CEO REPORT
Thomas F. Schrader
ERCOT Board of DirectorsDecember 14, 2004
December 14, 2004
CEO Report
Fee Settlement Audit Response Action Plan Security Work Plan
Chander Ahuja, Director of Security
December 14, 2004
Fee Settlement
Challenge Effective use of resources Aggressive effort
Cost savings Activities & projects
Documentation & Justification
December 14, 2004
Management Action Plan (MAP)
Internal Control
Environment
Management Activities
Specific Projects
Process Redesign
Audit Response
Internal control mgmt. program
Cultural change
Roles & responsibilities
Internal Audit
Fixed asset inventory
Lawson Policies &
procedures Security
initiatives HR projects
Fixed asset management
Contracting & procurement
Hiring Other TBD
Mission/vision/goals
Org. structure Budget -- review
of activities/expenses
Cost tracking Risk assessment Mgmt. reporting
Audits
Fee Settlement
Roadmaps
Mgmt. Planning & Practices
Management Action Plan
December 14, 2004
Preliminary Programs Schedule
December 14, 2004
Audit Tracking System
Provides comprehensive and consistent method to track all recommendations
Improves accountability for management’s action plans
Helps ensure completion dates are met
December 14, 2004
Security Work Plan 2005
Chander M. AhujaDirector of Security
December 14, 2004
Strategic Security Vision
Crown Jewels People, Information, Physical assets
Responsibility Security is a part of every job at ERCOT
Security lifecycle Requirements, Communicate, Integrate, Measure, Report
Remediation process features High risk first, Business ownership for execution, Verify
2005 Goals Accountability Establish comprehensive, integrated ERCOT Security
Practice Remediation with a concentrated effort
December 14, 2004
2005 Security Plan
Audits EY Roadmap Best Security Practices
ERCOT 2005 Security Plan
Tasks to addressAudit findings(Responses)
Tasks to Establish strong practices
(Practices)
Tasks to closelarge gaps(Projects)
Accountability Establish practices RemediationGOAL:
December 14, 2004
Strategic Initiatives
Asset Classification Initiative Secure Information Initiative Access Control Initiative Physical Security initiative Security Vision initiative
Top Related