FERC Internal Compliance Program Demands Should be Met with Focus, Common Sense and a Little Flexibility
In 2008, the Federal Energy Regulatory Commission (FERC) issued a directive that all NERC registered entities must create and implement an Internal Compliance Program (ICP). As it happens, I’ve developed dozens of these programs in the past for organizations such as Philips Electronics, PacBell Internet, Toys-R-Us, Chic-Fil-A, Exxon, Kaiser Permanente, BMG/Columbia-House and others.
I was sure that the power industries reaction would be similar. I was right.
Of our 78 clients, we only received feedback on two occasions that asked for a modification. This blog will detail what those requests were and how we handled them. It’s my hope that the experiences shared here will help you if you have similar questions or concerns.
The RRO’s specifically stated that they were not looking for any type of written or verbal response, but the comments were merely suggestions that they had for our clients to consider during their revision process.
- The emergency contact section referenced the policy/procedure that was created for COM-002-1. It was recommended, and we agreed, that a separate attachment be created specifically for the ICP.
- Even on the draft versions of the ICP, it was recommended that signatures be placed on the document showing that management was definitely involved. We agreed.
- The RRO’s liked the tracking system we used for the procedural process, but they wanted more detail as to who the ICP would be disseminated to. One of the RRO’s specifically asked us to add more detail to not only who this would be disseminated to, but also what each of those individuals’ job functions is. We disagreed with this RRO as all employees were, in some way, responsible for adhering to the ICP and to add more than 600 job titles and functions would not be in the best interest of our client(s).
- Both RRO’s wanted a very detailed organizational chart…one that specifically included information of who was an executive, manager, director etc within the organization. We agreed to this request as it was not a difficult task and would definitely allow the RRO to know where management stood in the “pecking order”.
- One of the RRO’s wanted to know with more detail when reports were to be submitted to the CEO and/or Board. The particular RRO stated that “on a regular basis” was not sufficient and requested that we state monthly, quarterly, semi-annual etc. We agreed and made the appropriate changes. We also added into the detail what would be included in the report to the CEO/Board.
- The RRO’s wanted a statement included in the ICP declaring whether or not budgets were a consideration when creating the ICP.
- The RRO’s wanted to know what was being audited when our clients conducted their annual mock audits. The RRO’s wanted to know which standards would be audited or was it just the ICP. We agreed to their recommendations and made the modifications.
For more information or to respond to this blog, please email me or you can just leave a comment below.