security tools. (Task ID: R3-9321)

*Develop technical libraries for all protocols inuse and noted security issues (Task ID: R3-9315)

*Establish Operational Level Agreements and/or Service Level Agreements where appropriate. (Task ID: R3-9172)

*Identify business, contractual, SLA and legal requirements that can be met by monitoring solution (Task ID: R3-9148)

*Understand how specific tools accomplish their results (i.e. nmap, nessus, metasploit, etc.) - what methods and protocols are used. (Task ID: R3-9344)

*Understand the ANSI C12 Standards (i.e. C12.18, C12.19, C12.21, C12.22) (Task ID: R3-9320)

*Update network deployments to segragate systems that cannot handle vulnerability scans. (Task ID: R3-9292)

*Identify the interdependencies between the data network and the power system including fault isolation and protection (Task ID: R3-9335)

*Identify stakeholders which would be users of monitoring solution and their unique requirements (Task ID: R3-9155)

*Document procedures for the successful and proper use of all security tools with a special attention to constraints (Task ID: R3-9648)

*Review security operations procedures for tool use and current versions (Task ID: R3-9650)