2013 reliabilityfirst cmep implementation plan - nerc
TRANSCRIPT
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm 22001133 IImmpplleemmeennttaattiioonn PPllaann
January 1 2013 VVeerrssiioonn 0011
NOTE
CMEP Implementation Plan and the ReliabilityFirst 2013 Compliance Monitoring Schedule are posted at the following links httpswwwrfirstorgcompliancePagesCMEPImplementationPlansaspx httpswwwrfirstorgcompliancePagesSchedulesaspx
Table of Contents
2
TTaabbllee ooff CCoonntteennttss
ReliabilityFirst Compliance Monitoring and Enforcement Program 5
Introduction 7
2013 Executive Summary 9
ReliabilityFirst Compliance Monitoring and Enforcement Organization 11
Risk-Based Compliance Monitoring Approach 12
2013 Implementation Plan Development Methodology 13
ERO High-Risk Priorities 13
Southwest Blackout Report 13
FERC Order and Guidance 14
Violation Trend History 14
Input from Staff 14
Future Considerations 14
Three-Tiered Approach to Requirements Specification 14
Three-Tiered Approach to Audit Scope Determination 15
Audit Scope 16
Implementation Plan Summary 16
Reliability Standards Subject to 2013 CMEP Implementation 18
BAL ndash Resource and Demand Balancing 18
CIP ndash Critical Infrastructure Protection 18
COM ndash Communications 19
EOP ndash Emergency Preparedness and Operations 19
FAC ndash Facilities Design Connections and Maintenance 19
IRO ndash Interconnection Reliability Operations and Coordination 20
MOD ndash Modeling Data and Analysis 20
NUC ndash Nuclear 20
PER ndash Personnel Performance Training and Qualifications 21
PRC ndash Protection and Control 21
TOP ndash Transmission Operations 22
TPL ndash Transmission Planning 22
VAR ndash Voltage and Reactive 22
CMEP Discovery Methods 23
I Compliance Audits 23
Audit Focus or Scope 24
CIP Reliability Standards Compliance Audits 25
2013 Compliance Audit Schedule 25
Compliance Audit Reports 26
Reliability Standard Auditor Worksheets (RSAW) 27
Mitigation Plans 28
Table of Contents
3
II Self-Certification 28
CIP-002-3 through CIP-009-3 Reliability Standards 28
III Spot Checks 29
IV Periodic Data Submittals 29
V Self-Reporting 29
VI Exception-Reporting 30
VII Complaint 30
VIII Compliance Investigations 30
Key CMEP Activities and Initiatives 32
CMEP Transparency Elements 32
Outreach Efforts and Compliance Communications 33
Monthly Newsletter 33
Monthly Compliance Update Letter 33
ReliabilityFirst website 33
WorkshopsSeminarsWebinars 33
Compliance Data Management System (CDMS) 33
Periodic Reports 33
Open Compliance Calls 33
Assist Visits 34
Compliance Communication 34
Training and Self Improvement Activities 35
Compliance Auditors 35
Compliance Investigation (CI) Staff 35
Compliance Reviews of Events and Disturbances 35
Registered Entity Responsibilities 36
Regional Entity Responsibilities 36
Registration and Certification 37
Multi-Regional Registered Entities (MRRE) 37
Joint Registration Organization and Coordinated Functional Registration 37
Results of Abrupt or Forced Registration Changes 38
Enforcement Initiatives 38
Further Implementation of the CEI 38
ERO Guidance on COM-002-2 ndash Communication and Coordination 38
Approved Standards Which Reference Unapproved Standards 39
ReliabilityFirst CMEP Implementation Plan 41
Conclusion helliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphellip 42
Document Change Revision History 43
Appendix 1 ndash Standards and Requirements Implicated System Events 44
Appendix 2 ndash Compliance Assessment Template 46
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit 50
Table of Contents
4
[Blank Page]
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
5
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm
The North American Electric Reliability Corporation (NERC) Compliance Monitoring
and Enforcement Program (CMEP) is developed under Section 215(c) of the Federal
Power Act1 to establish and enforce Reliability Standards for the Bulk Electric System
(BES) subject to review by the Federal Energy Regulatory Commission (FERC) and in
general accordance with the ldquoPrinciples for an Electric Reliability Organization that can
Function on an International Basisrdquo2 The CMEP is designed to improve reliability
through the effective and efficient enforcement of Reliability Standards
To help fulfill its responsibilities under its rules filed with regulatory authorities NERC
as the international Electric Reliability Organization (ERO) has delegated authority to
monitor and enforce compliance with Reliability Standards of owners operators and
users of the BES to qualified Regional Entities This delegation is governed by regional
delegation agreements (RDAs) that have been approved by the appropriate regulatory
authorities NERC and the Regional Entities are responsible for carrying out the CMEP
Under NERCrsquos oversight each Regional Entity submits to NERC for approval its regional
CMEP implementation plan that is based on this document
Reliability and accountability are basic tenants of the CMEP In concert with this
mutually agreed upon goal of NERC and the Regional Entities accountability is an
important characteristic of the collective endeavor NERC as the Federal Energy
Regulatory Commission (FERC) certified Electric Reliability Organization (ERO) along
with the Regional Entities are accountable to the regulators to fulfill this charge
Conducting a thorough risk based compliance program and appropriate enforcement
actions coupled with providing a continual education and information campaign to assist
the industry to achieve and sustain compliance will enhance reliability NERC in
conjunction with ReliabilityFirst and all of the Regional Entities continue to refine and
improve the annual CMEP Annual Implementation Plans and the Actively Monitored
List (AML) of standards with a goal that serves to enhance reliability not mandate a
single means of achieving it
Registered Entities are reminded that in the NERC Rules of Procedure (RoP)3 it states
that all Bulk Power System (BPS) users owners and operators are required to comply
with ALL applicable ERO governmental authority approved Reliability Standards at
ALL times Regional Reliability Standards and regional variances approved by NERC
and the applicable ERO governmental authority are enforceable and apply to all
Registered Entities responsible for meeting those Reliability Standards within the
Regional Entity boundaries whether or not the BPS user owner or operator is a member
of the Regional Entity
1 httpwwwnerccomfileUploadsFileAboutNERCHR6_Electricity_Titlepdf
2 Bilateral Electric Reliability Oversight Group August 3 2005 (the ldquoBilateral Principlesrdquo)
3 See Rules of Procedure Section 4012 at httpwwwnerccompagephpcid=1|8|169
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Table of Contents
2
TTaabbllee ooff CCoonntteennttss
ReliabilityFirst Compliance Monitoring and Enforcement Program 5
Introduction 7
2013 Executive Summary 9
ReliabilityFirst Compliance Monitoring and Enforcement Organization 11
Risk-Based Compliance Monitoring Approach 12
2013 Implementation Plan Development Methodology 13
ERO High-Risk Priorities 13
Southwest Blackout Report 13
FERC Order and Guidance 14
Violation Trend History 14
Input from Staff 14
Future Considerations 14
Three-Tiered Approach to Requirements Specification 14
Three-Tiered Approach to Audit Scope Determination 15
Audit Scope 16
Implementation Plan Summary 16
Reliability Standards Subject to 2013 CMEP Implementation 18
BAL ndash Resource and Demand Balancing 18
CIP ndash Critical Infrastructure Protection 18
COM ndash Communications 19
EOP ndash Emergency Preparedness and Operations 19
FAC ndash Facilities Design Connections and Maintenance 19
IRO ndash Interconnection Reliability Operations and Coordination 20
MOD ndash Modeling Data and Analysis 20
NUC ndash Nuclear 20
PER ndash Personnel Performance Training and Qualifications 21
PRC ndash Protection and Control 21
TOP ndash Transmission Operations 22
TPL ndash Transmission Planning 22
VAR ndash Voltage and Reactive 22
CMEP Discovery Methods 23
I Compliance Audits 23
Audit Focus or Scope 24
CIP Reliability Standards Compliance Audits 25
2013 Compliance Audit Schedule 25
Compliance Audit Reports 26
Reliability Standard Auditor Worksheets (RSAW) 27
Mitigation Plans 28
Table of Contents
3
II Self-Certification 28
CIP-002-3 through CIP-009-3 Reliability Standards 28
III Spot Checks 29
IV Periodic Data Submittals 29
V Self-Reporting 29
VI Exception-Reporting 30
VII Complaint 30
VIII Compliance Investigations 30
Key CMEP Activities and Initiatives 32
CMEP Transparency Elements 32
Outreach Efforts and Compliance Communications 33
Monthly Newsletter 33
Monthly Compliance Update Letter 33
ReliabilityFirst website 33
WorkshopsSeminarsWebinars 33
Compliance Data Management System (CDMS) 33
Periodic Reports 33
Open Compliance Calls 33
Assist Visits 34
Compliance Communication 34
Training and Self Improvement Activities 35
Compliance Auditors 35
Compliance Investigation (CI) Staff 35
Compliance Reviews of Events and Disturbances 35
Registered Entity Responsibilities 36
Regional Entity Responsibilities 36
Registration and Certification 37
Multi-Regional Registered Entities (MRRE) 37
Joint Registration Organization and Coordinated Functional Registration 37
Results of Abrupt or Forced Registration Changes 38
Enforcement Initiatives 38
Further Implementation of the CEI 38
ERO Guidance on COM-002-2 ndash Communication and Coordination 38
Approved Standards Which Reference Unapproved Standards 39
ReliabilityFirst CMEP Implementation Plan 41
Conclusion helliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphellip 42
Document Change Revision History 43
Appendix 1 ndash Standards and Requirements Implicated System Events 44
Appendix 2 ndash Compliance Assessment Template 46
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit 50
Table of Contents
4
[Blank Page]
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
5
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm
The North American Electric Reliability Corporation (NERC) Compliance Monitoring
and Enforcement Program (CMEP) is developed under Section 215(c) of the Federal
Power Act1 to establish and enforce Reliability Standards for the Bulk Electric System
(BES) subject to review by the Federal Energy Regulatory Commission (FERC) and in
general accordance with the ldquoPrinciples for an Electric Reliability Organization that can
Function on an International Basisrdquo2 The CMEP is designed to improve reliability
through the effective and efficient enforcement of Reliability Standards
To help fulfill its responsibilities under its rules filed with regulatory authorities NERC
as the international Electric Reliability Organization (ERO) has delegated authority to
monitor and enforce compliance with Reliability Standards of owners operators and
users of the BES to qualified Regional Entities This delegation is governed by regional
delegation agreements (RDAs) that have been approved by the appropriate regulatory
authorities NERC and the Regional Entities are responsible for carrying out the CMEP
Under NERCrsquos oversight each Regional Entity submits to NERC for approval its regional
CMEP implementation plan that is based on this document
Reliability and accountability are basic tenants of the CMEP In concert with this
mutually agreed upon goal of NERC and the Regional Entities accountability is an
important characteristic of the collective endeavor NERC as the Federal Energy
Regulatory Commission (FERC) certified Electric Reliability Organization (ERO) along
with the Regional Entities are accountable to the regulators to fulfill this charge
Conducting a thorough risk based compliance program and appropriate enforcement
actions coupled with providing a continual education and information campaign to assist
the industry to achieve and sustain compliance will enhance reliability NERC in
conjunction with ReliabilityFirst and all of the Regional Entities continue to refine and
improve the annual CMEP Annual Implementation Plans and the Actively Monitored
List (AML) of standards with a goal that serves to enhance reliability not mandate a
single means of achieving it
Registered Entities are reminded that in the NERC Rules of Procedure (RoP)3 it states
that all Bulk Power System (BPS) users owners and operators are required to comply
with ALL applicable ERO governmental authority approved Reliability Standards at
ALL times Regional Reliability Standards and regional variances approved by NERC
and the applicable ERO governmental authority are enforceable and apply to all
Registered Entities responsible for meeting those Reliability Standards within the
Regional Entity boundaries whether or not the BPS user owner or operator is a member
of the Regional Entity
1 httpwwwnerccomfileUploadsFileAboutNERCHR6_Electricity_Titlepdf
2 Bilateral Electric Reliability Oversight Group August 3 2005 (the ldquoBilateral Principlesrdquo)
3 See Rules of Procedure Section 4012 at httpwwwnerccompagephpcid=1|8|169
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Table of Contents
3
II Self-Certification 28
CIP-002-3 through CIP-009-3 Reliability Standards 28
III Spot Checks 29
IV Periodic Data Submittals 29
V Self-Reporting 29
VI Exception-Reporting 30
VII Complaint 30
VIII Compliance Investigations 30
Key CMEP Activities and Initiatives 32
CMEP Transparency Elements 32
Outreach Efforts and Compliance Communications 33
Monthly Newsletter 33
Monthly Compliance Update Letter 33
ReliabilityFirst website 33
WorkshopsSeminarsWebinars 33
Compliance Data Management System (CDMS) 33
Periodic Reports 33
Open Compliance Calls 33
Assist Visits 34
Compliance Communication 34
Training and Self Improvement Activities 35
Compliance Auditors 35
Compliance Investigation (CI) Staff 35
Compliance Reviews of Events and Disturbances 35
Registered Entity Responsibilities 36
Regional Entity Responsibilities 36
Registration and Certification 37
Multi-Regional Registered Entities (MRRE) 37
Joint Registration Organization and Coordinated Functional Registration 37
Results of Abrupt or Forced Registration Changes 38
Enforcement Initiatives 38
Further Implementation of the CEI 38
ERO Guidance on COM-002-2 ndash Communication and Coordination 38
Approved Standards Which Reference Unapproved Standards 39
ReliabilityFirst CMEP Implementation Plan 41
Conclusion helliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphelliphellip 42
Document Change Revision History 43
Appendix 1 ndash Standards and Requirements Implicated System Events 44
Appendix 2 ndash Compliance Assessment Template 46
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit 50
Table of Contents
4
[Blank Page]
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
5
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm
The North American Electric Reliability Corporation (NERC) Compliance Monitoring
and Enforcement Program (CMEP) is developed under Section 215(c) of the Federal
Power Act1 to establish and enforce Reliability Standards for the Bulk Electric System
(BES) subject to review by the Federal Energy Regulatory Commission (FERC) and in
general accordance with the ldquoPrinciples for an Electric Reliability Organization that can
Function on an International Basisrdquo2 The CMEP is designed to improve reliability
through the effective and efficient enforcement of Reliability Standards
To help fulfill its responsibilities under its rules filed with regulatory authorities NERC
as the international Electric Reliability Organization (ERO) has delegated authority to
monitor and enforce compliance with Reliability Standards of owners operators and
users of the BES to qualified Regional Entities This delegation is governed by regional
delegation agreements (RDAs) that have been approved by the appropriate regulatory
authorities NERC and the Regional Entities are responsible for carrying out the CMEP
Under NERCrsquos oversight each Regional Entity submits to NERC for approval its regional
CMEP implementation plan that is based on this document
Reliability and accountability are basic tenants of the CMEP In concert with this
mutually agreed upon goal of NERC and the Regional Entities accountability is an
important characteristic of the collective endeavor NERC as the Federal Energy
Regulatory Commission (FERC) certified Electric Reliability Organization (ERO) along
with the Regional Entities are accountable to the regulators to fulfill this charge
Conducting a thorough risk based compliance program and appropriate enforcement
actions coupled with providing a continual education and information campaign to assist
the industry to achieve and sustain compliance will enhance reliability NERC in
conjunction with ReliabilityFirst and all of the Regional Entities continue to refine and
improve the annual CMEP Annual Implementation Plans and the Actively Monitored
List (AML) of standards with a goal that serves to enhance reliability not mandate a
single means of achieving it
Registered Entities are reminded that in the NERC Rules of Procedure (RoP)3 it states
that all Bulk Power System (BPS) users owners and operators are required to comply
with ALL applicable ERO governmental authority approved Reliability Standards at
ALL times Regional Reliability Standards and regional variances approved by NERC
and the applicable ERO governmental authority are enforceable and apply to all
Registered Entities responsible for meeting those Reliability Standards within the
Regional Entity boundaries whether or not the BPS user owner or operator is a member
of the Regional Entity
1 httpwwwnerccomfileUploadsFileAboutNERCHR6_Electricity_Titlepdf
2 Bilateral Electric Reliability Oversight Group August 3 2005 (the ldquoBilateral Principlesrdquo)
3 See Rules of Procedure Section 4012 at httpwwwnerccompagephpcid=1|8|169
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Table of Contents
4
[Blank Page]
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
5
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm
The North American Electric Reliability Corporation (NERC) Compliance Monitoring
and Enforcement Program (CMEP) is developed under Section 215(c) of the Federal
Power Act1 to establish and enforce Reliability Standards for the Bulk Electric System
(BES) subject to review by the Federal Energy Regulatory Commission (FERC) and in
general accordance with the ldquoPrinciples for an Electric Reliability Organization that can
Function on an International Basisrdquo2 The CMEP is designed to improve reliability
through the effective and efficient enforcement of Reliability Standards
To help fulfill its responsibilities under its rules filed with regulatory authorities NERC
as the international Electric Reliability Organization (ERO) has delegated authority to
monitor and enforce compliance with Reliability Standards of owners operators and
users of the BES to qualified Regional Entities This delegation is governed by regional
delegation agreements (RDAs) that have been approved by the appropriate regulatory
authorities NERC and the Regional Entities are responsible for carrying out the CMEP
Under NERCrsquos oversight each Regional Entity submits to NERC for approval its regional
CMEP implementation plan that is based on this document
Reliability and accountability are basic tenants of the CMEP In concert with this
mutually agreed upon goal of NERC and the Regional Entities accountability is an
important characteristic of the collective endeavor NERC as the Federal Energy
Regulatory Commission (FERC) certified Electric Reliability Organization (ERO) along
with the Regional Entities are accountable to the regulators to fulfill this charge
Conducting a thorough risk based compliance program and appropriate enforcement
actions coupled with providing a continual education and information campaign to assist
the industry to achieve and sustain compliance will enhance reliability NERC in
conjunction with ReliabilityFirst and all of the Regional Entities continue to refine and
improve the annual CMEP Annual Implementation Plans and the Actively Monitored
List (AML) of standards with a goal that serves to enhance reliability not mandate a
single means of achieving it
Registered Entities are reminded that in the NERC Rules of Procedure (RoP)3 it states
that all Bulk Power System (BPS) users owners and operators are required to comply
with ALL applicable ERO governmental authority approved Reliability Standards at
ALL times Regional Reliability Standards and regional variances approved by NERC
and the applicable ERO governmental authority are enforceable and apply to all
Registered Entities responsible for meeting those Reliability Standards within the
Regional Entity boundaries whether or not the BPS user owner or operator is a member
of the Regional Entity
1 httpwwwnerccomfileUploadsFileAboutNERCHR6_Electricity_Titlepdf
2 Bilateral Electric Reliability Oversight Group August 3 2005 (the ldquoBilateral Principlesrdquo)
3 See Rules of Procedure Section 4012 at httpwwwnerccompagephpcid=1|8|169
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
5
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt PPrrooggrraamm
The North American Electric Reliability Corporation (NERC) Compliance Monitoring
and Enforcement Program (CMEP) is developed under Section 215(c) of the Federal
Power Act1 to establish and enforce Reliability Standards for the Bulk Electric System
(BES) subject to review by the Federal Energy Regulatory Commission (FERC) and in
general accordance with the ldquoPrinciples for an Electric Reliability Organization that can
Function on an International Basisrdquo2 The CMEP is designed to improve reliability
through the effective and efficient enforcement of Reliability Standards
To help fulfill its responsibilities under its rules filed with regulatory authorities NERC
as the international Electric Reliability Organization (ERO) has delegated authority to
monitor and enforce compliance with Reliability Standards of owners operators and
users of the BES to qualified Regional Entities This delegation is governed by regional
delegation agreements (RDAs) that have been approved by the appropriate regulatory
authorities NERC and the Regional Entities are responsible for carrying out the CMEP
Under NERCrsquos oversight each Regional Entity submits to NERC for approval its regional
CMEP implementation plan that is based on this document
Reliability and accountability are basic tenants of the CMEP In concert with this
mutually agreed upon goal of NERC and the Regional Entities accountability is an
important characteristic of the collective endeavor NERC as the Federal Energy
Regulatory Commission (FERC) certified Electric Reliability Organization (ERO) along
with the Regional Entities are accountable to the regulators to fulfill this charge
Conducting a thorough risk based compliance program and appropriate enforcement
actions coupled with providing a continual education and information campaign to assist
the industry to achieve and sustain compliance will enhance reliability NERC in
conjunction with ReliabilityFirst and all of the Regional Entities continue to refine and
improve the annual CMEP Annual Implementation Plans and the Actively Monitored
List (AML) of standards with a goal that serves to enhance reliability not mandate a
single means of achieving it
Registered Entities are reminded that in the NERC Rules of Procedure (RoP)3 it states
that all Bulk Power System (BPS) users owners and operators are required to comply
with ALL applicable ERO governmental authority approved Reliability Standards at
ALL times Regional Reliability Standards and regional variances approved by NERC
and the applicable ERO governmental authority are enforceable and apply to all
Registered Entities responsible for meeting those Reliability Standards within the
Regional Entity boundaries whether or not the BPS user owner or operator is a member
of the Regional Entity
1 httpwwwnerccomfileUploadsFileAboutNERCHR6_Electricity_Titlepdf
2 Bilateral Electric Reliability Oversight Group August 3 2005 (the ldquoBilateral Principlesrdquo)
3 See Rules of Procedure Section 4012 at httpwwwnerccompagephpcid=1|8|169
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
ReliabilityFirst Compliance Monitoring and Enforcement Program
2013 Implementation Plan
6
ReliabilityFirst NERC and the other Regional Entities recognize that there are important
reliability matters that require prompt communication to industry NERC has used the
AlertsAdvisory process to rapidly inform the industry of such matters Through this
Implementation Plan we strongly encourage the applicable Registered Entities to
proactively address such communications as a way of demonstrating good utility practice
and a strong culture of compliance and reliability excellence
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Executive Summary
7
IInnttrroodduuccttiioonn
The objective of ReliabilityFirst as a Regional Entity is to preserve and enhance electric system
reliability and security for the interconnected electric systems within the ReliabilityFirst
geographic area To support this ReliabilityFirst through its role as outlined in the Regional
Delegation Agreement will monitor assess and enforce compliance with Regulatory Approved
Reliability Standards for each Registered Entity that has functional responsibilities as determined
by its organizationrsquos registration as posted on the NERC Compliance Registry ReliabilityFirst
will also monitor assess and enforce as applicable compliance to ReliabilityFirstrsquos Regulatory
Approved Reliability Standards ReliabilityFirst will verify compliance through one of the
monitoring methods described in the NERC Compliance Monitoring and Enforcement Program
(CMEP) as outlined in the Discovery Section of this implementation plan The ReliabilityFirst
2013 CMEP Implementation Plan closely mirrors the NERC CMEP Implementation Plan which
is the annual operating plan for compliance monitoring and enforcement activities
ReliabilityFirst will utilize the latest version of the NERC CMEP (Section 4C in the NERC
Rules of Procedure) filed and approved by FERC
The 2013 Implementation Plan includes a set of Reliability Standards that were selected for
monitoring based upon NERC identified high risk priorities with a three-tiered approach of
those standards to facilitate a more focused compliance monitoring effort The Implementation
Plan also requires consideration of a registered entityrsquos compliance history when determining the
scope of compliance monitoring activities
The objectives of the Implementation Plan are to
Promote the reliability of the BPS through rigorous compliance monitoring and
enforcement activities
Facilitate improved consistency of compliance activities throughout North America
Monitor all regulatory authority approved Reliability Standards by using the eight CMEP
compliance monitoring methods
Use risk-based and performance-based criteria for determining the scope for compliance
monitoring
Allow flexibility to investigate trends that may pose a near term risk to reliability by
implementing changes in the plan
The 2013 ReliabilityFirst CMEP Implementation Plan was developed considering the
requirements rules and information from the following
the ERO Annual Implementation Plan
the NERC RoP
the CMEP
the RDA
NERC Board of Trusteesrsquo actions including those of the
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Executive Summary
8
NERC Board of Trustees Compliance Committee
regulatory authority approved Reliability Standards
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Executive Summary
9
22001133 EExxeeccuuttiivvee SSuummmmaarryy
Noteworthy changes to the 2013 Implementation Plan include
1 Audit Scope and Periodicity Both audit scope and audit periodicity for a registered
entity starts with the tier one (1) requirements as the usual audit scope and can be
adjusted as described below with NERC oversight based on appropriate justification
a For entities registered as a Balancing Authority (BA) Reliability Coordinator
(RC) or Transmission Operator (TOP) scope can be modified however per the
current ROP they are still required to be audited every three years4
b For all other registered entities that were previously directed be audited on a six
year cycle there is flexibility to adjust the periodicity as well as scope again
with appropriate justification provided by ReliabilityFirst and with NERC
approval as outlined below and in Appendix 3
2 Registered Entity Compliance Assessments To support a strong culture of compliance
registered entities are encouraged to perform a compliance assessment in response to all
system events and disturbances Registered entities conducting compliance assessments
are encouraged to provide a compliance assessment report to ReliabilityFirst for system
events that fall in category 2 and above as outlined in the ERO events analysis process
document The Compliance Assessment Template as found in Appendix 5 should be
used when performing these assessments The use of rigorous compliance assessments
may reflect positively on a registered entityrsquos compliance program to self-identify and
address possible reliability issues demonstrate their effectiveness of their internal
controls and their commitment to their culture of compliance
3 Critical Infrastructure Protection (CIP) Standards and Tier Assignments Tier
assignments in the CIP standards have been reassigned so that each requirement along
with its sub-requirements is assigned a single tier
Where there is confidence in both an entities internal compliance program and their internal
controls monitoring their internal compliance effort both audit scopes and audit periodicity may
be specifically tailored to each registered entity In 2012 Tier 1 standards represented the
minimum audit scope If an entityrsquos compliance risk assessment performed by the Regional
Entity indicate a strong compliance program and effective internal and risk controls are in place
either its audit scope or its audit periodicity5 can be reduced
6 This reduction can allow for more
thorough compliance monitoring of entities potentially posing more risk to the reliability of the
Bulk Electric System (BES) which is the major benefit of performance-based monitoring In
contrast where there is a lack of confidence in the entity assessments the audit scope may be
4 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 5 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be reduced
per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 6 Using the form found in Appendix 3 of this document entitled ldquo2013 Regional Entity Request to Defer or Reduce
the Scope of a Compliance Auditrdquo
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Executive Summary
10
increased to include certain tier 2 and tier 3 requirements or more frequent monitoring could
occur
NERC ReliabilityFirst and the other Regional Entity staff continues to monitor recent activities
and major events such as the southwest cold weather event7 the southwest blackout event
8 as
well as the progress of the Find Fix Track and Report (FFT) mechanism of the Compliance
Enforcement Initiative (CEI) As a result of the Southwest Blackout9 report by FERC and
NERC ReliabilityFirst will review and include when applicable critical standards that include
aspects of situational awareness including both planning and coordination in its audit and self-
certification programs for 2013 Additionally ReliabilityFirst will broadly consider the themes
of the Southwest Blackout Report communication coordination planning and modeling A list
of these standards is provided in Appendix 1 of this report
The impact of currently known new or revised standards that will come into effect in 2013
include the introduction of the following
New CIP Tier reassignments effective 112013
FAC‐008‐3 effective 112013 (no effect on the Actively Monitored List (AML))
PER-005-1 effective 412013
EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1 effective 712013
Specifics of the changes can be found in the ldquo2013 High-Risk Priority Standards and Tier 1
Requirementsrdquo section of this report and in the 2013 AML
7 Report from NERC and FERC httpwwwnerccomfilesSW_Cold_Weather_Event_Final_Reportpdf 8 Report from NERC and FERC httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf 9 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
ReliabilityFirst Compliance Monitoring and Enforcement Organization
11
RReelliiaabbiilliittyyFFiirrsstt CCoommpplliiaannccee MMoonniittoorriinngg aanndd
EEnnffoorrcceemmeenntt OOrrggaanniizzaattiioonn
The ReliabilityFirst Compliance Monitoring and Enforcement Organization is comprised
of four functional groups that interact and work to improve the reliability of the Bulk
Electric System (BES) The table below highlights the present reporting relationship and
functional responsibilities of the Compliance and Enforcement Organization
Designates expected staffing levels by the end of 2013
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Risk-Based Compliance Monitoring Approach
12
RRiisskk--BBaasseedd CCoommpplliiaannccee MMoonniittoorriinngg AApppprrooaacchh
The premise of risk-based compliance monitoring is that a registered entity receives
compliance monitoring commensurate with the risk it poses to the reliability of the BPS
Risk is not to be considered as a negative in any way simply as a consideration of the
complex nature of the industry Risk is neither uniform across the diverse industry that is
responsible for the reliability of the BPS nor is it consistent over time
Compliance monitoring encompasses a range of activities including spot checks self-
certifications audits and personal correspondence to an entity from ReliabilityFirst For
entities that do not pose a significant reliability risk the activities specifically prescribed
in this Implementation Plan may suffice For entities that do pose a significant risk to
reliability it may be necessary for those entities to undergo additional compliance
monitoring such as additional focused spot checks a greater number of self-certifications
investigations or broader and deeper audits of greater frequency etc
One of the key components of an effective risk-based audit approach is performance-
based auditing Audits according to the United States Government Accountability
Office10
are defined as engagements that provide assurance or conclusions based on an
evaluation of sufficient appropriate evidence against stated criteria such as specific
requirements measures or defined business practices A second component includes a
more detailed review and testing of the registered entityrsquos programs and procedures to
assure actual implementation of the stated programs rather than relying solely on
documentation
Registered entities are responsible for compliance with all regulatory approved
Reliability Standards and Requirements in effect per their registered function at all times
regardless of what a registered entityrsquos risk profile may indicate Regional Entities have
the authority and responsibility to expand the scope of an audit spot check or any other
compliance monitoring process as necessary when evaluating the compliance of a
registered entity
10
See United States Government Accountability Office ndash Government Auditing Standards (GAGAS) at
Chapter 1 Use and Application of GAGAS at Section 125 httpwwwgaogovnewitemsd07731gpdf
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Implementation Plan Development Methodology
13
22001133 IImmpplleemmeennttaattiioonn PPllaann DDeevveellooppmmeenntt
MMeetthhooddoollooggyy
As part of an overall compliance plan NERC ReliabilityFirst and the other Regional
Entities developed the NERC Actively Monitored List (AML) of Reliability Standards
for 2013 based on the methodology outlined in this section
The 2013 NERC and ReliabilityFirst Implementation Plans and the 2013 ReliabilityFirst
Compliance Monitoring Schedule (CMS) were developed and designed to recognize risk-
based approaches for ReliabilityFirst programs and initiatives that help sustain and
improve overall reliability Achieving these objectives will be accomplished through the
development maintenance and implementation of a list of the highest priority Reliability
Standards The Reliability Standards and associated Requirements populating this list
will be determined through an annual and ongoing review of the following
ERO High-Risk Priorities
FERC Orders Guidance and Reports (ie Southwest Blackout Report)
Compliance History and Culture
Input from Staff
Future Considerations
ERO High-Risk Priorities
This focus identifies and uses a set of priorities in order to move our auditing away from
processes for ldquoadministrative and documentation related violationsrdquo and instead focuses
on Reliability Standards and Requirements deemed the most critical to the reliability of
the BPS The determination is made using a set of risk-based criteria as a priority and is
explained in further detail in Appendix 1 of the 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards found in the NERC 2013 Implementation Plan
httpwwwnerccomcommondocsphpcd=3
Southwest Blackout Report
The joint FERCNERC report on the southwest blackout of September 201111
was
released on May 1 2012 Areas of continuing concern are situational awareness
communication coordination planning and modeling Many of these concerns are
already addressed by the AML and will be bolstered by the release of EOP-005-2
effective July 1 2013
11 httpwwwnerccomfileUploadsFileNewsAZOutage_Report_01MAY12pdf
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Implementation Plan Development Methodology
14
FERC Order and Guidance
The Reliability Standards MOD-001 MOD-004 and MOD-008 associated with a recent
FERC Orders 729 729-A and 729-B will be integrated into the 2013 Implementation
Plan and will be actively monitored as part of the 2013 Implementation Plan
Violation Trend History
An analysis of the compliance violation history of Reliability Standards found in the
2013 NERC Implementation Plan will continue and report on the most violated standards
will continue to be identified and be included as part of the annual compliance review
process
Input from Staff
Insight provided by the compliance staff of all eight Regional Entities in terms of their
subject matter expertise and experience while performing their role and responsibilities
as the Compliance Enforcement Authority was also considered and provided as input
into NERCrsquos development of their 2013 Actively Monitored List (AML) of Standards
Future Considerations
Future considerations refer to those reliability standards that are not yet enforceable but
are implicated by the 2013 ERO high-risk priorities as referenced in Appendix 1 of the
2013 ERO High-Risk Priorities with High Value Associated Reliability Standards found
in the NERC 2013 Implementation Plan httpwwwnerccomcommondocsphpcd=3
Thus these suggested reliability standards should immediately be considered for
incorporation into the AML and the ReliabilityFirst Compliance Monitoring Schedule
(CMS) following FERC approval As indicated by the NERC Standards group the
applicable reliability standards subject to future enforcement12
for 2013 include EOP-
001-2b EOP-005-2 EOP-006-2 EOP-008-1 FAC-008-3 FAC-013-2 and most
requirements of PER-005-1
Three-Tiered Approach to Requirements Specification
The three-tiered approach for identifying the Requirements of the Actively Monitored
List and individual Regional Entity plans is described below For further information
regarding the NERC Implementation Plan methodology as referenced here Registered
Entities are asked to refer to Appendix 1 ndash 2013 ERO High-Risk Priorities with High
Value Associated Reliability Standards httpwwwnerccomcommondocsphpcd=3
Tier 1 Requirements are those that are deemed to be the most critical to the purpose and
intent of the standard of which they are a part Additionally the ability of a registered
entity to demonstrate compliance with Tier 1 Requirements will provide guidance to
12 See the NERC site for the latest information regarding in-effect dates for Reliability Standards
httpwwwnercnetstandardsreportsstandardssummaryaspx
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Implementation Plan Development Methodology
15
audit teams on the necessity to investigate further and broaden an auditrsquos scope in
additional Requirements andor Reliability Standards
Tier 2 Requirements are also critical to the purpose of a standard but Tier 2
Requirements do not address the ERO high-risk priorities as does Tier 1 Tier 2 also does
not pose as severe a risk as Tier 1 This is not to say that compliance with Tier 2
Requirements is not mandatory Instead Tier 2 Requirements represent an additional
level of inquiry that may be undertaken when a registered entity does not display clear
compliance with those most critical Requirements of Tier 1 In the process of this added
level of monitoring it may become necessary to branch off into other Reliability
Standards that were not identified as relating directly to an ERO priority or the initial
scope of the monitoring process invoked
Tier 3 Requirements are those that while still contributing to BPS reliability do not
represent the purpose of a Reliability Standard directly or are not representative of ERO
priorities based upon the criteria listed above The exploration of an audit team into the
compliance of a registered entity with Tier 3 Requirements will be initiated through
registered entity responses and between the identified deficiencies in Tier 1 and 2
Requirements and those of Tier 3
The NERC and ReliabilityFirst CMEP Implementation Plan for 2013 will use Tier 1
Requirements as the NERC AML and ReliabilityFirst CMS of Reliability Standards
The basis for the requirements of the high-risk priority Reliability Standards in the Tier 1
classification is covered in the following section
Three-Tiered Approach to Audit Scope Determination
Audit teams are authorized and obligated to expand the scope of a compliance audit to
include Tier 2 and Tier 3 Requirements (all inclusively or separately) and any other
requirements they may deem necessary based on the results of the Regional Entityrsquos Risk
Profile Assessment of the Registered Entity or the audit teamrsquos collective professional
judgment Audit scope expansion can occur at any point during the process from the
initial review of the Registered Entity Risk Profile Assessment through the close of the
audit
Tier 1 Requirements are identified in the 2013 NERC AML and 2013 ReliabilityFirst
CMS and represent the minimum scope of most compliance audits The potential
expansion or reduction of an audit from Tier 1 or an expansion into Tier 2 and Tier 3
Requirements will be determined by ReliabilityFirst
When ReliabilityFirst determines that a change in audit scope is necessary based on a
risk-based compliance monitoring approach ReliabilityFirst will notify the registered
entity of the change in audit scope This notification shall include the Reliability
Standards and Requirements that are excluded or included in the revised audit scope as
well as the justification for the change in scope This notification shall be part of the
audit notification package when it is determined early enough in the process When
ReliabilityFirst determines that a change in audit scope is necessary after the notification
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Implementation Plan Development Methodology
16
package is sent or while the audit is in progress (eg either on-site or off-site) then
ReliabilityFirst shall notify the registered entity of the change as soon as possible
If notification is provided ahead of the start of the audit ReliabilityFirst is anticipating
review of the additional evidence during the course of the audit If the notification is
provided once the audit has begun the Registered Entities will work with the Audit Team
Lead to determine the appropriate time frame to review the added
standardsrequirements However entities are expected to be compliant to all
standardsrequirements 100 of the time and therefore it is ReliabilityFirstrsquos expectation
that all material even those standardsrequirements from tier 2 and 3 that are added
during the course of the audit will be reviewed during the time of the scheduled audit
Acquiring additional evidence for few additional standardsrequirements in a timely
fashion is a reflection upon the rigor placed on compliance by entities Internal
Compliance Program (ICP)
Registered Entities must recognize that the audit scope for registered entities that are
registered to perform identical ldquofunctionsrdquo may vary and be slightly different even
amongst Registered Entities within ReliabilityFirst
Audit Scope
ReliabilityFirst will determine the Registered Entityrsquos specific audit scope based upon
the 2013 AML and assessments performed above As a matter of course all Registered
Entities subject to audit in 2013 shall be monitored to the standardsrequirements
identified in Tier 1 which may be adjusted based upon the risk assessment performed by
ReliabilityFirst Registered Entities will be advised of the audit scope when they receive
the formal audit notification package Compliance information and data archived by
ReliabilityFirst from the implementation of previous monitoring methods will be utilized
in the development of a Registered Entityrsquos audit scope including but not limited to
previous audits self-certifications demonstrated behavior during system events
exhibited culture of compliance and previous or current enforcement actions
ReliabilityFirst staff may change the scope and frequency of compliance audits based on
the results of the Risk Based Entity Profile Assessment At this time ReliabilityFirst
cannot reduce the scope of an audit without NERC consent
Implementation Plan Summary
Registered Entities must be in compliance with all Reliability Standards at all times
NERC and ReliabilityFirst encourage comprehensive self-assessments and self-reporting
of noncompliance by Registered Entities Registered Entities are further encouraged to
draft mitigation plans upon identification and self-reporting of possible violations prior to
the required submission timeline per the CMEP Mitigation plans are not an admission
of a violation and are treated as voluntary corrective action Mitigation plans duly
prepared and promptly submitted to the ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
2013 Implementation Plan Development Methodology
17
The overall monitoring scope of the 2013 implementation program is based on Reliability
Standards that are anticipated to be in effect in 2013 or as of the date on which this plan
is approved To the extent new or revised Reliability Standards are adopted approved by
the regulatory authority or in effect during the course of 2013 ReliabilityFirst and NERC
will work with the other Regional Entities to determine whether the 2013 program needs
to be amended to include them
All NERC Reliability Standards identified in the 2013 implementation program are
included in the ReliabilityFirst 2013 Compliance Monitoring Schedule which is posted
on the ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
The ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) is a list of standards
that includes several worksheets a description of each is provided below
STDs Monitored for Compliance Tab a quick reference listings of the Tier 1
Reliability Standards identified for compliance monitoring the monitoring
methods being used (ie audits data submittals self-certifications spot checks
etc) applicable functions the reporting period and applicable due dates
STDS not on 2013 AML Tab FERC approved standards that were not included
on the 2013 NERC AML As a reminder because these are FERC approved they
could be subject to review by ReliabilityFirst in 2013
Tier and VRF Rating Tab a list of standards that show the standards and the
tiers that they were placed in (ie Tier 1 2 and 3) for 2013 The standards are
accompanied by their respective Violation Risk Factors (VRF)
Revision History Tab provides the revision history that will allow
ReliabilityFirst Registered Entities to see all of the changes to the 2013
Compliance Monitoring Schedule spreadsheets
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Reliability Standards Subject to 2013 CMEP Implementation
18
RReelliiaabbiilliittyy SSttaannddaarrddss SSuubbjjeecctt ttoo 22001133 CCMMEEPP
IImmpplleemmeennttaattiioonn
Given the considerations of the ERO-identified high-risk priorities which includes compliance
history and violation trend analysis the number of high priority Reliability Standards is 57 This
group of Reliability Standards was further reviewed to determine and rank the specific
Requirements of each standard that best represent the core purpose of that standard to ensure the
reliability of the BPS The further refined list of Requirements has been taken as the
ReliabilityFirst 2013 Compliance Monitoring Schedule (CMS) which at a minimum mirrors by
Standard the NERC 2013 AML
BAL ndash Resource and Demand Balancing
BAL-002-0 and BAL-003-01b have been identified as high priority Reliability Standards The
performance aspect of BAL-002 is reviewed quarterly through periodic data submittals but
recent winter weather events have shown that contingency reserve is a critical issue such that
special attention should be given here BAL-003-01b has been subject to spot checks in the
past but technical issues discovered through its enforcement have yet to be addressed Until
additional guidance is provided through interpretations revisions or otherwise the
Requirements of BAL-003 will be treated as Tier 2 Requirements
CIP ndash Critical Infrastructure Protection
CIP-001-2 CIP-002-3 CIP-003-3 CIP-004-3 CIP-005-3 CIP-006-3 CIP-007-3 CIP-008-3
and CIP-009-3 have been identified as high priority standards CIP-001 has an important role as
BPS personnel become aware of and properly report sabotage events Preparedness for
reporting as well as procedures to determine to whom reports should be issued is critical in
mitigating the occurrence of any such event CIP-002 through CIP-009 and FERC Order 706
cybersecurity Standards are fundamental to the reliability of the BPS in terms of security
Additionally the CIP Reliability Standards represent eight of the ten most violated Reliability
Standards most violated over the past year and seven of the Top 10 for all time indicating that
registered entities are having difficulty and confusion with CIP compliance issues Several
groups including NERC FERC and the Regional Entities have provided insight into the
various Requirements through guidelines and industry webinars in support of the CIP Standards
Selected requirements from these standards have been selected by the ERO and identified as high
priority standards CIP-002 through CIP-009 or 706 Reliability Standards are fundamental to the
reliability of the BPS in terms of cyber security The primary difference from this yearrsquos list is
that tier assignments have been reassigned so that each CIP requirement along with its sub-
requirements shares a single tier The anticipated effect of this change is to make it easier for a
registered entity to prepare for its audit
ReliabilityFirst has elected to add CIP-001-2a R1 to the tier 1 requirements for audit Based
upon an assessment of risk ReliabilityFirst believes this requirement in the standard is critical to
reliability of the BES This requirement builds the foundation of having an entityrsquos operating
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations
Reliability Standards Subject to 2013 CMEP Implementation
19
personnel to have the knowledge and training to recognize sabotage events ReliabilityFirst will
audit this requirement in 2013
COM ndash Communications
COM-001-11 and COM-002-2 have been identified as high priority Reliability Standards
COM-001 details and mandates the adequacy of telecommunication facilities thus supporting
nearly every function and is critical to normal and emergency operations COM-002 has some
similar coverage as COM-001 but goes above and beyond with three-part communication and a
methodology for formulating directives Also COM-002 is the seventh-most-violated 693
standard in 2011
EOP ndash Emergency Preparedness and Operations
On July 1 2013 the introduction of EOP-001-2b EOP-005-2 EOP-006-2 and EOP-008-1
replacing previous standards will add five requirements to the AML for generator operator
(GOP) and four for the Reliability Coordinator (RC) while reducing the requirements of the
AML by two for TOP and three for BA The introduction of EOP-003-2 on October 1 2013
does not affect the AML as that standard is not tiered as discussed below
EOP-001-0 EOP-002-21 EOP-003-1 EOP-004-1 EOP-005-1 EOP-006-1 and EOP-008-0
have been identified as high priority reliability standards EOP-001 is critical in terms of Energy
Emergency Alerts (EEAs) which were important for mitigating impacts from winter weather
events taking place during early 2011 EOP-002 complements EOP-001 by assuring the
performance of mitigating actions for the both the RC and the BA EOP-003 designates load-
shedding as a suitable action for maintaining the reliability of the BPS but its action is implied in
EOP-001 and therefore the requirements of EOP-003 are not considered Tier 1 requirements
EOP-004 is critical in terms of EA and helping with the process of mitigating future events and
it is vital that the disturbance reports do not stay within a region but are shared with NERC for
dissemination across North America EOP-005 sets the foundation for system restoration if
actions identified in other EOP reliability standards fail and the testing and confirmation of a
blackstart capability process is engaged EOP-006 ensures that the RC takes the lead role in
system restoration initiated through EOP-005 such that coordination in these efforts is not an
oversight EOP-008 accounts for loss of a primary control center and many Requirements not
accounted for in any other standard so this is vital to include
FAC ndash Facilities Design Connections and Maintenance
The introduction of FAC-008-3 on January 1 2013 does not change the AML since all
associated requirements have been identified as Tier 2 or Tier 3 The introduction of FAC-013-2
on April 1 2013 also does not affect the AML as that standard is not tiered
FAC-001-0 FAC-002-0 FAC-003-1 FAC-008-1 and FAC-009-1 have been identified as high
priority Reliability Standards FAC-001 designates connections requirements for facilities
which is especially critical in terms of protection and construction of new facilities With these
facilities properly coordinated and accounted for existing system performance will improve
FAC-002 expands on FAC-001 by requiring that assessments for facilities be undertaken and
Reliability Standards Subject to 2013 CMEP Implementation
20
results coordinated FAC-003 concerns vegetation management which is a primary initiator of
many events and points to the necessity of an effective vegetation management program
FAC-008-3 is replacing Reliability Standards FAC-008-1 and FAC-009-1 which historically are
both considered heavily violated standards R6 and R7 of FAC-008-3 have been designated with
a Tier 1 priority level having the greatest potential risk and impact relationship to the reliability
of the BPS Due to the violation history of FAC-008-1 and FAC-009-1 and the tier designation
given to FAC-008-3 FAC-008-3 will be included in the 2013 Compliance Monitoring Schedule
for Self-Certification
IRO ndash Interconnection Reliability Operations and Coordination
The introduction of IRO-006-TRE-1 on October 1 2013 does not change the AML since this
regional standard is not tiered
IRO-002-2 IRO-004-2 IRO-005-3a and IRO-006-5 have been identified as high priority
Reliability Standards IRO-002 determines the sufficiency of tools needed for the RC to perform
its role in maintaining the reliability of the BPS which becomes increasingly imperative when
emergency situations arise and Balancing Authorities and Transmission Operators require
oversight IRO-004 covers the planning the Reliability Coordinators must perform and ensures
preparations are properly made for seen and unseen emergency events in the operation horizon
IRO-005 contains the only Tier 1 Requirement applicable to the PSE function It is expected that
the Regional Entities will ensure all PSEs are audited according to a six year interval cycle
including those PSEs which were removed from the 2011 audit schedule For audits of PSEs
Regional Entities will provide a complete audit report regardless of audit scope IRO-006
discusses the process of transmission load relief (TLR) and while this is an important topic
performance is covered in IRO-005 and therefore the Requirements of IRO-006 are not
considered Tier 1 Requirements
MOD ndash Modeling Data and Analysis
MOD-001-1a MOD-004-1 and MOD-008-1 have been identified as high priority Reliability
Standards These three Reliability Standards determine the procedure by which Available
Transmission Capability (ATC) is to be calculated by Transmission Service Providers The
proper setting of ATC is vital so facilities are not overloaded which could lead to possible
system emergencies FERC has mandated that this standard be audited following regulatory
approval of the Reliability Standard
NUC ndash Nuclear
NUC-001-2 has been identified as a high priority Reliability Standard The Nuclear Plant
Interface Requirements (NPIRs) in NPIR agreements are essential components of NUC-001-2
NERC strongly recommends that generation and transmission entities carefully review their
respective obligations under these agreements including coordinated communication to ensure
that parties share a clear and precise understanding of their obligations under these agreements
Reliability Standards Subject to 2013 CMEP Implementation
21
PER ndash Personnel Performance Training and Qualifications
The introduction of PER-005-1 on April 1 2013 will add four requirements (R13 R2 R21 and
R3) to the AML for functions BA RC and TOP However functions BA and TOP will have a
net reduction of four requirements due to the retirement of PER-002-0 PER-001-01 and PER-
002-0 have been identified as high priority reliability standards PER-001 speaks to the authority
of operating personnel to operate independently and in a reliable manner However this
authority is established in other reliability standards with more specific language based upon the
function considered and therefore the requirements of PER-001 are not considered Tier 1
Requirements PER-002 encompasses the development of training as well as the training itself
of all operating personnel responsible for ensuring reliability of the BPS Training especially in
preparedness and real time mitigation of emergency events is essential As such several of the
requirements supporting this training within PER-002 are considered to be Tier 1 Requirements
In anticipation of a number of the requirements of PER-005-1 regarding operator training
coming into effect April 1 2013 and retiring PER-002-0 in 2013 many of the requirements of
PER-005 are also considered to be high priority and are identified with Tier 1
PRC ndash Protection and Control
The introduction of PRC-006-2 on October 1 2013 also does not affect the AML as that standard
is not tiered
PRC-001-1 PRC-004-1 PRC-005-1 PRC-007-0 PRC-008-0 PRC-011-0 and PRC-023-1 have
been identified as high priority Reliability Standards PRC-001 promotes understanding of the
limitations and performance of protection systems which is especially important from an
operational standpoint such that protection systems are not overloaded and the system cannot be
controlled PRC-004 is a particularly important standard as it applies to misoperations analysis
and reporting As significant protection system misoperations are considered disturbance events
those misoperations for which BPS reliability is affected that are always addressed in PRC-004
are captured by EOP-004 R3 as well and therefore the Requirements of PRC-004 are not
considered Tier 1 Requirements Significant misoperations are those that result in such actions as
modifications to operating procedures or equipment and identification of lessons learned as
identified by Attachment 1 to EOP-004
PRC-005 is the most violated standard of all time and its mission to organize and implement
protection system maintenance is especially critical for ensuring system reliability PRC-007
and PRC-008 deal with underfrequency load-shedding (UFLS) while PRC-011-0 involves
undervoltage load-shedding (UVLS) Both UFLS and UVLS protection systems are important
but the level of compliance of a registered entity with PRC-005 will be most telling for
compliance with these Reliability Standards As a result the Requirements of PRC-007 PRC-
008 and PRC-011 are not considered Tier 1 Requirements PRC-023 as with all Reliability
Standards has the chief purpose of promoting reliability in the BPS and in this case it relates to
transmission relay protection settings The concerns surrounding these settings are that they are
proper for detecting and protecting against fault conditions As with UFLS and UVLS
maintenance programs the compliance performance of a registered entity with PRC-005 is a
good guide as to how well protection systems at that entity are maintained and tested which is
applicable to PRC-023 as an indicator of the due diligence of an entity in properly setting relays
Reliability Standards Subject to 2013 CMEP Implementation
22
and reviewing transmission system protection schemes Also significant misoperations resulting
from improper relay settings are addressed through EOP-004 which would allow for a complete
review of Requirements in PRC-023 in response to any such event For those reasons listed the
Requirements of PRC-023 are not considered Tier 1 Requirements
TOP ndash Transmission Operations
TOP-001-1 TOP-002-2a TOP-003-0 TOP-004-2 TOP-006-1 and TOP-008-1 have been
identified as high priority reliability standards TOP-001 sets down operation authority for the
TOP function and in so doing re-iterates language from the EOPs and IROs addressing this
same issue In an event where it can be demonstrated that an operator was not aware of his
authority to act this standard will be important for an entity to be audited on However as the
authority of system operators is generally well understood and therefore the Requirements of
TOP-001 are not considered Tier 1 Requirements TOP-002 deals with normal operations
planning and one of the key concepts to this standard is communications The outage
coordination that is discussed in TOP-003 is implied by TOP-002 in normal operations planning
and therefore the Requirements of TOP-003 are not considered Tier 1 Requirements TOP-004
addresses operating in an unknown state and points to insufficient or faulty equipment
processes planning etc and should be considered a high priority issue especially in terms of
preparedness for emergencies TOP-006 the monitoring of reliability parameters can be gauged
from compliance with TOP-008 which complements IRO-005 but this time for the TOP
function The Requirements of TOP-006 will not be considered Tier 1 Requirements while
TOP-008 will be
TPL ndash Transmission Planning
TPL-003-0a and TPL-004-0 have been identified as high priority reliability standards TPL -003
accounts for the loss of two or more BPS elements and TPL-004 addresses extreme events both
of which go hand-in-hand with minimizing the impact of emergency events affecting the BES
VAR ndash Voltage and Reactive
ReliabilityFirst has elected to add VAR-001-2 R4 and VAR-002-11b R2 and the R2 sub-
requirement tier 1 requirement for audit ReliabilityFirst believes these requirements in these
standards are critical to reliability of the BES These requirements establish and specify voltage
andor Reactive Power schedules require entities to maintain the voltage andor Reactive Power
schedules that have been established and or notify appropriate entities if the established
schedules cannot be maintained Based upon feedback from our audit teams ReliabilityFirst
continues to see entity difficulty in understanding and applying these requirements within our
region ReliabilityFirst will audit these in 2013
CMEP Discovery Methods
23
CCMMEEPP DDiissccoovveerryy MMeetthhooddss
I Compliance Audits
The Reliability Standards were selected for compliance audit are determined based on the
2013 NERC Implementation Plan Methodology ReliabilityFirst will provide to the
registered entity the scope of the compliance audit with the audit notification letter The
intervals for compliance audits is three years for entities registered as a Reliability
Coordinator Balancing Authority or Transmission Operator and is six years for entities
registered for all other functions13
Registered Entities may be audited more or less
frequently per the RoP -Appendix 4C audit cycle based upon the results of the risk and
performance based assessment as well as the facts and circumstances surrounding those
entities
ReliabilityFirst audit teams are authorized and obligated to expand the scope of a
compliance audit to include Tier 2 andor Tier 3 Requirements and any requirements they
may deem necessary based on the results of the Risk Based Entity Profile Assessment or
the audit teamrsquos collective professional judgment Audit scope expansion can occur at
any point during a monitoring process from the initial review of the Registered Entity
Profile Assessment through the close of the monitoring process
ReliabilityFirst has the authority to expand an audit but cannot reduce the scope without
NERCrsquos consent ReliabilityFirst shall consider past performance including historical
violation trends across the Region and those specific to the registered entity and changes
to compliance responsibility resulting from mergers acquisitions corporate re-
organizations open investigations and other factors that in the judgment of the
ReliabilityFirst audit staff should be considered as part of the normal planning required
for a compliance audit and consistent with generally accepted audit practices
The scope of the registered entitiesrsquo compliance audits will include a review of all open
mitigation plans remedial action directives and technical feasibility exceptions14
during
the pre-audit field-audit or post-audit phases as discussed in the CMEP ReliabilityFirst
must provide the compliance audit team with the status documentation and evidence for
all mitigation plans that are to be reviewed
Should an expanded scope be required based upon significant issues discovered during
the on-site portion of the audit process the audit team will have the discretion to address
and expand the scope as deemed appropriate in coordination with the registered entity
ReliabilityFirst may at its discretion expand the scope of process monitoring perform a
spot check or unscheduled audit or other monitoring process to follow-up the registered
entityrsquos compliance with the Reliability Standards andor Requirements in question
13
See Rules of Procedure Section 403111 at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 14
See Appendix 4C of the NERC RoP at Sections 3143 and 66
httpwwwnerccomfilesAppendix4C_Uniform_CMEP_20110101pdf
CMEP Discovery Methods
24
Registered entities will not be expected to provide evidence outside of the current audit
time period for compliance purposes unless that evidence is required in accordance with
the processes and procedures of the registered entity or it is required by the standard For
example a registered entity is expected to provide evidence outside of the current audit
period for substantiating long range plans that are longer than an audit period such as
Protection System maintenance and testing intervals For those reliability standards that
do not involve long-range plans an audit team will not be able to request information that
is outside of the bounds of the current audit either three or six years nor can it identify
possible non-compliance outside of this audit period In other words the completion of
an audit closes one audit period and initiates another excluding future audit teams from
reviewing a registered entityrsquos compliance during past audit periods This exclusion does
not apply to ERO enforcement investigations or events analysis Generally speaking
spot checks periodic data submittals and self-certifications will not require evidence that
proceeds the current audit period
Audit Focus or Scope
To maintain a focus on risk the audits scopes monitor the current relevant documentation
as of the date of the 90 day notification letter Auditors at their option can look back to
the beginning of the time period identified in the audit scope to determine extent of
violations The audit teams will have the flexibility to review historical information on
an as needed basis This approach will allow the audit team to focus on determining
current reliability risk and compliance of a registered entity In the event a finding of a
possible violation is determined based upon the current in-force documents the audit
team may review previous versions of the process and procedure documentation to
determine the full extent of the possible violation
In 2013 the audit period being the range of time for which a registered entity is audited
will be unique to each entity based upon several factors Depending upon a registered
entityrsquos particular situation the start date for the audit period may be one of several
possibilities
I the day after the prior audit review or
II the date when monitoring activity by the Compliance Enforcement Authority
ended or
III the later of June 18 2007 or the Registered Entityrsquos date of registration if the
Registered Entity has not previously been subject to a Compliance Audit
or
IV (For CIP Audits Only) for entities registered before April 2008 the date
established as the ldquoC-Compliantrdquo date in either Table 1 2 or 3 of the (Revised)
Implementation Plan for Cyber Security Standards CIP-002-1 through CIP-009-
115
as applicable to the registered entity based on its registered functions
For entities registered in April 2008 and thereafter the Implementation Plan for
Newly Identified Critical Cyber Assets and Newly Registered Entities16
defines the
15
httpwwwnerccomfilesGuidance_on_CIP_Standardspdf - 16
httpwwwnerccomdocsstandardssarImp-
Plan_Newly_Identified_CCA_RE_clean_last_approval_2009Nov19pdf
CMEP Discovery Methods
25
schedule for Compliance with the CIP Version 2 or Version 3 requirements for (a)
newly Registered Entities and (b) newly identified Critical Cyber Assets by an
existing Registered Entity after the Registered Entityrsquos applicable Compliant
milestone date has already passed
The end date for the period of time to be covered during compliance audits in 2013 will be
the end date for the compliance audits as outlined in the current CMEP Section 3142
CIP Reliability Standards Compliance Audits
Registered entities are subject to audits for compliance with all Requirements of CIP-
002-3 through CIP-009-3 which took effect October 1 2010 If there are indications of
possible non-compliance auditors are authorized and obligated to review an entityrsquos
compliance throughout the entire audit period per the criteria documented in the above
Audit Scope section which includes previous versions of CIP Reliability Standards in
order to determine the extent of possible violations
If a responsible entity has active Technical Feasibility Exceptions (TFEs) Section 8 of
NERC RoP - Appendix 4D17
Procedure for Requesting and Receiving TFEs to NERC
CIP Standards requires that
81 Following approval of a Responsible Entityrsquos TFE Request subsequent
Compliance Audits of the Responsible Entity conducted prior to the Expiration Date
shall include audit of (i) the Responsible Entityrsquos implementation and maintenance of
the compensating measures or mitigating measures or both specified in the approved
TFE in accordance with the time schedule set forth in the approved TFE and (ii) the
Responsible Entityrsquos implementation of steps and conduct of research and analyses
towards achieving Strict Compliance with the Applicable Requirement in accordance
with the time schedule set forth in the approved TFE These topics shall be included
in such Compliance Audits regardless of whether a Compliance Audit was otherwise
scheduled to include the CIP Standard that includes the Applicable Requirement
2013 Compliance Audit Schedule
The 2013 ERO compliance audit schedule which is a compilation of all regional
schedules will be posted on the Compliance Resource page on the NERC website18
This posted schedule is updated at least quarterly allowing the Registered Entities to
have access to the schedule for the upcoming year as soon as possible
The compliance audits listed on the schedule are labeled as on-site audits or off-site
audits This distinction is only relevant to the location of the audit activities not the rigor
of the audits Both on-site and off-site audits are compliance audits and are performed
using the same Reliability Standards Audit Worksheets (RSAW) and other audit tools
and processes The major difference is that on-site audits would entail physical access to
17
httpwwwnerccomfilesAppendix_4D_ProcedureRequestingAndReceivingTFEs_20120131pdf 18
httpwwwnerccomcommondocsphpcd=3
CMEP Discovery Methods
26
the audited entityrsquos premises A large portion of the pre-audit work associated with an
on-site audit will actually occur off-site
Certain types of audits must contain an on-site component because of the nature or
functions of the Registered Entity For example Reliability Coordinator Balancing
Authority and Transmission Operator functions must be audited on-site For other BPS
users owners and operators on the NERC Compliance Registry the Regions and NERC
can use discretion on the location and the conduct of the audit In either case
ReliabilityFirst will plan the audit to assure proper scope and rigor
In 2012 and continuing in 2013 ReliabilityFirst has been auditing our registered entities
based upon their registered functions on their three (3) year and six (6) year cycles In
the past when ReliabilityFirst performed an audit the audit combined all the registered
functions into a single audit If an entity was registered as a Transmission Operator
(TOP) and Generation Owner (GO) where one function was to be audited on a three year
cycle and the second on a six year cycle that entityrsquos audit was conducted on both
functions every three years ReliabilityFirst will only cover the three year standards on a
three year cycle and those on the six year basis on a six year cycle
Regarding the audits of entities registered for the PSE function it is being proposed by
NERC that ReliabilityFirst ensure all PSEs are audited according to a six year cycle
including those PSEs which were removed from the 2011 audit schedule ReliabilityFirst
will work with NERC and execute a plan to address and fulfill the requirement for these
audits in 2013
All ReliabilityFirst Registered Entities scheduled for audit in 2013 are included in the
2013 CIP and Operations and Planning audit schedules which are posted on the
ReliabilityFirst Web site at the following link
httpswwwrfirstorgcompliancePagesSchedulesaspx
Compliance Audit Reports
ReliabilityFirst is obligated to provide written audit reports for all compliance audits and
spot checks in accordance with NERC Compliance Process Directive 2010-CAG-001 -
Regional Entity Compliance Audit Report Processing19
NERC posts all public versions
of the ReliabilityFirst compliance audit reports of registered entities on the NERC
website to satisfy requirements of the CMEP ReliabilityFirst submits two audit reports
for each Operations amp Planning (OampP) compliance audit of a Registered Entity a public
report and a non-public report CIP compliance audits only submit a non-public report
due to the sensitive nature of the included information The Operations amp Planning
public report does not contain critical energy infrastructure information or any other
information deemed confidential The OampP public report does not include a description
of how the audit team determined its findings rather it includes a listing of the findings
The names of the ReliabilityFirst personnel and registered entity personnel participating
in the audit are excluded from the public report and all participants are identified by title
19
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
27
In accordance with FERC expectations20
the non-public report shall document all areas
of concern related to situations that do not appear to involve a current or ongoing
violation of a Reliability Standard requirement but instead represent an area of concern
that could become a violation The non-public report contains confidential information
and detailed evidence that supports the audit findings The names and titles of all
ReliabilityFirst personnel and all registered entity personnel participating in the audit are
included in the non-public report
Public and non-public compliance audit reports that do not contain possible violations are
completed by ReliabilityFirst and are submitted to NERC at the same time Upon receipt
of the reports NERC posts the public reports on its website and submits the non-public
audit reports to the applicable regulatory authority
Public and non-public audit reports that contain possible violations are submitted to
NERC at different times The non-public compliance audit reports are completed by the
ReliabilityFirst as soon as practical after the last day of the audit and are then submitted
to NERC Upon receipt of the non-public reports NERC submits them to the Applicable
Governmental Authority The public reports that contain possible violations are
completed by redacting all confidential information in the non-public reports The
Regional Entities retain the public version of compliance audit reports that contains
possible violations until all violations are processed through the NERC CMEP Due
process is considered complete when all possible violations are dismissed or when a
violation is confirmed or a settlement is reached and a decision has been rendered if
applicable by the regulatory authority (eg Notice of Penalty (NOP) has been issued in
the United States) Upon completion of due process the Regional Entities submit the
public version of the compliance audit reports to the registered entities for review and
comment prior to submitting them to NERC Upon receipt of the public reports NERC
posts them on the NERC website21
Reliability Standard Auditor Worksheets (RSAW)
The RSAWs are designed to add clarity and consistency to the assessment of compliance
with Reliability Standards The RSAWs are used for multiple compliance monitoring
methods Comments on these and any of the EROrsquos auditor resources are welcome and
can be directed to the Audit Compliance Managers22
The RSAWs are posted on the NERC public website23
and provide information to the
industry about expectations of the ERO compliance auditors when evaluating compliance
with a Reliability Standard NERC works in close coordination with the Regional
Entities to ensure the information in existing RSAWs is updated with the latest regulatory
authority language and guidance and new RSAWs are developed as Reliability Standards
20
Compliance with Mandatory Reliability Standardscedil ldquoGuidance Order on Compliance Audits Conducted
by the Electric Reliability Organization and Regional Entitiesrdquo 126 FERC para 61038 (2009) at P13
httpwwwnerccomfilesGuidanceOrderOnComplianceAudits-01152009pdf 21
Public audit reports can be found at httpwwwnerccompagephpcid=3|26|246 22
Information concerning Regional Entity programs is available at
httpwwwnerccompagephpcid=3|23 23
httpwwwnerccompagephpcid=3|22
CMEP Discovery Methods
28
are approved It is recommended that Regional Entities and registered entities check the
NERC website regularly to ensure the latest available versions of RSAWs are being used
The Registered Entity sections of the RSAWs that they are required to fill out must be
submitted by the date specified in the notification letters
Mitigation Plans
ReliabilityFirst encourages aggressive self-assessments and analysis and self-reporting of
noncompliance by registered entities Registered entities are further encouraged to draft
mitigation plans upon identification and self-reporting of possible violations prior to the
required submission timeline per the CMEP Mitigation plans are not an admission of a
violation and are treated as voluntary corrective action However mitigation plans duly
prepared and promptly submitted to ReliabilityFirst will be used to demonstrate a
positive proactive culture of compliance in any potential enforcement action Open
mitigation plans are also examined as part of the compliance audit process during the pre-
audit field-audit or post-audit phases as discussed in the CMEP and as agreed to
between ReliabilityFirst Compliance and Enforcement staff
II Self-Certification
All registered entities are required to participate in the annual self-certification each year
based upon the ReliabilityFirst CMS It is one of the discovery methods that monitor a
Registered Entityrsquos compliance with Reliability Standards especially those that have not
been included in audit scopes in recent years
ReliabilityFirst will continue in 2013 to have all of our Registered Entities self-certify to
all of the applicable Reliability Standards that NERC included in their 2013 Actively
Monitored List as outlined in the ReliabilityFirst Compliance Monitoring Schedule
All NERC Reliability Standards identified for self-certification in the 2013
implementation program are included in the ReliabilityFirst 2013 Compliance
Monitoring Schedule which is posted on the ReliabilityFirst Web site at the following
link httpswwwrfirstorgcompliancePagesSchedulesaspx
CIP-002-3 through CIP-009-3 Reliability Standards
Registered entities are also required to self-certify once per year as scheduled by
ReliabilityFirst to the suite of CIP standards It should also be understood that self-
certification may be expanded to include CIP supplemental questionnaires as directed by
NERC or an Applicable Governmental Authority
Some unique characteristics of the CIP Standards as they pertain to self-certification
include CIP-002-3 R4 requires all entities to annually approve their risk-based
assessment methodology the list of Critical Assets and the list of Critical Cyber Assets
even if such lists are null Thus all entities will need to submit self-certification for CIP-
002-3 even if they conclude they have no Critical Assets Similarly a registered entity
must self-certify to CIP-003-3 R2 even if they do not have any CCAs
CMEP Discovery Methods
29
The requirements for Self-Certification differ from the reporting requirements for
approved TFEs TFE reporting requirements for Responsible Entities are described in
Section 6 of NERC RoP - Appendix 4D Procedure for Requesting and Receiving TFEs
to NERC CIP Standards
III Spot Checks
Spot checks are compliance audits with a much narrower focus but are performed with
the same rigor as a compliance audit ldquoSpot Checkingrdquo means a process in which the
Compliance Enforcement Authority requests a Registered Entity to provide information
(1) to support the Registered Entityrsquos Self-Certification Self-Reporting or Periodic Data
Submittal and to assess whether the Registered Entity complies with Reliability
Standards or (2) as a random check or (3) in response to events as described in the
Reliability Standards or based on operating problems or system events
ReliabilityFirst has the authority to conduct spot checks of any regulatory approved
Reliability Standards ReliabilityFirst has the option to expand the list of Reliability
Standards and Requirements that NERC has designated for spot checks within the
Region ReliabilityFirst will at a minimum satisfy all the spot check requirements in the
NERC 2013 Implementation Plan and AML
Both Operations amp Planning and CIP spot checks will require the appropriate reports per
the RoP CMEP and NERC Compliance Process Directive 2010-CAG-001 - Regional
Entity Compliance Audit Report Processing24
The standard audit report template and
procedure provided in NERC Compliance Process Directive 2010-CAG-001 will be
used by ReliabilityFirst for all spot check reports
IV Periodic Data Submittals
Specific Reliability Standards and Requirements have been identified for periodic data
submittals The periodic data submittals for 2013 are as shown on the Requirements Tab
of the 2013 Actively Monitored Reliability Standards list ReliabilityFirst will distribute
specific guidance on each periodic data request it initiates
V Self-Reporting
Registered Entities are encouraged to self-report compliance violations with any
approved Reliability Standard Self-reports of compliance violations are provided to
ReliabilityFirst Registered Entities are encouraged to report violations of Reliability
Standards as soon as possible to minimize any ongoing risk to the BPS and ensure that
the entity receives any potential cooperation credit25
or self-reporting credit26
24
httpwwwnerccompagephpcid=3|22 25
North American Electric Reliability Corporation ldquoOrder on Review of Notice of Penaltyrdquo 134 FERC para
61209 (2011) at P 13 httpwwwfercgovwhats-newcomm-meet2011031711E-3pdf
CMEP Discovery Methods
30
VI Exception-Reporting
Specific Reliability Standards and Requirements in the 2013 Actively Monitored
Reliability Standards list have been identified for exception reporting ReliabilityFirst
will distribute specific guidance and request our registered entities to self-certify by
exception to these standards
As noted in the NERC 2013 Implementation Plan in May of 2012 NERC filed proposed
revisions with FERC to Appendix 4C CMEP (and other ROP provisions) that would
remove exception reporting as one of the compliance monitoring methods As the filing
states ldquoException Reporting will no longer be considered one of the compliance
reporting processes as Exception Reports are triggered by Requirements of particular
reliability standards and not on the initiative of the CEArdquo It is important to note that
exception reporting will remain as a compliance monitoring method until these proposed
revisions are accepted by FERC
VII Complaint
All approved Reliability Standards or Requirements can be the subject of a complaint
regarding a compliance violation by a Registered Entity Complaints if validated can
initiate one of the other compliance monitoring methods in order to determine the full
extent of potential non-compliance
Registered Entities may submit to ReliabilityFirst a complaint in any form of media that
they desire Complaints may be made by an individual or anonymously Each complaint
will be reviewed and discussed with the entity that the allegation is made against A
determination will be made based upon these discussions whether an additional
compliance monitoring process will be implemented
NERC also maintains a Compliance Hotline that is administered by the Reliability Risk
Management (RRM) group Any person may submit a complaint to report a possible
violation of a Reliability Standard by calling 404-446-2575 sending an e-mail directly to
hotlinenercnet or completing the form at httpswwwnercnethotline Unless
specifically authorized by the complainant NERC and ReliabilityFirst staff will withhold
the name of the complainant in any communications with the violating entity
All information provided will be held as confidential in accordance with the NERC Rules
of Procedure NERC and or ReliabilityFirst will seek additional information regarding
the potential violation of Reliability Standards from the submitter and others as
appropriate A determination will be made based upon this information whether an
additional compliance monitoring process will be implemented
VIII Compliance Investigations
A Compliance Investigation may be initiated at any time by NERC or ReliabilityFirst in
response to a system disturbance Complaint or the possible violation of a Reliability
26
Guidance o Filing Reliability Notices of Penalty North American Electric Reliability Corporation
ldquoOrder on Review of Notice of Penaltyrdquo 124 FERC para 61015 (2008) at P 32
httpwwwfercgovEventCalendarFiles20080703131349-AD08-10-000pdf
CMEP Discovery Methods
31
Standard identified by any other means Compliance Investigations are confidential
unless FERC directs otherwise and are generally led by ReliabilityFirst staff
The Compliance Enforcement Authority reviews information to determine compliance
with the Reliability Standards The Compliance Enforcement Authority may request
additional data andor information as necessary through formal Requests for Information
site visits sworn statements etc to perform its assessment
Key CMEP Activities and Initiatives
32
KKeeyy CCMMEEPP AAccttiivviittiieess aanndd IInniittiiaattiivveess ReliabilityFirst NERC and the Regional Entities receive CMEP implementation
feedback from the Members Representative Committee (MRC) Compliance and
Certification Committee (CCC) and other stakeholders through the use of audited entity
feedback forms All feedback and input from these groups among others are reviewed
on a continual basis for opportunities for improvement ReliabilityFirst NERC and the
Regional Entities are committed to continuous improvement of the CMEP
implementation
CMEP Transparency Elements
NERC ReliabilityFirst and the Regional Entities continuously balance the request from
the industry to improve transparency with the confidential nature of the CMEP processes
Figure 1 is a pictorial view of the compliance process and it shows how most of the
processes in the CMEP fall under a window of confidentiality NERC ReliabilityFirst
and the Regional Entities are continuously identifying and implementing innovative ways
to share CMEP process information while honoring confidentiality Additional initiatives
are underway to increase transparency of CMEP elements in 2013 They are discussed
later in this Chapter
Figure 1 Compliance Process
ReliabilityFirst works with NERC Compliance Operations to continue to review and
publicly post CMEP implementation and process information in the form of public
notices27
in order to increase transparency of the CMEP application to registered entities
27
Public notices are available at httpwwwnerccompagephpcid=3|22
Region notifies NERC (amp entity) of alleged violation within 2-5 days ndash NERC notifies govrsquot authority
Region continues review and evaluation
CONF I DEN T I A
L
Dismissed Notice of alleged violation amp proposed penalty sent to responsible entity
Entity accepts violation ndash submits Mitigation Plan Entity Contests
Notice of confirmed violation sent to NERC amp responsible entity
Mitigation Plan Region Review
NERC Review
Govrsquot Review
NERC BOTCC reviews amp approves regionrsquos proposed penalty
Notice of penalty or settlement sent to FERC in US amp posted to NERC website (Processes differ in Canada)
5 DAY WAITING PERIOD
Settlement negotiations
Settlement Reached Regional Hearing
Appeals Process Settlement Approved
by BOTCC
Compliance Violation
Investigation
Self-Report
Audits Spot Check
Exception Self-
certification Periodic Reports
Key CMEP Activities and Initiatives
33
Outreach Efforts and Compliance Communications
ReliabilityFirst continues to reach out to its Registered Entities to further enhance the
communication between the region and our Registered Entities Below are several
methods that are used to communicate with the Registered Entities
Monthly Newsletter
The ReliabilityFirst Newsletter provides entities with news and information relating to
reliability activities
Monthly Compliance Update Letter
The ReliabilityFirst Monthly Compliance Update Letter provides the Registered Entities
with any changes made to the Compliance Monitoring Schedule and the notification due
dates of submittals necessary to satisfy compliance for monitoring activities of all of the
Reliability Standards
ReliabilityFirst website
The ReliabilityFirst website provides compliance and technical materials needed to
support compliance program implementation
WorkshopsSeminarsWebinars
ReliabilityFirst Compliance workshopsseminars or webinars which will include NERC
and FERC related initiatives will be scheduled to assist the Registered Entities in the
understanding of their responsibilities to satisfy compliance to all Reliability Standards
throughout the year
Compliance Data Management System (CDMS)
ReliabilityFirst allows our Registered Entities to report compliance via an internet based
application The home page provides informational announcements updates and news
worthy items of interest to the Registered Entities
Periodic Reports
ReliabilityFirst will provide Periodic Reports to its Registered Entities of its performance
compliance activities and as well areas of compliance that the Registered Entities
continue to struggle with These reports will be posted on the ReliabilityFirst website
Open Compliance Calls
ReliabilityFirst has implemented and is facilitating a conference call currently on a
monthly basis which is an open forum for our Registered Entities to call and voice
concerns ask questions and to be informed about upcoming compliance items
Key CMEP Activities and Initiatives
34
Assist Visits
ReliabilityFirst has implemented a program whereby an entity may request a one on one
or a small group meeting where guidance on compliance related activities can be
provided These Assist Visits can be in the form of a conference call web meeting or
on-site visit Topics can range from helping an entity become more familiar with
compliance related material and activities too special guidance and education when either
the Registered Entity or ReliabilityFirst believes the entity needs special attention or
additional help
Compliance Communication
The NERC Compliance Operations Program and ReliabilityFirst are working toward
common goals related to improving consistency increasing transparency and creating
more efficiency in compliance processes Past field experience is an important part of
meeting the goal to provide clarity on particular items and state the proper expectations
ReliabilityFirst and NERC provide transparency information in various formats
depending on the scope of the matter and relevance to the particular functions within the
BPS These include the following as well as other means as NERC and ReliabilityFirst
deem necessary
CANs ndash Compliance Application Notices28
The CANs focus on current and future auditable compliance applications
CANs provide continued compliance and enforcement guidance as a
means to facilitate information to industry while Reliability Standards are
revised and improved as discussed in FERC Order No 693 and 706
CARs ndash Compliance Analysis Reports29
CARS are a historical look at compliance trends for individual Reliability
Standards and will include addendums when the information is updated
Case Notes30
Case Notes provide examples of mitigation plans for recent possible
violations that have been accepted and in most cases complete Case notes
do not identify the Registered Entity
Bulletins31
Bulletins provide general information or clarification on current and future
issues
Lessons Learned32
Lessons Learned may result from an event analysis or other compliance or
engineering related activity They provide examples of how a problem
occurred and was identified and the corrective action taken
28
httpwwwnerccompagephpcid=3|22|354 29
httpwwwnerccompagephpcid=3|329 30
httpwwwnerccompagephpcid=3|22|371 31
httpwwwnerccompagephpcid=3|22 32
httpwwwnerccompagephpcid=5|385
Key CMEP Activities and Initiatives
35
Annual CMEP Reports33
Annual CMEP Reports are assessments of the previous yearrsquos CMEP and
are used in the planning and development of future yearsrsquo annual CMEP
Implementation Plans
Training and Self Improvement Activities
Compliance Auditors
The NERC compliance auditor training is based in part on generally accepted auditing
practices found in documents such as the Government Accounting Office (GAO)
Generally Accepted Government Auditing Standards (GAGAS) and is revised as
necessary Continuing education will provide training on specific auditing issues to
promote consistency and increased reliability
In 2013 NERC Compliance Operations will continue to improve processes and practices
which includes broader implementation of the Compliance Enforcement Initiative
Effective training is an important part of delivering consistency across NERC and the
Regions
In addition NERC sponsors seminars on specific matters as a way to provide continuous
education to ERO staff Two such seminars took place in 2012 and two are scheduled
for 2013
Specialized training for CIP auditors will continue in 2013 to address technical issues
unique to the CIP Standards environment and increase the skills of CIP auditor staff CIP
Standards Training will be conducted in 2013 ReliabilityFirst CIP audit staff has
attended at least one of those sessions during 2012 and will attend at least one in 2013
NERC encourages the CIP audit staff to have requisite experience training and
credentials in cyber security and IT auditing
Compliance Investigation (CI) Staff
A ldquoFundamentals of CIrdquo courseseminar has been conducted for NERC and Regional
Entity staff by NERC over the last two years The training is scheduled to be conducted
twice annually and is revised as necessary ReliabilityFirst staff will participate in this
training as required
Compliance Reviews of Events and Disturbances
Through the events analysis process the ERO strives to develop a culture of reliability
excellence that promotes aggressive critical self-review and analysis of operations
planning and critical infrastructure protection performance This self-critical focus is
ongoing and registered entities are linked together by their individual and collective
33
httpwwwnerccompagephpcid=3|26
Key CMEP Activities and Initiatives
36
performances Focusing on critical self-review and analysis is the basis of understanding
the root cause of events and in turn avoiding similar or repeated events by the timely
identification and correction of their causes and by sharing lessons learned As an
important component of the EROrsquos risk-based approach to compliance monitoring
compliance assessments conducted after events and disturbances further enhances the
overall strength of the ERO and the industry Both Registered Entities and
ReliabilityFirst have responsibilities in this area to facilitate continued learning and
demonstration of accountability to overall Bulk Power System (BPS)
Registered Entity Responsibilities
To support a strong culture of compliance registered entities are encouraged to perform a
compliance assessment in response to all system events and disturbances Registered
Entities conducting compliance assessments are encouraged to provide a compliance
assessment report to ReliabilityFirst for system events that fall in category 2 and above as
outlined in the ERO events analysis process document The Compliance Assessment
Template as found in Appendix 2 should be used when performing these assessments
Registered Entities that utilize compliance assessments to self-identify and address
possible reliability issues demonstrate their effectiveness of their internal controls and
their commitment to their culture of compliance Registered Entities that are able to
demonstrate strong internal controls and a robust culture of compliance that mitigate risk
may be afforded some recognition in consideration of reduced levels and frequency of
compliance monitoring activities At a minimum the entity is typically given credit for
these actions in the enforcement of a self-reported possible violation(s) and non-
compliance issue(s) Deference will be provided the Registered Entity for comprehensive
compliance assessments that clearly demonstrate a review of applicable standards and as
appropriate self-reporting
Regional Entity Responsibilities
ReliabilityFirst will review all system event reports and all compliance assessment
reports provided by registered entities and may utilize a risk based approach to
prioritizing these reviews The scope and depth of compliance review and the manner in
which the Regional Entities and NERC evaluate respond and process these reviews is
intended to reflect the significance of the event and the thoroughness of the compliance
assessment performed by the registered entity Compliance reviews are an area that
may also produce lessons learned to be shared at compliance workshops or compliance
newsletters to facilitate improvement in industry compliance programs These
compliance lessons learned and the results of these reviews will be shared with NERC
In the case that a registered entity does not provide a compliance assessment or if
ReliabilityFirst determines the assessment was insufficient ReliabilityFirst may perform
an independent compliance assessment ReliabilityFirst may also request additional
information from the registered entity These compliance assessments can impact future
compliance monitoring activity
Key CMEP Activities and Initiatives
37
Registration and Certification
The purpose of the Organization Registration Program is to clearly identify those entities
that are responsible for compliance with the regulatory approved Reliability Standards
and is described in the NERC Rules of Procedure Appendix 5A Organization
Registration and Certification Manual As described in the NERC Statement of
Compliance Registry Criteria NERC will include in its compliance registry each entity
that the ERO concludes can materially impact the reliability of the BPS ReliabilityFirst
and NERC are obligated to identify all organizations to be listed in the NERC compliance
registry Identifying these organizations is necessary and prudent for the purpose of
determining resource needs both at the NERC and ReliabilityFirst level and to begin the
process of communication with these entities regarding their potential responsibilities and
obligations
Multi-Regional Registered Entities (MRRE)
There are several activities related to registration compliance monitoring and
enforcement involving registered entities that are registered and operate andor conduct
business in multiple regions The purpose of the MRRE process is to describe the
coordinated CMEP processes that will be used by NERC and the Regional Entities for a
subset of registered entities that are registered in multiple regions on a voluntary basis
The MRRE process allows these entities the ability to request to be accountable to one
Compliance Enforcement Authority (CEA) This coordinated process provides for
increased efficiencies in compliance resource allocation for NERC the Regional Entities
and the Registered Entities while maintaining the reliability of the BPS
Until the MRRE gets approved and put in place ReliabilityFirst will continue to
participate on Joint Audits for the PSE functions and those entities previously agreed
upon with other regions This effort helps to reduce the resources required to meet the
regional schedules and is intended to reduce some of the burden of those Registered
Entities across multiple Regions
Joint Registration Organization and Coordinated Functional Registration
Joint Registration Organization (JRO)34
In addition to registering as the entity
responsible for all functions that it performs itself an entity may register as a JRO on
behalf of one or more of its members or related entities for one or more functions for
which such members or related entities would otherwise be required to register and
thereby accept on behalf of such members or related entities all compliance responsibility
for that function or those functions including all reporting requirements
Coordinated Functional Registration (CFR)35
In addition to registering as an entity
responsible for all functions that it performs itself multiple entities may each register
using a CFR for one or more reliability standard andor for one or more
34
Section 507 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf 35
Section 508 of the NERC RoP
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Key CMEP Activities and Initiatives
38
requirementssub-requirements within particular reliability standards applicable to a
specific function The CFR submission must include a written agreement that governs
itself and clearly specifies the entitiesrsquo respective compliance responsibilities The
registration of the CFR is the complete registration for each entity Additionally each
entity shall take full compliance responsibility for those Reliability Standards andor
requirementssub-requirements it has registered for in the CFR Due to abrupt or forced
registration changes as described below this form of registration may become more
common in 2013
Results of Abrupt or Forced Registration Changes
NERC and ReliabilityFirst will continue to work together in the development of
appropriate actions to efficiently manage the compliance issues resulting from abrupt and
forced registration changes
Enforcement Initiatives
In 2013 ReliabilityFirst NERC and the other Regional Entitiesrsquo will continue to
develop enhancements to enforcement processing to achieve efficient and timely
compliance outcomes including streamlined procedures for lesser risk violations and
improved workflow and tools This will result in an increased focus of compliance
enforcement resources on the cases that have the most significant impact on the reliability
of the BPS Compliance Enforcement staff has realized significant efficiencies and
expects to gain efficiencies through better utilization of existing resources in the future
In September 2011 NERC made its initial Compliance Enforcement Initiative (CEI)
filing with the Federal Energy Regulatory Commission (FERC) that introduced the
streamlined spreadsheet Notice of Penalty (NOP) and the FFT approaches The CEI has
received significant support from the Regional Entities and industry On March 15 2012
FERC approved the FFT approach with certain proscribed conditions NERC anticipates
the FFT process will enable better alignment and substantially greater resources and
attention to be devoted to matters that pose a more serious risk to the reliability of the
BPS ReliabilityFirst NERC and the other Regional Entities will continue to work
collaboratively to continue to implement and improve the CEI
Further Implementation of the CEI
As the FFT implementation matures auditors will be able to recommend FFT treatment
for certain audit findings but ultimately the decision to afford FFT treatment to a specific
issue resides with the ReliabilityFirst enforcement staff NERC will provide a series of
webinars and workshops to guide compliance and enforcement staff at all levels on the
application of FFT to possible violations
ERO Guidance on COM-002-2 ndash Communication and Coordination
Compliance monitoring for COM-002 will be based on the NERC BOT approved
interpretation effective as approved by the BOT on February 9 2012 Background and
further information is provided below
Key CMEP Activities and Initiatives
39
In December of 2011 a recirculation ballot was approved by the ballot pool regarding an
interpretation36
to COM-002-2 regarding the use and associated circumstances of three-
part communication for directives Specifically the interpretation states that
COM-002-2 R2 does not specify the conditions under which a directive is issued
nor does it define directive It only provides that the requirements be followed
when a directive is issued to address a real-time emergency Routine operating
instructions during normal operations would not require the communications
protocols for repeat backs as specified in R2
Following the recirculation ballot this interpretation was presented and subsequently
approved by the NERC Board of Trustees (BOT) in February 2012 This interpretation
has designated that COM-002-237
R2 is applicable to the use of directives in addressing
real-time emergencies and with BOT approval now represents NERC guidance on the
use of directives
To ensure consistency throughout the ERO for COM-002-2 NERC Compliance
Operations is utilizing a strategy based upon the following four components
1) NERC staff will develop an enhanced COM-002 RSAW that provides the
appropriate compliance guidance and relates industry best practices
2) NERC and the Regional Entity staffs will work with the NERC Operating
Committee (OC) and Standards Committee (SC) to develop and provide guidance
regarding good utility practice on the use of three-part communication for real-
time operations
3) NERC staff was assigned and will work with the NERC SC to expedite the
completion and FERC approval of Standards Project 2007-02 ― Operating
Personnel Communications Protocols ― COM-00338
that addresses real-time
communication protocols
Approved Standards Which Reference Unapproved Standards
There are several approved reliability standards that reference or rely on not yet approved
reliability standards
In Order No 693 the Commission determined it could neither approve nor remand
certain proposed reliability standards based on information provided
The ERO only enforces those standards that have been approved by FERC In Order No
693 the Commission did state however that the ERO has the authority to obtain
36
See Standards Project 2009-22 - Interpretation of COM-002-2 mdash Communications and Coordination R2
for the ISORTO Council at
httpwwwnerccomfilezstandardsProject2009-22_RFI_COM-002-2_R2_IRChtml 37
See the BOT approved revision to the COM-002-2 that includes the interpretation at
httpwwwnerccomfilesCOM-002-2apdf 38
See Standards Project 2007-02 ― Operating Personnel Communications Protocols ― COM-003 at
httpwwwnerccomfilezstandardsOp_Comm_Protocol_Project_2007-02html
Key CMEP Activities and Initiatives
40
necessary information through the Commissionrsquos regulations In addition the
Commission stated that
ldquoThe fact that a Reliability Standard simply references another pending Reliability
Standard one that is not being approved or remanded here does not alone justify not
approving the former Reliability Standardrdquo 39
Examples of these standards follow
Fill-in-the-blank standard Referenced in
MOD-011-0 filed 4406 awaiting
FERC action
MOD-010-0 R1 and R2 effective 61807
MOD-013-0 filed 82806 awaiting
FERC action
MOD-012-0 R1 and R2 effective 61807
PRC-002-1 filed 82806 awaiting
FERC action
PRC-018-1 R1 R2 R3 R4 and
(indirectly)R5 effective 61807
39 Mandatory Reliability Standards for the Bulk-Power System 72 FR 16416 (Apr 4 2007) FERC Stats amp
Regs para 31242 (2007) (Order No 693) P 300
Regional Entities CMEP Implementation Plans
41
RReelliiaabbiilliittyyFFiirrsstt CCMMEEPP IImmpplleemmeennttaattiioonn PPllaann The ReliabilityFirst 2013 CMEP Implementation Plan is an annual plan submitted to
NERC each year for their review approval and is done in accordance with NERC RoP
Section 4016 The NERC CMEP Implementation Plan identifies at a minimum that
each Regional Entity plan must address The ReliabilityFirst CMEP implementation
Plan identifies
1 All Reliability Standards identified by NERC in the 2013 CMEP Actively
Monitored Reliability Standards list The ReliabilityFirst2013 CMEP
Implementation Plan mirrors at a minimum by Standard the AML found
in the NERC 2013 Implementation Plan
2 Other Reliability Standards proposed for monitoring by ReliabilityFirst
these will include any regional Reliability Standards and additional NERC
Reliability Standards
3 The methods to be used for reporting monitoring evaluation and
assessment of performance criteria with each Reliability Standard
ReliabilityFirst will at a minimum perform the compliance monitoring
methods identified in the NERC 2013 Actively Monitored Reliability
Standards list When ReliabilityFirst determines that an increased audit
scope is necessary ReliabilityFirst shall notify the registered entity of the
increased audit scope This notification shall be part of the audit
notification package and shall include the Reliability Standards and
Requirements that are included in the increased scope as well as the
justification for the increased scope When ReliabilityFirst determines that
an increased audit scope is necessary after the notification package is sent
or while the audit is ongoing then ReliabilityFirst shall notify the
registered entity of the increased audit scope as soon as possible For
references to NERC guidance or Implementation Plans such as the CIP
Guidance links from the NERC are included in the ReliabilityFirst
Implementation Plan where applicable and instead of including the entire
document
4 The ReliabilityFirst Annual Implementation Plan should include a list of
registered entity names that are on the 2013 schedule NERC Compliance
Registration ID and the year they will be audited
5 The Regional Entityrsquos Annual Plan should address Key CMEP Activities
and Initiatives
Conclusion
42
CCoonncclluussiioonn The ERO CMEP Implementation Plan which is developed according to Section 215(c)
of the Federal Power Act is the operating plan for annual compliance monitoring and
enforcement activities NERC as the international ERO and ReliabilityFirst and the
other Regional Entities through their delegation agreements with NERC monitor and
enforce compliance of registered entities with all regulatory approved Reliability
Standards Registered entities include all BPS owners operators and users
While the actions of the ERO in accordance with the CMEP are critical to the reliability
of the BPS it is only one part of an overall plan to ensure system reliability The other
part consists of the actions of the registered entities and the electric power industry at
large and these are equally as critical to system reliability The registered entities must
participate in the educational informational and developmental efforts that are being
undertaken not only to maintain reliability but to enhance it as well The sharing of the
industryrsquos technical expertise experience and judgment as well as its participation in the
EROrsquos processes will help to further identify and remove reliability gaps and
shortcomings The ERO continuously seeks to improve the execution of its role in
ensuring system reliability as is the case with the advancements of the annual CMEP
Implementation Plan undertaken for 2013 but the industry must continue to participate
for the overall reliability plan to be successful
Revision History
43
DDooccuummeenntt CChhaannggee RReevviissiioonn HHiissttoorryy
Version Reason for Change Approved by Revision Date
0 2013 ReliabilityFirst CMEP Implementation Plan James A Uhrin January 1 2013
01 Remove all reference to the Entity Impact Evaluations
(EIE) until the process is beter defined and matures James A Uhrin January 1 2013
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
44
AAppppeennddiixx 11 ndashndash SSttaannddaarrddss aanndd RReeqquuiirreemmeennttss
IImmpplliiccaatteedd SSyysstteemm EEvveennttss
NERC staff will continue to monitor recent events such as the southwest cold weather
event and the southwest blackout and the progress of the FFT compliance enforcement
initiative As a result of the recently released Southwest Blackout40
report by FERC and
NERC Regional Entities are encouraged to consider critical standards that include
aspects of situational awareness in their audit and self-certification programs for 2013
Situational Awareness
EOP-006-1 mdash Reliability Coordination mdash System Restoration
EOP-008-1 mdash Loss of Control Center Functionality
IRO-002-2 mdash Reliability Coordination mdash Facilities
IRO-005-3a mdash Reliability Coordination mdash Current Day Operations
IRO-005-31a mdash Reliability Coordination mdash Current Day Operations
IRO-006-EAST-1 mdash TLR Procedure for the Eastern Interconnection
MOD-001-1a mdash Available Transmission System Capability
TOP-002-2b mdash Normal Operations Planning
TOP-002-21b mdash Normal Operations Planning
Regional Entities should also consider these other implicated standards by requirement
in scoping compliance monitoring activities for RCs BAs and TOPs This list is subject
to change as further data and analysis become available
40 httpwwwnerccomfileUploadsFileNewsPR_AZOutage01MAY12pdf
Standard Requirement Tier
COM-002-2 R1 3
FAC-008-1 R1 2
FAC-009-1 R1 1
FAC-011-2 R2 Not Tiered
FAC-011-2 R3 Not Tiered
FAC-014-2 R1 Not Tiered
IRO-002-2 R6 3
IRO-003-2 R2 Not Tiered
IRO-004-2 R1 1
IRO-005-3a R4 2
Appendix 1 ndash Standards and Requirements Implicated by the 2011 Southwest Blackout
45
IRO-005-3a R5 2
IRO-005-3a R6 1
IRO-005-3a R12 1
MOD-012-0 R1 Not Tiered
PER-004-2 R2 Not Tiered
PRC-001-1 R1 1
PRC-001-1 R4 2
PRC-001-1 R5 2
PRC-005-1b R1 2
PRC-005-1b R2 1
PRC-009-0 R1 Not Tiered
PRC-015-0 R2 Not Tiered
PRC-015-0 R3 Not Tiered
PRC-023-2 R1 2
TOP-002-2b R4 2
TOP-002-2b R6 2
TOP-002-2b R10 2
TOP-002-2b R11 2
TOP-002-2b R19 2
TOP-004-2 R1 2
TOP-004-2 R2 2
TOP-004-2 R3 2
TOP-004-2 R4 1
TOP-004-2 R6 3
TOP-006-2 R1 Not Tiered
TOP-006-2 R2 Not Tiered
TOP-006-2 R5 Not Tiered
TOP-006-2 R6 Not Tiered
TOP-008-1 R1 2
TOP-008-1 R2 2
TOP-008-1 R4 2
TPL-002-0b R1 3
TPL-002-0b R2 3
TPL-003-0a R1 3
TPL-003-0a R2 2
Appendix 2 ndash Compliance Assessment Template
46
AAppppeennddiixx 22 ndashndash CCoommpplliiaannccee AAsssseessssmmeenntt TTeemmppllaattee
Events Analysis Process Compliance Assessment Template
The registered entity is encouraged to perform an initial compliance self-assessment
concurrent with the registered entityrsquos event review
A systematic and methodical compliance assessment (CA) process that would include the
following steps
1 Refer to the causes and contributing factors of the event as determined by the
registered entityrsquos events analysis process
2 Identify any applicable NERC Reliability Standard(s) requirement(s) that may
have been implicated by the causes and contributing factors of the event
3 After reviewing the facts and circumstances of the event develop conclusions
that are relevant to step 2 above as they apply to the applicable NERC
Reliability Standards requirements
4 On request by the Regional Entity or on its own accord the Registered Entity
will provide a copy of its CA report to the Regional Entity The report should
reference the separate events analysis report provided to ReliabilityFirst
5 Self-report any findings of non-compliance to the Regional Entity per the
CMEP procedures
Sample Template for Compliance Assessment Summary
Event causes or
contributing
factors
Applicable NERC
Reliability Standards
Details of Compliance
Assessment Effort Findings
Cause AAA-000-0 Requirement 1 Identify the process used
to assess compliance
with this requirement
Identify any evidence
that demonstrates
compliance
Identify any evidence
that suggests non-
compliance
Findings of possible
violations should be
identified
If there are no findings
of non-compliance that
should be noted
AAA-000-0 Requirement 2
Contributing factor BBB-000-0 Requirement 1
Category 1a Example Event causes or
contributing
factors
Applicable NERC Reliability
Standards
Details of Compliance
Assessment Effort
Findings
Equipment failure of
a high side
transformerndash cleared
TOP-002-2a
R6 Each BA and TOP shall plan to
meet unscheduled changes in system
Established transfer limits
were followed such that the
event did not result in
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
47
along with two
transmission lines
configuration and generation
dispatch (at a minimum N-1
Contingency planning) in accordance
with NERC Regional Reliability
Organization sub-regional and local
reliability requirements
instability The limit for
operating across this internal
interface is established in the
RC
ldquoXYZ Interface All Lines In
Stability Guiderdquo (document
provided)
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-002-2a
R10 Each Balancing Authority and
Transmission Operator shall plan to
meet all System Operating Limits
(SOLs) and Interconnection
Reliability Operating Limits
(IROLs)
No SOLs were violated
There are no IROLs
associated with the loss of
equipment in this event See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-004-2
R1 Each TOP shall operate within
the IROLs and SOLs
R2 Each TOP shall operate so that
instability uncontrolled separation
or cascading outages will not occur
as a result of the most severe single
contingency
The system was operated to
remain within transfer limits
across the ldquoXYZrdquo internal
interface established as a
result of stability studies as
delineated in the
Transmission Operating
Guide developed by RC See
the specific guide referenced
in the response to TOP-002-
2a R6
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-001
R1 Each TOP BA and GOP shall be
familiar with the purpose and
limitations of protection system
schemes applied in its area
Both the RC and the TOPs
are trained on the
Transmission Operating
Guides as well as relaying
and SPSs on the BPS
Protection operated correctly
and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
PRC-004
R1 The TOP and any Distribution
Provider that owns a transmission
Protection System shall each analyze
its transmission Protection System
Misoperations and shall develop and
implement a Corrective Action Plan
to avoid future Misoperations of a
similar nature according to the
Regional Entityrsquos procedures
System Protection engineers
evaluated the relay
operations and determined
that all relaying operated
correctly and as planned
No findings of non-
compliance
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-008
R1 The TOP experiencing or
contributing to an IROL or SOL
violation shall take immediate steps
to relieve the condition which may
include shedding firm load
R2 Each Transmission Operator
shall operate to prevent the
likelihood that a disturbance action
or inaction will result in an IROL or
SOL violation in its area or another
area of the Interconnection In
instances where there is a difference
in derived operating limits the TOP
R1 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
R2 by following the TOP
Guides developed by RC
violations do not occur
R3 no conditions occurred
that required disconnection
R4 Operators used their
EMS-based tools to ensure
that there were no
SOLIROL violations
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
48
shall always operate the BPS to the
most limiting parameter
R3 The TOP shall disconnect the
affected facility if the overload on a
transmission facility or abnormal
voltage or reactive condition persists
and equipment is endangered In
doing so the TOP shall notify its RC
and all neighboring TOPs impacted
by the disconnection prior to
switching if time permits otherwise
immediately thereafter
R4 The TOP shall have sufficient
information and analysis tools to
determine the cause(s) of SOL
violations This analysis shall be
conducted in all operating
timeframes The TOP shall use the
results of these analyses to
immediately mitigate the SOL
violation
Equipment failure of
a high side
transformerndash cleared
along with two
transmission lines
TOP-006
R2 Each RC TOP and BA shall
monitor applicable transmission line
status real and reactive power flows
voltage load-tap-changer settings
and status of rotating and static
reactive resources
R5 Each RC TOP and BA shall use
monitoring equipment to bring to the
attention of operating personnel
important deviations in operating
conditions and to indicate if
appropriate the need for corrective
action
The EMSs at both the RC
and the TOP provide
operators with the
information needed to
evaluate system conditions
and notify operators when
conditions are off normal
EMS system visibility and
communications were not
lost during this event
No findings of non-
compliance
Appendix 2 ndash Compliance Assessment Template
49
Findings as the
outcome of a
compliance self-
assessment will result
in either a statement of
ldquoNo Findingsrdquo or that
of ldquoPossible Violation
(PV)rdquo
Should the latter be the
result the entity will be
given the opportunity to
self-report the PV to the
Regional Compliance
Enforcement
department in
accordance with the
existing procedures set
forth in the CMEP In
doing so the entity self-
reporting should inform
the Regional
Compliance
Enforcement
department that this has
been done consistent
with the event analysis
process and the
completion of a
compliance self-
assessment to obtain the
credit prescribed
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
50
AAppppeennddiixx 33 ndashndash 22001133 RReeggiioonnaall EEnnttiittyy RReeqquueesstt ttoo
DDeeffeerr oorr RReedduuccee tthhee SSccooppee ooff aa CCoommpplliiaannccee
AAuuddiitt
Request to Reduce Scope or Deferment of a Compliance Audit41 This form should be submitted as both a Word and PDF file to NERC Compliance Operations at least 90 days prior to the audit for approval Email forms along with an entity risk assessment to JimHughesnercnet and ChariseWilsonnercnet
Requesting Regional Entity Information
Date
Name
Title
Region
State the basis for
Reduced Audit Scope or
Deferment of
Compliance Audit
State other methods used
for compliance
monitoring during period
of reduced scope or
deferment
State requested duration
of deferment if
applicable
State whether this is a
MRRE audit
Applicable Region(s) FRCC MRO NPCC RFC
SERC SPP RE TRE WECC
Registered Entity Information
Registered Entityrsquos Legal
Name
NCR ID Number
Date of Last Compliance
Audit
Date of Next
Compliance Audit
41 Audit periodicity for entities registered as BAs RCs and TOPs must be every three years and cannot be
reduced per section 403111 of the NERC Rules of Procedure at
httpwwwnerccomfilesNERC_Rules_of_Procedure_EFFECTIVE_20110412pdf
Appendix 3 ndash 2013 Regional Entity Request to Defer or Reduce the Scope of a Compliance Audit
51
Regional Entityrsquos Additional Information
Comments
Regional Entity Authorized Signature
ERO Analysis Results
State
information
reviewed and
basis for
determination
ERO Final Determination
Approved Declined
ERO Director of Compliance Operations