operations and planning compliance audit report public version repots...

Operations and Planning Compliance Audit Report

Public Version Central Hudson Gas & Electric Company NERC ID# NCR07028 Confidential Information (Including Privileged and Critical Energy Infrastructure Information) Has Been Removed Date of Audit: November 29 to December 1, 2016 Audit Period: April 12, 2014 to October 31, 2016 for DP and TO July 1, 2016 to October 31, 2016 for TOP and TP Date of Report: December 12, 2016

Confidential Information (Including Privileged and Critical Energy Infrastructure Information) Has Been Removed

Date of Audit: November 29 to December 1, 2016 Date of Report: December 12, 2016 i

Table of Contents Executive Summary ....................................................................................................................... 1

Audit Process ................................................................................................................................ 2

Objectives...................................................................................................................................... 2

Scope ............................................................................................................................................. 3

Confidentiality and Conflict of Interest ........................................................................................ 3

Methodology ................................................................................................................................. 3

Company Profile ............................................................................................................................ 3

Audit Participants .......................................................................................................................... 4

Audit Findings ............................................................................................................................... 5

Recommendations ...................................................................................................................... 10

Compliance Culture ..................................................................................................................... 10


Date of Audit: November 29 to December 1, 2016 Date of Report: December 12, 2016 1

Executive Summary Northeast Power Coordinating Council conducted an Operations and Planning Audit of Central Hudson Gas & Electric Company (CH), NERC ID NCR07028 from November 29 to December 1, 2016. At the time of the Audit, CH was registered for the functions of Distribution Provider (DP), Transmission Owner (TO), Transmission Operator (TOP), and Transmission Planner (TP). The table below identifies the key Functions associated with CH: Functional Model Interface Registered Entity NERC ID Reliability Coordinator (RC) NYISO (NCR07160) Balancing Authority (BA) NYISO Transmission Operator (TOP) CH/NYISO Planning Coordinator (PC) NYISO Transmission Planner (TP) CH/NYISO Resource Planner (RP) NYISO The Audit team evaluated CH for compliance with 97 requirements. The team assessed compliance with the NERC Reliability Standards (and Regional Reliability Standards if applicable) for the period of April 12, 2014 to October 31, 2016 for DP/TO and July 1, 2016 to October 31, 2016 for TOP/TP. CH submitted evidence and the team reviewed and evaluated all of the evidence provided to assess compliance with the scoped reliability standards. Based on the evidence provided, the team’s findings are summarized in Table 1 below. Table 1. Summary of Findings

No Finding

Potential Non-Compliance

Open Enforcement Action*

Not Applicable

Total

Reliability Standard Requirements

90 0 0 7 97

*OEAs with newly identified PNCs are counted in the PNC column only; not in the OEA column. OEAs without newly identified PNCs are counted in the OEA column. The team notified CH of zero (0) Recommendations. This report adds detail to the findings that were presented to CH during the Exit Briefing. Table 1 and the Audit Findings section contain the details of the Audit team’s findings of applicability and compliance to the NERC Reliability Standards and applicable Regional Reliability Standards within the scope of the compliance Audit. Potential Non-Compliances will be processed as outlined in the NERC CMEP and the NPCC CMEP Implementation Plan. There were no open mitigation plans; therefore, none were reviewed by the team.



NPCC certifies that the Audit team adhered to all applicable requirements of the NERC Rules of Procedure (ROP) and Compliance Monitoring and Enforcement Program (CMEP).1 NPCC is solely responsible for the content of this report. The NPCC Audit Manager has confirmed that the content of this report is true, to the best of his knowledge.

Audit Process The compliance Audit process steps are detailed in the NERC Rules of Procedure, the NERC CMEP, and the NPCC CMEP Implementation Plan. The Compliance Monitoring and Enforcement Program generally conforms to the Government Auditing Standards and other generally accepted audit practices.

Objectives All registered entities are subject to compliance assessments with all reliability standards applicable to the functions for which the registered entity is registered2 in the Region(s) performing the assessment. The Audit objectives are to:

• Review and validate compliance with applicable Reliability Standards (that apply to CH functions) from the 2016 NERC and 2016 NPCC Implementation Plans and any additional NERC Reliability Standards included in the audit scope;

• Validate evidence of self-reported violations and previous self-certifications; (There were none.)

• Observe and document CH’s compliance program and culture;

• Review the status of open mitigation plans. (There were none.)

Scope The scope of the compliance Audit was developed using risk-based concepts as per the 2016 NERC and 2016 NPCC CMEP Implementation Plans. This Audit did not include a review of mitigation plans or remedial action directives as there were none open during the Audit. The team did not expand the scope of the Audit beyond what was stated in the notification package.

Confidentiality and Conflict of Interest Confidentiality and conflict of interest of the Audit team are governed under the NPCC Delegation Agreement with NERC and Section 1500 of the NERC Rules of Procedure. CH was informed of NPCC’s obligations and responsibilities under the agreement and procedures. The work history for each team member was provided to CH, which was given an opportunity to object to a team member’s participation on the basis of a possible conflict of interest or the

1 This statement replaces the Regional Entity Self-Certification process. 2 NERC Rules of Procedure, Appendix 4C, Section 3.1, Compliance Audits.



existence of other circumstances that could interfere with a team member’s impartial performance of duties. CH had not submitted any objections by the stated 15-day objection due date and accepted the team member participants without objection. There were no denials or access limitations placed upon this team by CH.

Methodology The Audit team reviewed the evidence submitted by CH and assessed compliance with requirements of the applicable reliability standards. NPCC provided CH with a Request for Information (RFI) prior to commencement of the Audit. CH provided pre-Audit evidence at the time requested, or as agreed upon, by NPCC. Additional evidence could be submitted until the agreed-upon deadline prior to the Exit Briefing. After that date, only data or information that was relevant to the content of the report or its findings could be submitted with the agreement of the audit team lead. The Audit team reviewed documentation provided by CH and requested additional evidence and sought clarification from subject matter experts during the Audit. Evidence submitted in the form of policies, procedures, emails, logs, studies, data sheets, etc. was validated, substantiated, and cross-checked for accuracy as appropriate. Where sampling was applicable to a requirement, the sample set was determined by a statistical methodology, along with professional judgment. Findings were based on the facts and documentation reviewed, the team’s knowledge of the BES, the NERC Reliability Standards, and professional judgment. All findings were developed based upon the consensus of the team.

Company Profile Central Hudson Gas & Electric Corporation, with headquarters in Poughkeepsie, NY, is a regulated gas and electric transmission and distribution utility serving approximately 300,000 electric and 75,000 gas customers in eight counties in New York’s Mid-Hudson River valley. The 2,600 square mile service territory extends from the northern suburbs of New York City to southern Albany County and has an estimated population of 688,000. There are 615miles of transmission lines within CH’s service area operating at voltage levels of 69 kV, 115 kV, and 345 kV. CH has interconnections with Consolidated Edison, NYSEG, National Grid, NYPA, First Energy, and Eversource Energy Service Company.

Audit Participants The following is a list of all personnel from the NPCC Audit team and CH who were directly involved during the meetings and interviews.

NPCC Team Members

Role Title Entity

Audit Manager Manager NPCC



Audit Manager Manager NPCC

Team Member Auditor NPCC






Team Member Engineer NPCC CH Participants

Title Entity

Senior Director Reliability Compliance CH

Senior Engineer Electric Transmission Planning

CH

Associate Engineer Electric Transmission Planning

CH

Director Reliability Compliance CH

Reliability Compliance Analyst CH

Director System Operations CH

Senior Systems Analyst EMS CH

Senior System Operators CH

Chief System Operators CH

Engineering Technician CH

Manager Operations Services CH

Director Substation Operations CH



Substation Technician Foreman CH

Audit Findings The following information details the compliance findings for the reliability standards and requirements identified in the scope of this Audit.

Standard Req. Finding

COM-001-2.1 R3 No Finding

COM-001-2.1 R4 No Finding

COM-002-4 R1 No Finding



COM-002-4 R7 Not Applicable

EOP-001-2.1b R2

No Finding

EOP-001-2.1b R3 No Finding



EOP-003-2 R1 No Finding

EOP-003-2 R2 Not Applicable






FAC-014-2 R2 No Finding



IRO-001-1.1 R8 No Finding

IRO-004-2 R1 No Finding

IRO-005-3.1a R10 No Finding

PER-001-0.2 R1 No Finding

PER-003-1 R2 No Finding




PRC-001-1.1(ii) R1 No Finding





PRC-001-1.1(ii) R6 Not Applicable

PRC-005-2(i) R3 No Finding



PRC-005-2(i) R4

Not Applicable

PRC-005-2(i) R5 No Finding

PRC-005-6 R3 No Finding

PRC-005-6 R4 Not Applicable

PRC-005-6 R5 No Finding

TOP-001-1a R1 No Finding








TOP-002-2.1b R1 No Finding









TOP-004-2 R1 No Finding




















TPL-001-4 R1 No Finding




VAR-001-4.1 R1 No Finding



Recommendations The Audit team identified and informed CH of zero (0) Recommendations.

Compliance Culture The NPCC Audit team performed an assessment of CH’s compliance culture in conjunction with the Audit process. The assessment was accomplished through a review of responses to the Internal Compliance Survey questionnaire and additional information that was gathered during interviews and observations. This included an assessment of factors that characterize vigorous and effective compliance programs including:

• Active engagement and leadership by senior management.

• Expeditious turnaround of all audit material and data requests.

• Excellent preparation by the CH Compliance Team and SMEs.

• Participation in Inherent Risk Assessments/Internal Control Evaluations.

• Overall, an excellent culture of compliance was observed.

operations and planning compliance audit report public version repots...

Documents