While we were pleased that no compliance issues were identified during the audit, it was gratifying to know that our RBAM, CIP procedures, and CANs met expectations. We’ve come to rely on Certrec for their regulatory guidance. ~ J.S. Vice President
Ft. Worth, TX (PRWEB) September 26, 2011
Certrec, a leading regulatory and compliance solutions provider, announced today that a southwest generation owner/operator and Certrec customer experienced a successful NERC CIP and Standards audit with no compliance deficiencies identified.
“NERC pre-audit assessments allow generator operators and owners to understand the potential for violating a compliance requirement and the risk of such violations,” says Bob Biggs, Certrec’s Manager of NERC Regulatory Services. “Readiness assessments can estimate the probability of violation, likely type of violation and expected severity to determine the enterprise-wide risk of noncompliance.”
To ready itself for a Regional Entity audit of both its Cyber Security (CIP) program and applicable NERC Generator Owner and Operator Standards and Requirements, a leading provider of renewable energy enlisted Certrec’s Office of NERC Compliance experts to:
- Conduct a gap analysis in preparation for an upcoming audit
- Ensure the RBAM (Risk Based Assessment Methodology) update met current regulatory expectations
- Identify areas for improvement and potential regulatory vulnerabilities
- Develop any NERC self-reports and supporting mitigation plans
- Update all compliance procedures and policies to ensure that NERC Compliance Application Notices (CANs) and industry lessons learned have been incorporated and that any organizational specifics are addressed
- Prepare all Reliability Standard Audit Worksheets (RSAWs) and catalog all supporting information
- Transmit pre-audit information (RSAWs, evidence, pre-audit surveys, and compliance program description) to the Regional Entity
- Prepare responses to Regional Entity Requests for Information (RFI) prior to and during the audit
“Understanding the metrics against which a regulatory compliance program will be held and having a common language for communicating about the existing and desired state is critical,” says Certrec President, Ted Enos. “By having this foundation, the Regional Entities were provided with necessary Cyber Security (CIP) and Generator Owner and Operator Standards, Requirements, and documentation by our client.”
Success! No Compliance Issues Identified
“Additionally,” continues Enos, “Certrec was able to directly support the management onsite in response to regulator requests during the audit. From our twenty plus years of experience handling audits and auditors, we were able to quickly prepare our client so that information was easy to articulate during the audit and appropriate to the request – providing the precise level of detail needed. Our client was pleased with the level of support Certrec provided and excited that no compliance issues were identified.”
The Office of NERC Compliance (ONC) is the utility industry’s first, comprehensive NERC compliance, audit, and monitoring solution for Registered Entities. Certrec’s Office of NERC Compliance (ONC) helps compliance managers to manage the impact of the NERC regulatory process, manage communication with multiple regulators, and maintain NERC compliance.
Founded in 1988, CERTREC is a regulatory and compliance solutions provider that helps utilities manage the NRC, FERC, and NERC regulatory process to their advantage. With more than 250 cumulative years of regulatory and industry experience, Certrec’s licensing and compliance solutions, performance improvement, and technical services solutions help professionals better manage the risks of the regulatory and compliance process.