The U.S. Department of Energy Office of Inspector General Office of Audits and Inspections issued the following report: Audit Report -Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security (DOE/IG-0846) dated January 2011. It is an absolute damming report of the NERC CIPs, the NERC CIP process, and the enforcement of the standards. I will leave it to the readers to go through it. The report leaves little doubt that NERC can improve the process enough to drive protection of the grid in the next five years if they really wanted. However, the direction NERC is moving (Version 4) is the wrong direction. Any doubt where this is going?