welcome! [] 1 presentation.pdf · welcome! nerc 2017 standards and compliance workshop. jw marriott...
TRANSCRIPT
Welcome!NERC 2017 Standards and Compliance WorkshopJW Marriott New Orleans
July 11-12, 2017
RELIABILITY | ACCOUNTABILITY2
NERC Antitrust Compliance Guidelines
It is NERC’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or that might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers, or any other activity that unreasonably restrains competition.
RELIABILITY | ACCOUNTABILITY3
Public Announcement
Participants are reminded that this meeting is public. Notice of the meeting was posted on the NERC website and widely distributed. The notice included the number for dial-in participation. Participants should keep in mind that the audience may include members of the press and representatives of various governmental authorities.
RELIABILITY | ACCOUNTABILITY4
• Safety Fire exits Calling 911 Alerting hotel staff CPR
• Other Logistics Q&A Restrooms
General Announcements
RELIABILITY | ACCOUNTABILITY5
• 9:00 – Noon: NERC Standards and Compliance 101 Mat Bunch Latrice Harkness Shamai Elstein Ryan Mauldin
• Noon – 1:00 p.m.: Lunch• 1:00 – 1:10 p.m.: Welcome and Introductions Laura Anderson Ryan Mauldin
• 1:10 – 1:20 p.m.: Keynote Remarks Howard Gugel Andrea Koch
Today’s Agenda
RELIABILITY | ACCOUNTABILITY6
• 1:20 – 1:30 p.m.: Interactive Demonstration Laura Anderson Ryan Stewart
• 1:30 – 2:00 p.m.: Cost Effectiveness Steven Noess Soo Jin Kim
• 2:00 – 2:15 p.m.: SBS Enhancements Chris Larson
• 2:15 – 3:15 p.m.: Break• 3:15 – 3:45 p.m.: NERC Registration Initiatives Ryan Stewart
Today’s Agenda
RELIABILITY | ACCOUNTABILITY7
• 3:45 – 4:00 p.m.: Project 2016-03 – Cyber Security Supply Chain Management Soo Jin Kim
• 4:00 – 4:45 p.m.: Compliance Monitoring Update (Coordinated Oversight of MRREs, IRAs, and Compliance Guidance) Kim Israelsson Kiel Lyons
• 4:45 – 5:00 p.m.: General Q&A/Closing Announcements Laura Anderson Latrice Harkness
• 5:30 – 6:30 p.m.: Reception
Today’s Agenda
RELIABILITY | ACCOUNTABILITY8
Keynote Remarks
Howard Gugel, NERC Senior Director of Standards and EducationAndrea Koch, NERC Senior Director of Reliability Assurance
Cost Effectiveness and Guidelines and Technical Basis
Steven Noess, Director of Standards DevelopmentSoo Jin Kim, Manager of Standards Development2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY2
• Northeast Power Coordinating Council, Inc. procedure• NERC Cost Effective Analysis Process• 2015 policy input• Cost effectiveness method piloted in 2016
History of Cost Effectiveness
RELIABILITY | ACCOUNTABILITY3
Cost Effectiveness
• 2017 Board of Trustees made this a priority effort All projects will generally consider cost effectiveness at a high level All formal comments will provide industry a chance to comment on cost
considerations
• Two questions to address What is level of cost versus reliability benefit? Can the most cost-effective solution be used?
RELIABILITY | ACCOUNTABILITY4
• Periodic Reviews• Standards grading metric• Additional pilots of proposed method
Current Activities
RELIABILITY | ACCOUNTABILITY5
Examples
• Examples of Project Questions Posed Supply Chain: The standard drafting team believes proposed CIP-013-1 and
the draft Implementation Guidance provide entities with flexibility to meet the reliability objectives in a cost-effective manner. Do you agree? If you do not agree, or if you agree, but have suggestions for improvement to enable additional cost-effective approaches, please provide your recommendation, and if appropriate, technical justification.
VAR EPR: The team did not identify a concern related to cost effectiveness as drafted. Do you agree? If not, please provide additional detail.
RELIABILITY | ACCOUNTABILITY6
• Comments solicited in periodic reviews• Comments solicited in Standard comment periods• Evaluate compliance and enforcement cost impacts• Cost comment themes provided in Board of Trustees
presentations
Future Activities
RELIABILITY | ACCOUNTABILITY7
• History Initially designed to support results-based standards First used in FAC-003-2 Contained an “information only” disclaimer Incorporated into standard development template Disclaimer paragraph was omitted
Guidelines and Technical Basis
RELIABILITY | ACCOUNTABILITY8
• Provides drafting teams a mechanism to: Explain the technical basis for Reliability Standard Provide technical guidance to help support effective application
• To further clarify Guidelines and Technical Basis (GTB): NERC staff and Standards Committee (SC) leadership to coordinate Captured in Task 3 in SC Strategic Plan
Purpose
RELIABILITY | ACCOUNTABILITY9
• NERC staff and SC leadership collaboration• A separate document to explain technical basis• Focus on understanding technology and the technical
requirements• No compliance approaches or compliance guidance• Encourage use of NERC Compliance Guidance Policy
Summary of work
RELIABILITY | ACCOUNTABILITY10
• Present to SC for endorsement• Report results at August Standards Oversight and Technology
Committee meeting• Begin implementing for all projects going forward• Consider in periodic reviews whether to remove GTB from
existing standards
Timeline
RELIABILITY | ACCOUNTABILITY11
• Implementation Guidance provides examples of implementing the standard
• Developed by industry• Can be developed by: Standard drafting teams; or Pre-qualified organization
• Supply Chain project was the first drafting team to seek endorsed Implementation Guidance
Implementation Guidance
RELIABILITY | ACCOUNTABILITY12
Standards Balloting andCommenting System (SBS)Enhancement Feature Overview and TrainingChris Larson, Manager of Standards Information 2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY2
• Ability for users to vote, delegate/revoke proxy rights, and join ballots/ballot pools from the “Ballot Events” page
• All references to the term “Survey” will be replaced with the term “Comment Form”
• Ability for users to proceed directly to the “Real-time Comments” page (formerly “Social Survey”) without first having to provide a response
• Ability for users to select members from the Registered Ballot Body (RBB) when creating groups
• Users will no longer be prompted to confirm negative opinions for Non-binding Polls
• The system will save users’ selected sort and/or filter view on all pages instead of reverting back to a default view
2017 Enhancement Features
RELIABILITY | ACCOUNTABILITY3
• The “My Voting Activity” page will be removed and the voting-related functions listed below will be carried out on the “Ballot Events” page Join/withdraw from ballot pools Delegate/revoke proxies Vote for ballots
• New icon/function buttons will be added to the page (screenshots below)
“Ballot Events” Page
A and D – Join and withdraw from ballot poolB – VoteC and E – Delegate and revoke proxy rights
RELIABILITY | ACCOUNTABILITY4
Change of the Term “Survey” to “Comment Form”
• Terms such as “Surveys” and “Take Survey” will be replaced with the terms “Comment Form” and “Submit Comments” for consistency between Standards’ communications/postings and the SBS
RELIABILITY | ACCOUNTABILITY5
“Real-time Comments” Page
• The current term/page “Social Survey” has been renamed “Real-time Comments.” Today, users who try to access this page without first submitting comments receive the following error message:
• Voters, proxies, and contributors will have the ability to provide a thumbs-up (like), thumbs-down (dislike), to other submitters’ comments without having to provide a response themselves.
RELIABILITY | ACCOUNTABILITY6
• When submitting a comment, users will have the ability to select current RBB members when creating groups
• The ability to manually enter/edit group members will remain
RBB Members and Creating Groups
RELIABILITY | ACCOUNTABILITY7
• For non-binding poll ballot types, voters and proxies will not be prompted to comment or declare support for a third-party comment if a negative opinion is cast
Negative Opinions and Confirmationsfor Non-binding Polls
RELIABILITY | ACCOUNTABILITY8
• Any filtered, and/or sorted results, will be retained when navigating between SBS pages
• Once a user logs out of the SBS, the filtered, and/or sorted selection, will revert to a default state
Sort and Filter
RELIABILITY | ACCOUNTABILITY9
• All vote-related functions located on the “Ballot Events” page• The term “Survey” replaced with the term “Comment Form”• Proceed directly to the “Real-time Comments” page without
submitting a comment• Select members from the Registered Ballot Body (RBB) when
creating groups• No confirmation necessary for negative opinions for Non-
binding Polls• Sort and/or filter view on all pages will be retained
2017 Enhancement Features Recap
RELIABILITY | ACCOUNTABILITY10
Standards Information Links
• NERC’s Balloting and Commenting page• SBS Quick Reference Guide• SBS Tutorial• 2017 SBS Enhancement Presentation slides• Administrative Support: [email protected]• NERC IT Support: https://support.nerc.net/• Standard Processes Manual• Appendix 3D – RBB Criteria• SBS Enhancements Webinar
RELIABILITY | ACCOUNTABILITY11
BreakWebinar participants: We will return at 3:15 p.m. Central
Entity Registration Update
Ryan Stewart, NERC Manager of Registration Services2017 Standards and Compliance WorkshopJuly 11, 2017
2 RELIABILITY | ACCOUNTABILITY
Site Overview
3 RELIABILITY | ACCOUNTABILITY
Portal CFR Landing Page
4 RELIABILITY | ACCOUNTABILITY
CFR Landing Page
5 RELIABILITY | ACCOUNTABILITY
CFR Record Dropdown Options
6 RELIABILITY | ACCOUNTABILITY
Portal CFR Detailed View
7 RELIABILITY | ACCOUNTABILITY
Portal CFR Detailed View
8 RELIABILITY | ACCOUNTABILITY
Basic Information
9 RELIABILITY | ACCOUNTABILITY
Basic Information
10 RELIABILITY | ACCOUNTABILITY
View Matrix Snapshot
11 RELIABILITY | ACCOUNTABILITY
Entity Contacts
12 RELIABILITY | ACCOUNTABILITY
Choose Requirements
13 RELIABILITY | ACCOUNTABILITY
Set Responsibilities
14 RELIABILITY | ACCOUNTABILITY
Requirement Notes Modal
15 RELIABILITY | ACCOUNTABILITY
Upload Documents
16 RELIABILITY | ACCOUNTABILITY
Submit CFR
17 RELIABILITY | ACCOUNTABILITY
CRM CFR Landing Page
18 RELIABILITY | ACCOUNTABILITY
Regional CFR Summary View
19 RELIABILITY | ACCOUNTABILITY
CFR Matrix View
20 RELIABILITY | ACCOUNTABILITY
NERC CFR Detailed View
21 RELIABILITY | ACCOUNTABILITY
Reporting
22 RELIABILITY | ACCOUNTABILITY
Downloadable CFR Matrix
23 RELIABILITY | ACCOUNTABILITY
Cyber Security Supply Chain Risk ManagementSoo Jin Kim, NERC Manager of Standards Development2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY2
[the Commission directs] that NERC, pursuant to section 215(d)(5) of the FPA, develop a forward-looking, objective-driven new or modified Reliability Standard to require each affected entity to develop and implement a plan that includes security controls for supply chain management for industrial control system hardware, software, and services associated with bulk electric system operations.
- Order No. 829, July 2016
• Standard(s) must be filed by September 27, 2017
FERC Order No. 829
RELIABILITY | ACCOUNTABILITY3
• First formal comment period January 20 – March 6, 2017
• Second formal comment period May 2 – June 15, 2017
Standards Development Process
Oct 2016 – Mar 2017Tech Conference1st Formal Balloting
May 20172nd Formal Comment
and Balloting
July 2017Final BallotsAugust 2017
NERC Board Adoption
September 2017Deadline for filing
RELIABILITY | ACCOUNTABILITY4
June Ballot Results
Ballots Non-binding Polls
Name Approval Supportive Opinions
CIP-005-6 89.84% 88.53%
CIP-010-3 82.92% 88.02%
CIP-013-1 88.64% 89.57%
RELIABILITY | ACCOUNTABILITY5
• Standard drafting team (SDT) did not make substantive changes to requirements
Clarifications• CIP-013-1 Requirement R1 Part 1.2.4 Disclosure by vendors of known vulnerabilities related to the products or
services provided to the Responsible Entity
• CIP-010-3 Requirement R1 Part 1.6 Prior to a change that deviates from the existing baseline
configuration…verify software identity and integrity. Measure revised to include evidence of automated update process
• Updated CIP-010-3 Guidelines and Technical Basis section
Final Ballot
RELIABILITY | ACCOUNTABILITY6
Common questions addressed by the SDT• CIP-013-1 Requirements to address software verifications and
vendor remote access are not duplicative of CIP-010/CIP-005 Procurement versus Operational
• CIP-005-6 Requirements for vendor remote access do not require session recording
• CIP-010-3 Requirements for software verifications apply to baseline changes only (do not apply to new system installation)
• Software verifications do not need to be repeated for each BES Cyber System
Comment Responses
RELIABILITY | ACCOUNTABILITY7
• Implementation Guidance developed by the SDT has been endorsed by the ERO Enterprise
• Provides examples of approaches for complying with CIP-013-1 Risk-based approach to Cyber Security Supply Chain Risk Management
plans (R1) Processes for planning to procure BES Cyber Systems that identify and
assess cyber security risks from vendor products or services (R1 Part 1.1) Request-for-proposal or negotiation provisions to address topics in R1 Part
1.2.1 – 1.2.6 Processes for periodically reviewing and approving plans (R3)
Implementation Guidance
RELIABILITY | ACCOUNTABILITY8
• Standards will be submitted for the August 10, 2017 NERC Board of Trustees meeting
• FERC Order No. 830 filing deadline is September 27, 2017• After filing, priority shifts to development of a comprehensive
strategy for implementation (pending regulatory approval)
Next Steps
RELIABILITY | ACCOUNTABILITY9
Contact Information
• Refer to the Project 2016-03 page for more information• Email [email protected] to join the email list• Corey Sellers, Southern Company, SDT Chair Email at [email protected]
• JoAnn Murphy, PJM Interconnection, SDT Vice Chair Email at [email protected]
RELIABILITY | ACCOUNTABILITY10
Coordinated Oversight Program for Multi-Region Registered EntitiesKim Israelsson, Manager, Compliance Program Coordination and Process Integration, WECC2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY2
• Program objective and benefits• Inclusion criteria• Participation requests• 2016 participant survey feedback • Program enhancements• Current participation• ERO Enterprise contacts
Agenda
RELIABILITY | ACCOUNTABILITY3
• Focus on risk to reliability, while improving: Efficiencyo Single point of contacto Streamlining processes
Consistencyo Compliance Monitoring and Enforcement Program (CMEP) activitieso Organization Registration and Certification Program (ORCP) activitieso Reporting requirements and tools
Objective
RELIABILITY | ACCOUNTABILITY4
• Lead Regional Entity (LRE) and Affected Regional Entities (ARE) coordinated to provide: Single point of contact for CMEP, ORCP, and other activities Centralized monitoring, enforcement, and reporting
Benefits of Coordinated Oversight for MRREs
RELIABILITY | ACCOUNTABILITY5
• Registered Entity Operates in or owns assets in two or more Regional Entity(ies) jurisdictions Verifies its Primary Compliance Contact (PCC), Authorizing Officer (AO), or
Primary Compliance Officer (PCO) contact information is accurate prior to submitting request for inclusion
Designates a PCC
Criteria for Inclusion in Coordinated Oversight Program
RELIABILITY | ACCOUNTABILITY6
• PCC, AO, or PCO submits initial request to designated NERC or Regional Entity MRRE coordinated oversight contacts
• Requests may include the following information: Registered Entity name(s) NERC Compliance Registry (NCR) Number(s) to be included Applicable Regional Entities Applicable registered functions PCC information for MRRE Description of registered entity(ies) compliance program Description of facilities
Participation Request Process
RELIABILITY | ACCOUNTABILITY7
• Survey sent to 40 MRREs in Coordinated Oversight Program in June 2016 Responses received from all 40 MRREs
• Survey requested feedback on: Implementation and streamlining of activities LRE and ARE coordination Overall satisfaction
• General Comments 97% of MRREs support continued participation 84% of the MRREs believe it fulfills the objectives
2016 Participant Survey
RELIABILITY | ACCOUNTABILITY8
• “The MRRE program has been a welcome enhancement for our compliance efforts.”
• “Overall, it has been a very positive experience for our organization.”
• “The MRRE program has been extremely successful in streamlining processes and more effectively utilizing resources.”
• “Entity’s assessment at this early stage is “so far, so good.” We have no suggestions for improvement at present. The program has been quite beneficial for us.”
Participant Survey – Value Statements
RELIABILITY | ACCOUNTABILITY9
• Inherent Risk Assessments (IRA)• Data systems and portals for data collection Technical Feasibility Exceptions (TFEs) submittals Periodic Data Submittals
• Communication Information about process and what to expect Guidance on changes to registered entity assets and potential impacts on
program participation
Participant Survey – Improvement Opportunities
RELIABILITY | ACCOUNTABILITY10
• 2017 enhancements Developed and publically posted an ERO Enterprise consolidated 2017
Periodic Data Submittal schedule Developed internal, ERO Enterprise procedures to address roles,
responsibilities, and processes Developed ERO Enterprise templates Conducted ERO Enterprise staff training
• Ongoing enhancements TFE submittals Communication and transparency of processes Maintain list of Frequently Asked Questions
• 2017 Participant Survey• 2017 outreach (e.g., Fall industry webinar)
Program Enhancements
RELIABILITY | ACCOUNTABILITY11
MRRE – Regional Breakdown*
MRO 12%
NPCC 1%
RF 16%
SERC 11%
SPP RE 10%
Texas RE44%
WECC 6%
*As of Q1 2017.
RELIABILITY | ACCOUNTABILITY12
MRRE – Distribution by Registered Function
2330
166155
11 6
32
6
39 35 32
140
20
40
60
80
100
120
140
160
180
BA DP GO GOP PA RC RP RSG TO TOP TP TSP
Num
ber o
f Ent
ities
Reg
iste
red
by
Regi
ster
ed F
unct
ion
*As of Q1 2017.
RELIABILITY | ACCOUNTABILITY13
Team Members Contact Information
• Scott Knewasser - FRCC• Sara Patrick - MRO• Stanley Kopman - NPCC• Megan Gambrel - RF• Todd Curl - SERC• Jim Williams – SPP RE• Bill Lewis – Texas RE• Kim Israelsson - WECC• Barb Nutter - NERC
• [email protected]• [email protected]• [email protected]• [email protected]• [email protected]• [email protected]• [email protected]• [email protected]• [email protected]
Designated NERC/Regional Entity MRRE Coordinated Oversight Contacts
For questions, please contact a designated NERC/Regional Entity MRRE contact for assistance
RELIABILITY | ACCOUNTABILITY14
Inherent Risk Assessments
Kiel Lyons, Manager, Grid Planning and Operations Assurance2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY2
Risk-based CMEP
RELIABILITY | ACCOUNTABILITY3
• Inherent Risk Assessment (IRA) process end goal is entity-specific Compliance Oversight Plans (COPs) Functions performed Assets owned or operated Location
• 18 common Electric Reliability Organization (ERO) risk factors and criteria Common criteria established, with regional flexibility provided
• Other considerations Entity performance data (e.g., misoperations, event analysis) Compliance history Knowledge of the entity (e.g., internal controls) Risk Elements
What is an IRA?
RELIABILITY | ACCOUNTABILITY4
• How considerations impact monitoring of inherent risk• Development of Compliance Oversight Plans (COPs) Reliability Standards and requirements for compliance monitoring Compliance monitoring tools (i.e., CMEP Tools) Interval of compliance monitoring
Output of IRA
RELIABILITY | ACCOUNTABILITY5
• Guide for Compliance Monitoring http://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/ERO%20Enterprise%2
0Guide%20for%20Compliance%20Monitoring.pdf
Resources
RELIABILITY | ACCOUNTABILITY6
Compliance Guidance
Kiel Lyons, Manager, Grid Planning and Operations Assurance2017 Standards and Compliance WorkshopJuly 11, 2017
RELIABILITY | ACCOUNTABILITY8
• Compliance Guidance Policy• Types of Guidance• Pre-Qualified Organizations• Endorsement Process• Current Guidance• Website• Resources• Key Take-Aways
Overview
RELIABILITY | ACCOUNTABILITY9
Principles• Cannot change scope of Reliability Standard• May be developed concurrently with Reliability Standard• Should not conflict• Should be developed collaboratively• Not only way to comply• Additional Considerations: Finite and limited set Related guidance in one location Consider revising standard Apply professional judgment Feedback loops
Compliance Guidance Policy
RELIABILITY | ACCOUNTABILITY10
Compliance Guidance
Implementation Guidance
CMEP Practice Guides
Types of Guidance
RELIABILITY | ACCOUNTABILITY11
Implementation Guidance• Developed by industry, for industry• Examples or approaches One of several possible approaches
• Developed by: Standard Drafting Team (SDT)o Vetted by industry
Pre-Qualified Organizationo Endorsed by ERO Enterprise, with deference
Types of Guidance
RELIABILITY | ACCOUNTABILITY12
• CMEP Practice Guides Developed by ERO Enterprise, but may be initiated through a policy
discussion with industry Address how CMEP staff executes CMEP activitieso Possible considerations include the discretion to be applied, auditing practices,
risk assessment techniques, policies, and areas of focuso Not approaches to comply with standards
Uniform approaches that foster consistency across the ERO Enterprise Publically posted for transparency Apply professional judgment when evaluating methods or approaches not
identified in guidance
Types of Guidance
RELIABILITY | ACCOUNTABILITY13
CMEP Practice Guides• Developed by ERO Enterprise, for ERO Enterprise May be initiated through industry discussions Publically posted
• ERO Enterprise CMEP staff approach Fosters consistency Possible considerations include the discretion to be applied, auditing
practices, risk assessment techniques, policies, and areas of focus
Types of Guidance
RELIABILITY | ACCOUNTABILITY14
Approved by Compliance and Certification Committee (CCC) • The organization must: Be actively involved in NERC operations Have methods to assure technical rigor Possess ability to vet content
Pre-Qualified Organizations
RELIABILITY | ACCOUNTABILITY15
Applicant applies with
the CCC
CCC Reviews Application
CCC notifies the applicant of approval
Applicant is added to Pre-
Qualified Organization
List
Pre-Qualified Organizations
Pre-Qualified Organization Application Process
RELIABILITY | ACCOUNTABILITY16
• Standard Drafting Team (SDT) Identifies examples Reviews existing guidance
• Examples vetted by industry• Decision to submit for ERO Enterprise endorsement made by: Project Management and Oversight Subcommittee (PMOS) liaison and NERC Standards Developer submit for ERO Enterprise endorsement
• May not submit guidance after standard is approved Must be submitted by Pre-Qualified Organization
Pre-Qualified Organizations
RELIABILITY | ACCOUNTABILITY17
Endorsement of Implementation Guidance• Pre-Qualified Organization or SDT submit proposed guidance Email to [email protected] Include Implementation Guidance Submittal Form
• NERC Acknowledges receipt Posts proposed guidance Distributes to ERO SME
• ERO endorses or declines to endorse• Publicly posted Non-Endorsed noted in spreadsheet
Endorsement Process
RELIABILITY | ACCOUNTABILITY18
• Implementation Guidance Under Development/Consideration CEIWG - Voice Communications in a CIP Environment (VOIP in Control
Centers) CEIWG - Shared Facilities (CIP) CEIWG - NRC Employee Access and CIP-004 Personnel Risk Assessment NATF - TPL-001-5 NATF - CIP-010-2 Transient Cyber Assets NATF - CIP-014-2, R4 and R5 NEI - PRC-024-2, R1, R2, and R3 WICF - CIP-010-5 R1 Part 1.1.4 - Netstat baseline for Ports and Services WICF - MOD-025/MOD-026 - Manufacture curve/data is not available
Current Guidance
RELIABILITY | ACCOUNTABILITY19
Website
RELIABILITY | ACCOUNTABILITY20
Website
RELIABILITY | ACCOUNTABILITY21
Website
RELIABILITY | ACCOUNTABILITY22
Website
RELIABILITY | ACCOUNTABILITY23
• Compliance Guidance web page http://www.nerc.com/pa/comp/guidance/Pages/default.aspx
• Compliance Guidance Policy http://www.nerc.com/pa/comp/Resources/ResourcesDL/Compliance_Guidance_Policy_FINA
L_Board_Accepted_Nov_5_2015.pdf
• How to Submit Proposed Guidance http://www.nerc.com/pa/comp/guidance/Documents/Pre-
qualified_org_submittal_with_form.pdf
Resources
RELIABILITY | ACCOUNTABILITY24
• Pre-Qualified Organization list http://www.nerc.com/pa/comp/guidance/Documents/Pre-qualified%20organizations.pdf
• Procedure to Become a Pre-qualified Organization http://www.nerc.com/comm/CCC/Related%20Files%202013/Final%20CCCPP-
011_May_BOTCC_updated.pdf
• Pre-Qualified Organization Application http://www.nerc.com/pa/comp/guidance/Documents/Application_Pre-
Qualified_Organization.pdf
Resources
RELIABILITY | ACCOUNTABILITY25
• Implementation Guidance is one approach an entity may take to meet its obligations Are developed and vetted by industry Are endorsed/not endorsed by the ERO Enterprise
• CMEP Practices Guides Developed by, and for the ERO Enterprise
• Industry Webinar held May 31, 2017 https://cc.readytalk.com/cc/playback/Playback.do?id=2iu36n
• Lessons Learned Reference Sheet under development Industry will be notified when available
Key Takeaways
RELIABILITY | ACCOUNTABILITY26
RELIABILITY | ACCOUNTABILITY1