NERC Focused on Four Key Initiatives at 2013 Fall Standards and Compliance Workshop
The 2013 Fall Standards and Compliance Workshop is taking place this week in Atlanta. NERC, the Regions and the industry are undertaking many initiatives. Gerry Cauley, NERC President and CEO, gave the keynote remarks today at the workshop.
Mr. Cauley addressed “Why are we make all these changes?” There is a focus on the reliability issues that would prevent a blackout and sharing these lessons learned with the industry. He is excited about the Risk-Based approach underway.
He noted a few of the accomplishments over the years with improvement in vegetation management, operational training and communication.
NERC Staff and the Board of Trustees are focused in four (4) initiatives.
- Standard Process Reform – Standard development has made a turn for the better. New staff changes over the last year. The RISC committee has prioritized risk and made recommendations to the Board. NERC also put an independent team of experts in place to review the standards. This produced the Industry Expert Review Report. Now the Standards Committee has the responsibility to work with the standard drafting teams to review and implement these recommendations.
- Compliance and Enforcement – When this all started in 2007, there were teams of auditors and checklists of items that ended up creating the wrong incentives. Mr. Cauley defines success as preventing avoidable blackouts and improving reliability. By having the registered entities monitor their own compliance, this will improve discovery using internal controls and having effective remediations. The Find, Fix and Track Reporting has received a positive response from the FERC Commission. They want NERC and the Regions to continue with the Reliability Assurance Initiative (RAI) implementation. There are currently pilots going in across four regions.
- Event Analysis Program/Risk Assessment – (See Reliability Assessment and Performance Analysis (RAPA) presentation). The industry is submitting reports for Category 2 or above incidents. This includes a Root Cause and Mitigation Plans. NERC has had training for a more robust Root Cause approach.
- Cyber and Physical Security – Everyone is aware of the concerns for a cyber attack and NERC believes that improving the standards and sharing lessons learned is the right approach. The intent is to have a smooth transition from CIP version 3 standards to the new CIP version 5 standards. Registered entities will need to have the proper internal controls in place. NERC is currently running pilot programs with volunteers for the new CIP version 5 standards. They will share these lessons learned with the industry.
AssurX will have future blogs discussing NERC’s guidance on transition from CIP version 3 to version 5. NERC encourages entities to work with their regions regarding implementation plans and keep the communication open. NERC is also refreshing their physical security guidelines and lessons learned as part of this initiative.