Compliance and Certification Committee - NERC Highlights and Minutes 2013/CCC... · successful...

Agenda Compliance and Certification Committee December 2, 2015 | 1:00 p.m. - 5:00 p.m. ET December 3, 2015 | 8:00 a.m. - Noon ET NERC Corporate Office 3353 Peachtree Rd NE, Suite 600 North Tower Atlanta, GA 30326 Introductions and Chair’s Remarks NERC Senior Management Remarks – Val Agnew NERC Antitrust Compliance Guidelines and Public Announcement Agenda Items

1. Administrative – Secretary and Patti Metro

a. Compliance and Certification Committee (CCC) Roster [LINK]

2. Committee Business

a. Consent Agenda

i. Meeting Agenda (Approve)

ii. CCC September 2015 Meeting Minutes* – (Approve) Patti Metro [LINK]

b. Review of CCC action items * – Jennifer Flandermeyer

c. 2016 Nominating Subcommittee – Patti Metro

d. NERC Board Enterprise-wide Risk Committee report – Patti Metro

e. NERC Board and MRC Update from November 2015 meetings (Information only)*– Jennifer Flandermeyer

f. 2016 Work Plan Update and Next Steps - Jennifer Flandermeyer

g. Status and schedule update for upcoming independent NERC CMEP and ORCP Audit* – Matt Gibbons

3. Reliability Issues Steering Committee (RISC) Update * – Terry Bilke

4. Compliance Guidance Update and CCC Role* – Patti Metro and Steven Noess

5. Subcommittee Updates

http://www.nerc.com/comm/CCC/Documents/CCC%202015%20Roster_02_12_15.pdf

http://www.nerc.com/comm/CCC/Agenda%20Highlights%20and%20Minutes%202013/DRAFT_CCC%20Minutes%20March%202015.pdf

a. Nominating Subcommittee * – Helen Nalley

i. CCC Sector openings

b. ERO Monitoring Subcommittee (EROMS) – Ted Hobson

i. 2014 Stakeholders Perception Survey Conclusion

ii. 2015 Stakeholder Perception Survey and Next Steps

iii. 2015 Self-certifications

c. Compliance Processes and Procedures Subcommittee (CPPS)* – Matt Goldberg

i. CCCPP-010 updates and Risk-Based CMEP implementation progress

ii. Quality Review

iii. RSAW coordination

d. Organization Registration and Certification Subcommittee (ORCS) – Keith Comeaux

i. Risk Based Registration (RBR) update

ii. Organization Certification update

iii. ORC Project with Organization Registration and Certification Group

6. NERC Staff Reports Including Status of CCC Work Plan Deliverables

a. Risk-based Compliance Monitoring and Enforcement (CMEP) – Steven Noess

i. Risk-based CMEP update

ii. Compliance Assurance Organization Update

iii. FERC Order on Risk-based CMEP

b. Hearing Process Updates – Ed Kichline

c. Future Outreach events Update – Marisa Hecht

i. Fall 2015 Standards & Compliance Workshop Debrief

ii. 2016 Plans for Industry Outreach

d. Enforcement Update – Ed Kichline and Teri Stasko

e. Transmission Company Registration Update – Terry Brinker

f. LSE Removal Funding Impact* – Terry Brinker

7. Member Round Table – Patti Metro

8. Review of Action Items – Jennifer Flandermeyer

Compliance and Certification Committee Agenda | December 2-3, 2015 2

9. Future Meeting Dates

a. March 1-2, 2016: Atlanta, GA (NERC)

b. June 15-16, 2016: Folsom, CA (CAISO offices)

c. September 14-15, 2016: TBD – located with other standing committees

d. November 29-30, 2016: Arlington, VA (NRECA offices)

10. Adjourn

*Background materials provided

Compliance and Certification Committee Agenda | December 2-3, 2015 3

# Date Responsible Parties Due Date Status Comments and Next Steps1 Sep-14 Data Retention Project:

o CPPS will communicate with the Standards Committee to provide information on the results and recommendations. CPPS will report on the status at the December meeting.o Adina Mineo will communicate all recommendations to appropriate parties

Hect / Stewart Jun-16 Open Compliance and Audit specific have been added to the manual. Balance with Standards group and in progress.

2 Mar-15 Scheduling a hearing training for the new members. Metro / Stasko Jun-16 Open3 Jun-15 Follow up on process with NERC staff on how to file a complaint with the CCC beyond the procedural documents. Metro / Berardesco Mar-16 Open Anonymous nature consideration.

4 Jun-15 Follow up on Ballot Pool Clean up Process with Standards Development Group. Stewart Mar-16 Open5 Jun-15 Follow up on participation of CCC on Quality Reviews with Standards Development Group. Cavote / CPPS Mar-16 Open CCC participation and Translation issues6 Jun-15 Follow up on NERC funding to LSE reference in RoP section 1106 and will report back at September meeting. Brinker Dec-15 Closed7 Jun-15 Follow up with NERC and the Regions to see if the action to resolve the potential registration issue related to Transmission

development.Brinker Dec-15 Closed Note to reference TRE process / Lumped into ORC Emerging Issues.

8 Sep-15 EROMS will follow up with Kristin Iwanechko on distribution list on ERO Stakeholder Survey for Canadian Entities Hobson / Iwanechko Mar-16 Open Canadian Entities do not have a PCC so they do not receive the survey.

9 Sep-15 Create and maintain a workplan responsibility and status update report as part of the agenda package Flandermeyer / Hect Mar-16 Open Ensure status updates are captured and common understanding of responsibility 10 Dec-15 Review the existing hearing procedures and evaluate if changes are required based on NERC's revised hearing procedures

for the ERO. Smith / Metro / Flandermeyer Jun-16 Open

11 Dec-1512 Dec-1513 Dec-15

CCC Action Item List - As of December 2015

Agenda Item 2e Compliance and Certification Committee

December 2-3, 2015

Report of November 2015 Member Representatives Committee (MRC) and Board of Trustee (BOT)

Meetings

Information For informational purposes only Background These notes are provided by CCC attendees at the aforementioned meetings. The notes are not provided to accurately represent all agenda topics in full. The North American Electric Reliability Corporation (NERC) Members Representative Committee (MRC) and Board of Trustees (BOT) convened their quarterly meetings on November 4-5, 2015. The following are the most significant highlights from those meetings. NERC’s E-ISAC Chairman Member Executive Committee Report Mr. Spence believes we can have the leading ISAC in the country. After finishing a very successful 2015, the priorities accomplished were 1) Identifying what we could be doing better, 2) Understanding how stakeholders how were using ES-ISAC information, and 3) Finding ways to be the best ISAC. Looking forward, the priorities for next 6 months will be focused on the following activities: Increasing participation and trust, developing a manual on how and what information should be shared, ensuring information is protected, develop rules for crisis information sharing and developing machine-to-machine information sharing (CRISP). NERC’s President Report NERC’s CEO remarks focused on the 50th anniversary of one of the first major blackouts in the country and the substantive progress that has been made in preparedness and coordination. Among other things, NERC has developed playbooks for potential crises. There was a focused discussion on the upcoming annual Grid Exercises. The GridEx III event is an opportunity to demonstrate our resiliency as an industry and our robust focus on preparation. Mr. Cauley then reflected on internal controls and that we have a way to go on evaluation of internal controls. The ultimate goal for the ERO is to leave an engagement with confidence that the Registered Entity has its obligations covered and is taking actions in finding and fixing small things before they become bigger. Risk Based Registration The presentations reviewed the successes from the first phase of Risk-Based Registration. Phase I developed the design framework for risk-based registration, proposed to eliminate Interchange Authority (IA), Purchasing-Selling Entity (PSE) and Load Serving Entity (LSE) functional

entities from NERC’s registry, modified the Distribution Provider (DP) functional entity thresholds, and established the NERC-led review panel. The focus of phase II was for exploration of options to properly align compliance obligations for Generator Owners (GOs), Generator Operators (GOPs), Transmission Owners (TOs), and Transmission Operators (TOPs). NERC used the phase I collaborative process to explore submissions from registered entities to identify consistent groups of low risk GOs/GOPs and TOs/TOPs, and pre-identified Reliability Standards that may be low risk for TO/TOP and GO/GOP entities. Based on the results of these efforts, a group or groups of lower risk GOs, GOPs, TOs or TOPs with consistent characteristics that would qualify for a reduced set of compliance obligations were not identified. The results of this work were vetted with both the Task Force and RBRAG. As a final step to identify potential groups, NERC staff analyzed event and compliance data for GOs, GOPs, TOs and TOPs. Based on this analysis, NERC identified a limited set of entities that may be eligible for review by the NERC-led panel, but did not identify any sizable lower-risk groups of GOs/GOPs or TOs/TOPs with similar characteristics that supports an alternative set of compliance obligations. Going forward, individual entities can use the NERC-led panel to seek a reduced set of compliance obligations. NERC and this panel will monitor requests to identify any trends and experiences that support the development of groups of lower-risk entities. Compliance Guidance Policy The Compliance Guidance Policy Team completed their work on the process to produce compliance guidance prospectively under the construct of the ERO and existing associated protocols. In the Compliance Guidance Policy, the Team recommends the development of the following:

• Implementation Guidance which would provide examples for implementing a standard.

• CMEP Practice Guides which would provide direction to ERO Enterprise CMEP staff on approaches to carry out compliance and enforcement activities.

Implementation Guidance is developed by industry and vetted through pre-qualified organizations, as identified in the policy. Vetted examples can then be submitted to the ERO Enterprise for endorsement, and if endorsed, the ERO Enterprise would give the example deference during CMEP activities with consideration of facts and circumstances. Implementation Guidance would not prescribe the only approach to implementing a standard and entities may choose alternative approaches that better fit their situation. CMEP Practice Guides are developed solely by the ERO Enterprise to reflect the independent, objective professional judgment of ERO Enterprise CMEP staff, and, at times, may be initiated following policy discussions with industry stakeholders. Following development, they are posted for transparency on the NERC website. The team also made the following recommendations in addition to the development of Implementation Guidance and CMEP Practice Guides, as described in the policy:

• The Compliance & Certification Committee (CCC) will lead, with Standards Committee (SC) support, a joint review of existing documents to submit for ERO Enterprise endorsement;

• An SC review of Section 11 of the Standard Processes Manual to determine whether revisions should be considered;

• The CCC and SC, with ERO Enterprise CMEP staff, conduct a joint review of measures and Reliability Standard Audit Worksheets;

• Developing a CMEP Practice Guide on providing deference to endorsed Implementation Guidance; and

• Developing a “one-stop shop” on the NERC website. ERO Enterprise Strategic Planning The Strategic Planning discussion focused on the RISC priorities and 2015 Reliability Leadership Summit results. The annual report is the culmination of the leadership summit and focused outreach efforts. RISC recommendations included in the report include: interdependent and evolving business models, long-term reliability impacts from the changing resource mix, building on the Essential Reliability Services framework, continued maturation of the E-ISAC, Planning and modeling data effectiveness, communication sharing mechanisms across types of entities, and leverage industry practice sharing groups to enhance resiliency and reliability. To summarize the changes to the strategic planning process and current documents:

• MRC policy input on the rolling three-year strategic plan was requested earlier in the year. This input, along with the results from the 2014 ERO Enterprise Effectiveness Survey, was considered during the development of the revisions to the 2016–2019 strategic plan and 2016 metrics.

• The ERO Enterprise Strategic Plan 2016–2019 is a result of refinements to the 2015–2018 plan. Most notably, goal 2 and goal 3 were combined to address risk-based registration, organization certification, compliance monitoring, and enforcement. A new goal 4 was created to address emerging risks and essential reliability services.

• The 2015 ERO Enterprise and Corporate Metrics was updated; the four overarching metrics remain unchanged, while the measurements, sub-metrics, thresholds, and targets have been adjusted for 2016. There is continued emphasis on physical and cyber security, model building, misoperations, and equipment performance. The metrics associated with right-of-way clearances are not included in the 2016 metrics as this risk has been satisfactorily addressed in 2015.

The ERO Enterprise Longer-term Strategic Planning considerations are captured separately and summarize strategic visions beyond the horizon of the three-year Strategic Plan. This document is based on numerous inputs, including those from the Reliability Leadership Summit, the RISC’s 2015 ERO Reliability Risk Priorities: RISC Recommendations, the ERO EMG, and the Member Representatives Committee (MRC). Initially drafted by the ERO EMG in late 2014, this document has been updated and refined, continuing to examine significant emerging trends in addition to identifying issues in reliability assessments, recovery and restoration, and situational assessments and system control. FERC Request for Access to NERC Databases There was substantial discussion on the proposed rulemaking allowing FERC access to NERC databases. Chairman Gorbet noted that under NERC’s risk-based model that the ERO should be more than just standards and compliance. This responsibility includes looking for emerging risks, using data to make informed decisions, to identify ways for industry to be proactive. Concern was expressed by numerous meeting participants including the Chair and CEO that the ERO working collaboratively with industry has garnered a lot of trust between the regulators and the industry over the past five years. There is concern that allowing access to NERC’s database may be a step back. This could have unintended consequences making it more difficult to get other data in the future.

Mr. Cauley noted NERC’s primary job is reliability and that this is best achieved if there is trust. The current structure allows NERC and the Industry to work together on issues and be open to proactively solve problems or manage emerging risks. Commissioner LaFleur referenced the NOPR on FERC’s access to NERC’s databases in reference. The reason the Commission issues NOPRs is to encourage items such as this one to be discussed. She urges entities with concerns to file comments that clearly outline the concerns and alternatives. Board Actions All items for Board approvals, adoptions or endorsement were passed affirmatively and unanimously.

Matt Gibbons, Manager of Internal Audit and Corporate Risk ManagementCompliance and Certification Committee MeetingDecember 2-3, 2015

Status of the CCC CMEP/ORCP Audits as Of December 2015

Matt Gibbons, Manager of Internal Audit and Corporate Risk ManagementCompliance and Certification Committee MeetingDecember 2-3, 2015

Agenda Item 2gStatus and Schedule Update for the Upcoming Independent NERC CMEP and ORCP Audit

RELIABILITY | ACCOUNTABILITY3

Audit Objective: • Ensure NERC’s compliance with Compliance Monitoring and Enforcement

Program (CMEP) and Organizational Registration and Certification Program (ORCP)

Audit Scope:• CMEP and ORCP activities for the time period of 2013-2015

Audit Team:• Independent Auditor (serves as audit team lead)• CCC Observers• NERC Internal Audit

Audit Timing:• Audit commencement – March 2, 2016• Audit completion – April 15, 2016

NERC CMEP and ORCP Audit


Audit Roles and Responsibilities

CCC• Steering

Committee

•Observer

•Tester of selected areas

Independent Auditor• Finalize scope

•Conduct audit

•Report on findings

• Status and budget reporting

NERC Internal Audit•Coordination

•Communication

•Collaboration

NERC Staff•Provide

requested information

•Remediate audit findings


2013-2015 CMEP and ORCP Audit

Completed Activities:

• CCC audit observers selected

• Auditor training for CCC observers

• Selection of independent auditor

• Scheduled dates for audit fieldwork


2013-2015 CMEP and ORCP Audit

Timing:

• Planning activities – Ongoing

• Kickoff meeting in January

• Interviews set in Atlanta and DC office the first two weeks of March

• Audit report to be issued second or third quarter of 2016

Agenda Item 3 NERC CCC December 2, 2015

Reliability Issues Steering Committee Report

Action None Background The Reliability Issues Steering Committee (RISC) hosted its annual Reliability Leadership Summit in Washington, DC on August 25, 2015. The panels addressed the following topics: 1. Changing Nature of Reliability 2. Changing Nature of the Grid 3. Cyber and Physical Security A final panel was held that summarized the findings of all panels, and identified additional high level strategic challenges. Following the Summit, the RISC completed its report on the ERO Reliability Risk Priorities, accompanied by a supplement that included the 2015 Risk Profiles. The reports can be found at: http://www.nerc.com/comm/RISC/Pages/Related-Files.aspx

Together, these documents enhanced the Risk Profiles drafted in 2014, and provide recommendations influencing the ERO Enterprise’s: 1) 2016-2019 ERO Strategic Plan, 2) Longer term Strategic Planning Considerations, 3) ERO Enterprise and Corporate Metrics for 2016 and, 4) 2017 Business Plan and Budget. RISC has opened a nomination period for new members and to nominate a new Chair. Nominations are due on or before December 16, 2015. The RISC Nominating Committee will meet in early January to review candidates.

At the November 4, 2015 NERC Board of Trustees Compliance Committee (BOTCC) meeting, Terry Bilke and Sonia Mendonca presented the final results of the RISC request of the CCC on using compliance metrics to reduce reliability risk. The report and presentation can be found in the BOTCC meeting materials. Refer to Agenda Item 5 in the BOTCC materials.

http://www.nerc.com/comm/RISC/Pages/Related-Files.aspx

http://www.nerc.com/gov/bot/BOTCC/Compliance%20Committee%202013/Compliance%20Committee%20Open%20Agenda%20Package%20-%20November%204%202015.pdf

http://www.nerc.com/gov/bot/BOTCC/Compliance%20Committee%202013/CC_Open_Nov_4_15_Presentations.pdf

.. ompliance Gul ance Policy

October 21, 2015

Table of Contents

Executive Summary ................................................................................................................................................... iii

lntroduction ............................................................................................................................................................... iv

Purpose .................................................................................................................................................................. iv

Principles for Compliance Guidance ...................................................................................................................... iv

Implementation Guidance .......................................................................................................................................... l

Purpose ................................................................................................................................................................... l

Description .............................................................................................................................................................. 1

Development .......................................................................................................................................................... 1

Recommendations for Existing Documents ............................................................................................................ 2

CMEP Practice Guides ............................................................................................................................................... .4

Purpose .................................................................................................................................................................. .4

Description ............................................................................................................................................................. .4

Development ......................................................................................................................................................... .4

One-Stop Shop for All Standards Related Information .............................................................................................. 5

Conclusion .................................................................................................................................................................. 6

Appendix A- Members Representatives Committee Compliance Guidance Team Mandate, June 2015 ................ .7

Appendix B- Pre-Qualified Organizations for Submitting Implementation Guidance ............................................ 10

NERC I Compliance Guidance Policy I October 21, 2015 ii

Executive Summary

A key factor in the success of compliance monitoring and enforcement of mandatory standards rests on a common understanding between industry and Regional Entities and NERC (ERO Enterprise) Compliance Monitoring and Enforcement Program (CMEP) staff on how compliance can be achieved and demonstrated. For many of NERC's Reliability Standards (standards), this is straightforward. For others, it remains a concern.

In May 2015, a Compliance Guidance Team (Team) was formed by the Member Representatives Committee (MRC), with support from the NERC Board of Trustees (Board), to consider approaches useful in providing guidance for implementing standards, and develop a policy proposal for the purpose, development, use, and maintenance of this guidance.

The Team identified two purposes for guidance: (1) to assist registered entities with the implementation of standards and (2) for the ERO Enterprise to provide direction to ERO Enterprise CMEP staff. The Team also established a set of principles for the development of guidance and is recommending the development of the following:

• Implementation Guidance

• CMEP Practice Guides

Implementation Guidance provides a means for registered entities to develop examples or approaches to illustrate how registered entities could comply with a standard' that are vetted by industry and endorsed by the ERO Enterprise. The examples provided in the Implementation Guidance are not exclusive, as there are likely other methods for implementing a standard. The ERO Enterprise's endorsement of an example means the ERO Enterprise CMEP staff will give these examples deference when conducting compliance monitoring activities. Registered entities can rely upon the example and be reasonably assured that compliance requirements will be met with the understanding that compliance determinations depend on facts, circumstances, and system configurations.

CMEP Practice Guides differ from Implementation Guidance in that they address how ERO Enterprise CMEP staff executes compliance monitoring and enforcement activities, rather than examples of how to implement the standard. They are developed and maintained by the ERO Enterprise, although in some cases, the ERO will hold policy discussions with industry stakeholders. CMEP Practice Guides will be posted on the NERC website for transparency.

In order to ensure that all Implementation Guidance and other information related to a standard are easily accessible, the Team is proposing a "one-stop shop" on the NERC website where all guidance and information on a particular standard would be located.

The Team believes the proposed policy will bring multiple benefits to industry, including the development of Implementation Guidance by registered entities, a simple process for sharing endorsed implementation methods, collaboration with other registered entities and the ERO Enterprise, and transparency of Implementation Guidance and CMEP Practice Guides.

1 Although the term standard is used, Implementation Guidance could also apply to a specific requirement or requirements within the standard.

NERC I Compliance Guidance Policy I October 21, 2015 iii

Introduction

Purpose A key factor in the success of compliance monitoring and enforcement of mandatory standards rests on a common understanding between industry and ERO Enterprise CMEP staff on how compliance can be achieved and demonstrated. For many standards, this is straightforward. For others, it remains a concern. Moreover, some standards are written deliberately to enable a variety of approaches to compliance as the nature of the desired end-state does not lend itself to singular or clear cut solutions given the range of system configurations and potential responses to achieving the reliability goal.

Since the inception of NERC's CMEP, the ERO Enterprise and registered entities have strived to bring clarity and certainty to all parties through a variety of means, some more successful than others. The starting point for understanding the standard is the plain language of the standard and all of the supporting materials developed in the process leading to the approval of the standard (i.e., technical papers, webinars with drafting team members, FAQs, and Reliability Standard Audit Worksheets (RSAWs)). To the extent that the accompanying documentation answered all participants' questions, nothing further was needed. However, disputes have arisen about the meaning of the words in some standards, leading to requests for clarification or revisions to the standard. To help fill the gap, the ERO has issued a number of supplementary documents over time, including Compliance Application Notices (CANs) and Compliance Application Reports (CARs). However, at times, these documents were perceived by some in industry to change the scope of the standard or provide interpretations to audit staff in areas of ambiguity.

More recently, with the addition of more results-based standards, which inherently allow for greater flexibility by entities in responding to standards and requirements, industry has stepped up with informal best practice guides and other work products to address compliance uncertainty. These range from "good ideas" from one or a few entities, to full-blown collaborative development of guides based on the work of committees of experts under the sponsorship of an organized group, e.g., the North American Transmission Forum (NATF). The role and status of these efforts have been unclear in relation to meeting compliance with standards and CMEP practices.

Also, with the controversy surrounding guidance memorandums issued in relation to CIP Version 5, which were later withdrawn, the ERO proposed developing a policy on compliance guidance to bring order and clarity to these disparate elements. Under the sponsorship of the MRC with support from the Board, the Team was formed and charged with bringing a policy paper to the Board of Trustees by its November 2015 meeting regarding the purpose, development, use, and maintenance of compliance guidance. The mandate for the Team, including its members, is included in Appendix A.

Given the above, the Team focused on how to reduce controversial approaches and provide the industry and the ERO Enterprise with additional clarity on implementing standards.

Principles for Compliance Guidance As a starting point, the Team considered and built upon the principles provided in the April 2, 2015 MRC Informational Session agenda package', and established the following principles:

• Guidance documents cannot change the scope or purpose of the requirements of a standard.

• The contents of guidance are not the only way to comply with a standard.

2 http:l/www.nerc.com/gov/bot/MRC/Agenda%20Highlights%20nad%20Minutes%202013/MRC Info Session Agenda Pkg 042015.pdf (see Agenda Item 4d)

NERC I Compliance Guidance Policy I October 21, 2015 iv

Introduction

• Compliance expectations should be made as clear as possible through the standards development process which should minimize the need for guidance after final ballot approval of a standard.

• Forms of guidance should not conflict.

• Guidance should be developed collaboratively and posted on the NERC website for transparency.

Furthermore, the Team agreed upon the following:

• There should be a finite and limited set of guidance tools that are well understood and are organized to facilitate the use and implementation of the guidance.

• All forms of guidance related to the same standard should be coordinated and collected in one location.

• To the extent that guidance does not address all of the issues that arise, consideration should be given to revising the standard in question.

• NERC and the Regional Entities will exercise professional judgement' in an objective manner when evaluating all methods or approaches to comply with a standard and maintain processes to ensure its independence with regards to the development of guidance by registered entities.

• As guidance cannot expand the scope or purpose of a standard, there are other methods outside the CMEP process (i.e., feedback loops to the Standards Committee and NERC standards department, discussions with the entity) for addressing risks that are not subject to the standard.

·Based on the above principles, the Team identified two purposes for guidance: (1) to assist registered entities with the implementation of standards and (2) for the ERO Enterprise to provide direction to its CMEP staff, and is recommending the development of the following:

• Implementation Guidance

• CMEP Practice Guides

Implementation Guidance provides examples for implementing a standard, while CMEP Practice Guides provide direction to ERO Enterprise CMEP staff on executing compliance and enforcement activities.

3 For example, ERO Enterprise CMEP staff playing a role in determining whether there was any non-compliance with a standard may have prior experience with the subject matter and specific ways in which compliance was achieved. The ERO Enterprise should have practices which prevent bias, preserve objectivity, in final determinations of scope or compliance within its CMEP activities.

NERC ! Compliance Guidance Policy I October 21, 2015 v

Implementation Guidance

Purpose Implementation Guidance provides a means for registered entities to develop examples or approaches for ERO Enterprise endorsement to illustrate how registered entities could comply with a standard.

Description Implementation Guidance is defined as "providing examples or approaches within the range of compliance solutions developed in a transparent and collaborative manner for registered entities to comply with standard requirements. Additionally, documents considered to be Implementation Guidance have gone through a vetting process and are endorsed by the ERO Enterprise."'

Implementation Guidance does not prescribe the only approach, but is intended to highlight one or more approaches that would be effective ways to be compliant with the standard. As Implementation Guidance is only meant to provide examples, entities may choose alternative approaches that better fit their situation.

The ERO Enterprise's endorsement means that the ERO Enterprise recognizes the guidance as appropriate for deference during CMEP activities. Deference means that registered entities can rely on the guidance and be reasonably assured that compliance requirements will be met with the understanding that compliance determinations depend on facts, circumstances and system configurations which vary across the interconnections. The ERO Enterprise must respectfully consider applicable guidance in compliance determinations. In the instance that a registered entity, in good faith, relied on guidance, but was found noncompliant with the applicable requirements, the reliance on the guidance will be considered as a significant mitigating factor in any enforcement action by the ERO Enterprise.' ERO Enterprise CMEP staff will be informed of Implementation Guidance and ERO Enterprise will direct CMEP staff to consider such guidance as a method to achieve compliance in any applicable compliance determinations. As a registered entity may use other approaches to comply with a standard, ERO Enterprise CMEP staff will be objective when assessing other compliance solutions.

This policy is not intended to apply to operating and reliability guidelines developed by the NERC technical committees (Operating Committee (OC)/Pianning Committee (PC)/Critical Infrastructure Protection Committee (CIPC)) outside of Section 11 of the Standard Processes Manual (SPM), unless the operating or reliability guidelines provide examples of how to comply with a standard, in which case the examples must be submitted for endorsement if the technical committee would like them to receive deference.

Development Implementation Guidance can be initiated and vetted in two different ways:

1. During standards development,' the drafting team may identify example(s) of how to comply with a standard'

a. Example(s) posted for industry comment for vetting

4 Implementation Guidance does not conflict with the interpretation process, as the interpretation process is not intended to address compliance approaches. The Standard Processes Manual states that interpretation requests may be rejected where they request approval of a particular compliance approach. 5 In the event a registered entity believes that an ERO Enterprise CMEP staff did not appropriately consider Implementation Guidance and thus the registered entity should contact its Regional Entity for further discussion. 6 The standards development process includes coordination with the ERO Enterprise. 7 The drafting team can and should reach out to industry for assistance, as needed.

NERC I Compliance Guidance Policy I October 21, 2015 1


b. Project Management and Oversight Subcommittee (PMOS)8 liaison and NERC standards developer determine whether to elevate to Implementation Guidance and request ERO Enterprise endorsement

2. After a standard is approved in a final ballot, registered entities may develop examples or approaches and vet them through a pre-qualified organization. Pre-qualified organizations are included in Appendix B.

After an example has been vetted' through the standards development process or a pre-qualified organization the following general steps are envisioned:

1. Example(s) are submitted via email to NERC10 with acknowledgement of receipt to submitter

2. Example(s) and contact information for the submitter are posted on the NERC website as submitted within seven days of receipt for transparency

3. Example(s) are submitted to the ERO Enterprise for an endorsement within 45-90 days, unless a reason is provided otherwise. Endorsement is subject to technical soundness and compatibility with the standard language, and the ERO Enterprise leadership will ensure consensus among the Regional Entities. The ERO Enterprise will collaborate with submitter to resolve any questions.

4. Endorsed example(s) are moved from initial posting location to the one-stop shop on the NERC website; example(s) will be removed from the initial posting location on the NERC website if not endorsed

5. Once posted on the NERC website as an endorsed example, leadership at each of the Regional Entities will ensure that the example is given deference during CMEP activities.

When a new version of a standard is drafted, the standard drafting team will review existing Implementation Guidance for the previous version and contact the submitter to verify applicability to the new version.

Recommendations for Existing Documents The compliance guidance policy is not intended to automatically modify the status of any existing document. The Team recommends a series of actions to reconcile Implementation Guidance with existing documents.

Transition of Existing Documents Upon Board acceptance of the Compliance Guidance Policy, the Team recommends that the following documents be submitted for ERO Enterprise endorsement:

• Lessons Learned and FAQs developed through the CIP Version 5 transition advisory group

• NATF C/P-014-1 Requirement R1 Guideline

• Determination and Application of Practical Relaying Loadability Ratings, Version 1.0, June 2008 for PRC-023

After Board acceptance of the Compliance Guidance Policy, the Team recommends that the Compliance and Certification Committee (CCC) as the lead, with support from the Standards Committee (SC), jointly review other existing documents to recommend which should transition and be submitted for ERO Enterprise-endorsement for Implementation Guidance. The CCC should submit its initial recommendations to NERC by the end of the first quarter of 2016.

8 The PMOS is a subcommittee of the Standards Committee that advises and supports standard drafting teams to achieve standard goals specified in the Reliability Standards Development Plan. 9 Example(s) must be vetted with registered entities that would be affected by the approach. 10 NERC will establish an email address for the submittal of vetted Implementation Guidance.



Section ll of the Standard Processes Manual The high-level processes proposed in this document were developed in the context of the Standard Processes Manual and do not overlap or supersede any of the processes therein, including the development of supporting documents under Section 11. Section 11 documents do not include or require the ERO Enterprise endorsement as described herein, and, therefore, do not carry the deference provided to Implementation Guidance. However, Section 11 remains a viable vehicle for posting supporting documents that do not require ERO endorsement for industry comment.

Under Section 11, the SC verifies that a supporting document was reviewed by stakeholders to verify the accuracy of the technical content, but it is not a technical committee. Therefore, the SC is not included on the pre-qualified list of organizations that may develop examples and submit them to the ERO Enterprise for endorsement. However, the Team believes that Section 11, with slight modification to the language, could serve as a vetting vehicle for Implementation Guidance, in addition to the vetting vehicles described herein, prior to submittal to the ERO for endorsement. Thus, the team recommends that the SC consider whether to modify Section 11 and any associated procedures so it can serve as an additional vetting option for submitting Implementation Guidance, and report to the Board on the SC's decision no later than the May 2016 Board and MRC meetings.

RSAWs and Measures The Team suggests the CCC and SC, with ERO Enterprise CMEP staff, jointly review measures and RSAWs, specifically whether both are needed or could be condensed into a single document or location.

NERC I Compliance Guidance Policy I October 21, 2015

3

CMEP Practice Guides

Purpose CMEP Practice Guides address how CMEP staff executes compliance monitoring and enforcement activities and are not compliance approaches to comply with standards.

Description CMEP Practice Guides will provide:

• direction to ERO Enterprise CMEP staff on approaches to carry out compliance and enforcement activities, including discretion to be applied, auditing practices, risk assessment techniques, policies to be implemented, particular areas of focus for CMEP activities, and to foster consistency in compliance and enforcement;

• a uniform approach used by ERO Enterprise CMEP staff; and

• transparency to registered entities by being publicly posted.

In the event a CMEP Practice Guide will be used to inform ERO Enterprise staff on how to conduct compliance monitoring and enforcement activities as an interim solution until a standard could be revised, the ERO will hold policy discussions with industry prior to developing the CMEP Practice Guide.

Development CMEP Practice Guides are developed solely by the ERO Enterprise to reflect the independent, objective professional judgment of ERO Enterprise CMEP staff, and, at times, may be initiated following policy discussions with industry stakeholders. Following development, they are posted for transparency on the NERC website.

The Team recommends that the ERO Enterprise develops a CMEP Practice Guide on providing deference to endorsed Implementation Guidance.


One-Stop Shop for All Standards Related Information

The Team recognized the importance of having all information related to a standard, including Implementation Guidance and CMEP Practice Guides, readily available to industry stakeholders and ERO Enterprise staff. Therefore, the Team is recommending housing all information related to a standard in one location on the NERC website. The Team recommends investigating the current 'Related Information' webpages as the location for this information. The Team suggests that NERC staff discuss the organization of these pages to ensure consistency and update the pages to include links to all related information. The pages should include relevant documents from the Compliance, Standards, Reliability Assessment and Performance Analysis, Critical Infrastructure, and Reliability Risk Management web pages. Further, NERC staff will regularly maintain these web pages to ensure that current documents are included in a reasonable timeframe.


Conclusion

The Team recommends the development of Implementation Guidance and CMEP Practice Guides, as described herein, to promote a common understanding amongst industry and ERO Enterprise CMEP staff of how compliance can be achieved and demonstrated. As designed, these tools fulfill the principles identified by the Team, and differentiate between guidance to industry and instruction to ERO Enterprise CMEP staff.

The Implementation Guidance will provide industry confidence in compliance approaches, as the examples are developed by registered entities and will receive deference during CMEP activities. Therefore, industry can rely upon these examples for compliance, provided they are appropriate for the entity's facts and circumstances and implemented in a quality manner.

The CMEP Practice Guides provide confidence by giving industry visibility into CMEP activities and building consistency across the ERO Enterprise in conducting CMEP activities. Additionally, where these are used to provide specific instruction on the use of discretion until a standard can be revised, the ERO Enterprise will consult with industry in policy discussions prior to their development.

Additionally, the Team recommends:

• The CCC will lead with SC support a joint review of existing documents to submit for ERO Enterprise endorsement;

• An SC review of Section 11 of the SPM to determine whether revisions should be considered;

• The CCC and SC, with ERO Enterprise CMEP staff, conduct a joint review of measures and RSAWs;

• Developing a CMEP Practice Guide on providing deference to endorsed Implementation Guidance; and

• Developing a "one-stop shop" on the NERC website.

The Team believes the proposed policy will bring multiple benefits to industry, including the development of Implementation Guidance driven by registered entities, a simple process for sharing endorsed implementation methods, collaboration with other registered entities and the ERO Enterprise, and transparency of Implementation Guidance and CMEP Practice Guides.


Appendix A - Members Representatives Committee Compliance Guidance Team Mandate, June 2015

Purpose The purpose of this team is to present a proposal to the Members Representatives Committee (MRC) for the purpose, development, use, and maintenance of compliance guidance. When endorsed by the MRC, the proposal will be presented to the Board for approval and implementation.

Background Since the inception of the ERO, compliance guidance has been a topic of many discussions. Transparency of guidance documents for compliance has gone from having little information released to industry to being transparent to ensure that compliance monitoring is "open-book." Currently guidance may come from several sources, including "Guidelines and Technical Basis" sections that are part of Reliability Standards, the use of Reliability Standards Audit Worksheets (RSAWs), Lessons Learned and FAQs that support implementation, and through other NERC or industry-led outreach or materials. Other communications have also been tested, such as Bulletins, Compliance Application Notices (CANs) and Compliance Analysis Reports (CARs).

To improve the purpose, development, use and maintenance of compliance guidance and align industry and the ERO Enterprise, the NERC Board of Trustees (Board) sought input regarding the use and format of guidance for implementing standards through the April Policy Input Letter and a discussion led by a panel of industry and ERO Enterprise representatives at the May 2015 MRC meeting. These inputs as well as additional outreach that will be conducted, will inform this proposal. Industry was asked to consider the following principles when responding to the Policy Input Letter and during the discussion at the May meeting. These principles will also be used as a starting point for the team to discuss and build upon as appropriate.

• Compliance expectations should be transparent to industry.

• Guidance documents cannot expand upon the requirements of the Reliability Standard.

• Guidance documents issued by the ERO for auditors must reflect the independent, professional judgment of ERO Compliance and Enforcement staff.

• NERC and the Regional Entities must have the flexibility to apply professional judgement in making compliance and enforcement determinations. In applying professional judgement, NERC and the Regional Entities use professional standards (such as professional auditing standards).

NERC I Compliance Guidance Policy I October 21, 2015

7

Appendix A~ Members Representatives Committee Compliance Guidance Team Mandate, June 2015

Team Composition The team is comprised of the following representatives who will conduct outreach to other industry, trade, regional and committee representatives:

ERO Enterprise Executives and Board Members*:

1. Ken Peterson, NERC Board Member and SOTC Chair

2. Douglas Jaeger, NERC Board Vice Chair

3. Mark Lauby, Senior Vice President and Chief Reliability Officer, NERC

4. Dan Skaar, President and CEO, MRO

*Additional support from Janice Case, NERC Board Member and BOTCC Chair

Leadership:

1. Sylvain Clermont, MRC Chair

2. Valerie Agnew, Sr. Director of Reliability Assurance, NERC

3. Kristin lwanechko, MRC Secretary, NERC

Team Members:

1. Nabil Hitti, MRC Vice Chair

2. Tony Montoya, COO, WAPA

3. Tom Bowe, Executive Director of Reliability and Compliance, PJM

4. Nelson Peeler, VP Transmission System Operations, Duke (Sector 1, IOU)

5. Carol Chinn, Regulatory Compliance Officer, FMPA (Sector 2, State/Municipal Utility)

6. Jason Marshall, Vice President of Corporate and Regulatory Affairs, ACES (Sector 7, Electricity Marketer)

7. Brian Murphy, Standards Committee (SC) Chair

8. Patti Metro, Compliance and Certification Committee (CCC) Chair

9. Steven Noess, Director of Compliance Assurance, NERC

10. Sonia Mendonca, Deputy General Counsel, Vice President of Enforcement, NERC

Deliverables The team will provide a progress report to the MRC at its August 12, 2015 MRC meeting. The team will present a final proposal to the MRC at the November 4, 2015 meeting and, if endorsed, will present it to the NERC Board at its meeting on November 5, 2015. The final proposal will make recommendations on the purpose, development, use, and maintenance of compliance guidance in respect of the principles. Below is a draft time line.

August By August, the team will have developed the basis for the proposal. The team will present a status report at the August MRC meeting.

May 29 June 1-June 10 June 12

Establish team Develop strawman for team meeting First team meeting- discuss strawman and basis for proposal

NERC I Compliance Guidance Policy ! October 21, 2015 8

Appendix A- Members Representatives Committee Compliance Guidance Team Mandate, June 2015

June 15-30 July 8-9 July 11-15 July 16 August 12

November

Begin draft proposal Team meeting to discuss and refine draft proposal NERC staff finalizes documents for August MRC meeting Policy Input Letter issued August M RC meeting

By November, the team will have received industry comments and will present the final recommendations to the MRC and the NERC Board for endorsement.

August 17-19 August 20 Week of September 14 September 16-23 September 23-25 September 28- October 5

November4 November 5

Team meeting to consider MRC and Board input Post for 21-day comment period (ends September 10) and conduct outreach Team meeting to consider comments and modify proposal Conduct additional outreach as needed Team finalizes proposal (no meeting; a call if necessary) NERC staff finalizes documents for November MRC/Board meeting (no meeting; a call if necessary) November MRC meeting November Board meeting


Appendix B Pre-Qualified Organizations for Submitting Implementation Guidance

Examples proposed for Implementation Guidance must be vetted through one of the following pre-qualified organizations" prior to being submitted to the ERO Enterprise for endorsement. In order to be pre-qualified to be added to this list as a potential submitter of Implementation Guidance, an organization must submit a request to the CCC. The list of pre-qualified organizations will be posted and maintained on the NERC website.

1. American Public Power Association (APPA)

2. Canadian Electricity Association (CEA)

3. Edison Electric Institute (EEl)

4. Electricity Consumers Resource Council (ELCON)

5. Electric Power Supply Association (EPSA)

6. ISO/RTO Council

7. Large Public Power Council (LPPC)

8. National Association of Regulatory Utility Commissioners (NARUC)

9. National Rural Electric Cooperative Association (NRECA)

10. North American Generator Forum (NAGF)

11. North American Transmission Forum (NATF)

12. Transmission Access Policy Study Group (TAPS)

13. Western Interconnection Compliance Forum (WICF)

14. NERC Planning Committee (PC)

15. NERC Operating Committee (OC)

16. NERC Critical Infrastructure Protection Committee (CIPC)

17. Regional Entity Stakeholder Committees

u The Team included organizations that are comprised of stakeholders, have methods to assure technical rigor in the development process, and the ability to vet content through its members,


Compliance Guidance PolicyPatti Metro, Manager, Transmission & Reliability StandardsNational Rural Electric Cooperative Association (NRECA)Compliance & Certification CommitteeDecember 2, 2015


• Purpose of the policy paper Develop approaches useful in providing guidance for implementing

standards

• May 2015: compliance guidance team (Team) formed Clarify the role, purpose, development, use, and maintenance of

compliance guidance Reduce controversial approaches to provide guidance Provide additional clarity on implementation of standards

Background


Compliance Guidance Team

• NERC executives and Board of Trustees (Board) members Ken Peterson Doug Jaeger Janice Case Mark Lauby

• Regional Entity Leadership Dan Skaar

• Leadership Sylvain Clermont Valerie Agnew Kristin Iwanechko

• Team Members Nabil Hitti Tony Montoya Tom Bowe Nelson Peeler Carol Chinn Jason Marshall Brian Murphy Patti Metro Steve Noess Sonia Mendonca


1. Guidance cannot change the scope of a Reliability Standard2. Contents of guidance are not the only way to comply with a

standard3. Clear compliance expectations during standards development

should minimize need for guidance after regulatory approval4. Forms of guidance should not conflict5. Guidance should be developed collaboratively and posted for

transparency

Principles


• Should be a finite and limited set of guidance tools• All forms of guidance related to the same standard should be

coordinated and collected in one location• To the extent guidance does not address all issues that arise,

consideration should be given to revising the standard• NERC and the Regional Entities (ERO Enterprise) will exercise

professional judgement and maintain processes to ensure its independence

• There are other methods for addressing risks not subject to a standard (i.e., feedback loops)

Additional Considerations


• Implementation Guidance Examples for implementing a standard

• CMEP Practice Guides Provides direction to ERO Enterprise compliance monitoring and

enforcement program (CMEP) staff on approaches to carry out compliance and enforcement activities

Proposed Types of Guidance


• Led and developed by industry experts• Does not prescribe the only approach• Endorsed for deference by ERO Enterprise



• Endorsement ERO Enterprise CMEP staff will give the examples deference when

conducting compliance monitoring activities

• Deference Registered entities may rely upon the example with reasonable assurance

that guidance meets compliance requirements Compliance determinations depend on facts, circumstances, and system

configurations Following guidance alone is not a guarantee to meet compliance

Endorsement and Deference


• Initiation and Vetting Standard drafting team (during standards development) Through a pre-qualified organization (after final ballot)

• Submitted to a NERC email after being vetted• Example is posted to a central location on NERC’s website for

transparency

Implementation Guidance Development


• ERO Enterprise considers guidance for endorsement NERC facilitates resolution of any open questions Subject to technical soundness and compatibility with the standard

language ERO Enterprise leadership will ensure consensus among Regional Entities

• If endorsed, move to one-stop shop ERO Enterprise leadership ensures deference is given during CMEP

activities If not endorsed, removed from website

Obtaining Endorsement


• APPA• CEA• EEI• ELCON• EPSA• ISO/RTO Council• LPPC• NARUC• NRECA

Pre-Qualified Organizations

• NAGF• NATF• NWPPA• TAPS• WICF• NERC Planning Committee• NERC Operating Committee• NERC CIPC• Regional Entity Stakeholder

Committees


• Provides direction to ERO Enterprise CMEP staff on approaches to carry out compliance and enforcement activities

• Developed by the ERO Enterprise• May be initiated through policy discussions with industry• Posted for transparency

CMEP Practice Guides


One location on NERC website for:• Implementation Guidance• CMEP Practice Guides• Other supporting documents Other documents created during standards development (i.e., RSAWs,

white papers) Other types of guidance (i.e. Events Analysis Lessons Learned) Reports

One-Stop Shop for Guidance


• Compliance and Certification Committee (CCC) review, with Standards Committee (SC) support, of existing documents to submit for ERO Enterprise endorsement

• Review by the SC of Section 11 of the Standard Processes Manual to determine whether revisions should be considered

• CCC and SC jointly review, with ERO Enterprise CMEP staff, measures and RSAWs

• Develop CMEP Practice Guide on providing deference to endorsed Implementation Guidance

• Create a “one-stop shop” on the NERC website

Recommendations


• Volunteers Barbara Kedrowski Leland McMillan Lisa Milanes Helen Nalley Patricia Robertson Clay Smith

• Leadership Chair - Scott Tomashefsky Support provided by CCC Leadershipo Patti Metroo Jennifer Flandermeyero Matt Goldbergo Terry Bilke

Compliance Guidance Task Force


• Nominating Subcommittee for 2016 Helen Nalley, Chair Clay Smith Lisa Milanes Ted Hobson Kevin Conway

• Vacancies to be filled at Feb 2016 NPCC – to be filled by Vicky O’Leary TRE – Vacant (TRE is in the process of filling) Federal/Provincial Utility/Power Authority – Nomination received

• Next vacancies occur in May, 2016 (6)

Nominating Subcommittee

CPPS Report

CCCPP-010 Update & CMEP Order

• CCCPP-010 is criteria NERC uses in evaluating effectiveness of Regional Entity administration of CMEP

• CPPS Members considering modifications to address MRRE engagement

• CPPS Members will review 1Q16 NERC filing to FERC on 2015 CMEP implementation

• Goal: 1Q or 2Q update to CCCPP-010

Quality Review• NERC Standards Personnel presented latest thinking on

quality review, increasing the focus on compliance-oriented perspectives, and inviting CPPS involvement to provide ongoing input and feedback.– CPPS shared compliance-oriented perspectives for NERC to

consider including in the Standard Development Process. CPPS will provide input more formally in January.

– CPPS decided that it would like to provide feedback for Standards under development (“Micro” feedback)

– CPPS will continue to discuss possible role in providing feedback on so-called “Macro” feedback.

• CPPS and NERC Personnel continue to coordinate on review on RSAW

LSE Removal: Funding ImpactTerry Brinker, Manager, Registration ServicesCompliance & Certification CommitteeDecember 2, 2015


• FERC approves LSE removal on October 15, 2015 LSE removal from the NCR begins November, 16 2015 Notification letters specify LSEs are still responsible party for funding Functional model is not being modified; LSEs will remain

• Funding Authority Rule of Procedure sections 1102, 1106 and 5B NERC By-laws Federal Power Act 215

Risk-Based Registration


• 1106. NERC and Regional Entity Billing and Collections NERC shall request the Regional Entities to identify all Load-Serving

Entities3 within each Regional Entity and the NEL assigned to each Load-Serving Entity, and the Regional Entities shall supply the requested information. The assignment of a funding requirement to an entity shall not be the basis for determining that the entity must be registered in the Compliance Registry.

• 5B Presence on or absence from the Compliance Registry has no bearing on

an entity’s independent responsibility for funding NERC and the Regional Entities.

Rule of Procedure


• 1102. NERC Funding and Cost Allocation In order that NERC’s costs shall be fairly allocated among Interconnections

and among Regional Entities, the NERC funding mechanism for all statutory functions shall be based on Net Energy for Load (NEL).

Footnote 3: A Regional Entity may allocate funding obligations using an alternative method approved by NERC and by FERC and other Applicable Governmental Authorities, as provided for in the regional delegation agreement.

Rule of Procedure cont.


Bylaws

• Federal Power Act section 215 the ERO must establish rules that “allocate equitably reasonable dues,

fees, and other charges among end users for all activities under this section…..”

• From the NERC Bylaws “Net Energy for Load (NEL)” means net generation of an electric system plus

energy received from others less energy delivered to others through interchange. It includes system losses, but excludes energy required for storage of energy at energy storage facilities. Calculations of net energy for load for all purposes under these Bylaws shall be based on the most recent calendar year for which data on net energy for load of applicable regions of the United States, Canada, and Mexico is available.

Compliance and Certification Committee - NERC Highlights and Minutes 2013/CCC... · successful...

Documents

Transcript of Compliance and Certification Committee - NERC Highlights and Minutes 2013/CCC... · successful...