The Top 10 FERC Enforceable Standards in 2010

Article title
Tamar June
In NERC Compliance

Last year we blogged about the top 10 FERC enforceable actions for the NERC standards, with PRC-005-1 violations leading the pack. As you can see in the chart below, 8 out of the top 10 violations are CIP related. So, what changed?

FERC Top 10 Enforceable 2010

According to Trey Kirkpatrick, VP, Energy and Utilities Compliance for AssurX, “With the emergence of the CIP standards into the NERC and Regional Entities CMEP program, registered entities are self-reporting more CIP violations.  The entities are finding that documentation of personnel training and system security management continue to be an area for improvement. The registered entities are taking action with proper mitigation plans that are approved by the Regional Entities and NERC. They are also continuing to learn from other areas such as; nuclear power and health sciences how to instill a ‘Culture of Compliance’ in their workforce.”

And, as stated in NERC’s February 2011 Newsletter:

The Department of Energy (DOE) is launching an initiative to enhance cyber security on the electric grid. The initiative, led by the Department¹s Office of Electricity Delivery and Energy Reliability (OE), the National Institute of Standards and Technology (NIST), and the North American Electric Reliability Corporation (NERC), will be an open collaboration with representatives from across the public and private sectors to develop a cybersecurity risk management process guideline for the electric sector.

The Regional Entities and NERC are also performing more on-site audits and spot-checks. They are discovering implementation inconsistencies between entities and are sharing those lessons learned with FERC and the registered entities.  NERC has standard teams currently revising the next version of the CIP standards.  AssurX will continue to follow these revisions in updates to our readers in future blogs.

Leave a Reply

Quality Management Software
AssurX Quality + Compliance ManagementA single versatile system can improve quality, compliance and streamline workflow
Don't Miss A Post

Subscribe to our blog to receive an email when we publish new content.

Recent Posts
Quality and Compliance Systems for Every Enterprise
A single versatile system can improve quality, compliance and streamline workflow.