How to Handle NERC's Risk-Based Reliability Compliance Monitoring
As the Electric Reliability Organization (ERO) enters it’s fourth year as a mandatory entity, NERC and the Regional Entities have been working with the registered entities, FERC, and other stakeholders to improve reliability. One of the latest topics being discussed at reliability workshops and meetings is the implementation of Risk-Based Reliability Compliance Monitoring. What does this mean to a registered entity and how best to prepare for this change?
NERC and the Regional Entities have gathered enough data over the last four years to start the assessment to develop a risk-based reliability program. Many mature industries have adopted the same type of approach in the past. NERC has started to identify the core set of critical reliability standards to be audited and what areas are most crucial for reliability. NERC has also been working over the years to assist registered entities on how to build strong compliance programs and what it takes to implement a culture of compliance within an organization.
NERC has identified some of the criteria to start developing a Risk-Based Reliability program, they include:
- NERC top 20 list of allegedly violated reliability standards
- High Violation Risk Factor (VRF)
- Violation Risk Index (VRI)
- Past reliability events and major reliability issues
- Input from Regional Entities; especially from the audit teams and enforcement groups
- Assessment of registered entities compliance program and compliance culture
Some Regional Entities are developing their own Compliance Surveys that will be sent out to their registered entities. AssurX Compliance Services division has developed a white-paper outlining some of the key issues an organization should focus on to build an internal culture of compliance. As the ERO matures, more attention should focus on sharing lessons-learned from events, improving critical reliability standards, and how a registered entity mitigates identified issues.