2014 ERO Enterprise Compliance Monitoring and Enforcement Program Annual Report

Transcription

1 2014 ERO Enterprise Compliance Monitoring and Enforcement Program Annual Report August 2015 NERC 2014 ERO Enterprise Annual CMEP Report August 2015 i

2 Table of Contents Preface... iii Executive Summary... iv Introduction... v Significant 2014 Projects...1 Risk-Based Compliance and Enforcement Activities...1 Managing the Transition to Version 5 of the CIP Standards...8 Regional Entity Coordinated Oversight of Multi-Region Registered Entities...9 Regional Consistency Reporting Tool...9 ERO Enforcement Matters ERO Enterprise CMEP Activities ERO Enterprise CMEP Implementation Plan Regional Entity Compliance Monitoring ERO Enterprise CMEP Training, Education, and Outreach ERO Enterprise Training on Major Initiatives Industry Stakeholder Outreach Guidance Documents ERO Mitigation Plan Guide ERO Self-Report User Guide Coordinated Management Oversight Data Flow/Metrics Monitoring Activities Guidance and Training Looking Forward to NERC 2014 ERO Enterprise Annual CMEP Report August 2015 ii

3 Preface The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system (BPS) in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long term reliability; monitors the BPS through system awareness; and educates, trains, and certifies industry personnel. NERC s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the electric reliability organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission (FERC) and governmental authorities in Canada. NERC s jurisdiction includes users, owners, and operators of the BPS, which serves more than 334 million people. The North American BPS is divided into eight Regional Entity boundaries, as shown in the map and corresponding table below. FRCC MRO NPCC RF SERC SPP-RE TRE WECC Florida Reliability Coordinating Council Midwest Reliability Organization Northeast Power Coordinating Council ReliabilityFirst SERC Reliability Corporation Southwest Power Pool Regional Entity Texas Reliability Entity Western Electricity Coordinating Council NERC 2014 ERO Enterprise Annual CMEP Report August 2015 iii

4 Executive Summary This report highlights key Compliance Monitoring and Enforcement Program (CMEP) activities that occurred in In addition, it provides forward-looking activities on the implementation of risk-based compliance monitoring and enforcement by the ERO Enterprise. During 2014, the ERO Enterprise completed its Reliability Assurance Initiative (RAI), a comprehensive transformation of the CMEP that introduced a risk-based approach into the program that is being implemented across the Enterprise in Specific activities included: Risk-Based Compliance and Enforcement Activities ERO Enterprise staff led a collaborative effort to develop training and guidance documents for applying a risk-based approach to compliance monitoring and enforcement. Both NERC and the Regional Entities provided executive-level sponsorship and dedicated resources necessary to support successful pilot activities, establish a common approach, develop and adopt the final individual component documents, and conduct training and outreach to both the Regional Entities and registered entities. Managing the Transition of the CIP Standards to Version 5 NERC initiated a program to support industry s transition from the currently enforceable CIP Version 3 standards directly to CIP Version 5. The goal of the transition program is to improve industry s understanding of the technical security requirements for CIP Version 5, as well as the expectations for compliance and enforcement. Recognizing the need for greater guidance and clarity, in 2014 NERC collaborated with the Regional Entities and industry to develop lessons learned and FAQ documents. Regional Entity Coordinated Oversight of Multi-Region Registered Entities In 2014, the ERO Enterprise collaborated on coordinating oversight of Multi-Region Registered Entities (MRREs). The Program is designed to streamline risk assessment, compliance monitoring and enforcement, and event analysis activities for the registered entities that use, own or operate assets in areas covering more than one Regional Entity s territory. Regional Consistency Reporting Tool The Regional Entities created a Regional Consistency Reporting Tool to support their efforts to improve consistency across the ERO. The purpose of the Regional Consistency Reporting Tool is to create an open channel of communication for relevant industry stakeholders to report any perceived inconsistencies between two or more Regional Entities, or perceived inconsistencies with applicable published processes, procedures, or rules. Also in 2014, NERC and FERC successfully reached settlement with five of the entities involved in the September 8, 2011, system disturbance that left approximately 2.7 million customers in the southwest United States and Baja Peninsula in Mexico without power. NERC and FERC reached the sixth and final settlement in May These settlements have included numerous mitigating activities and reliability enhancements. Calendar year 2014 was devoted to transitioning to a risk-based approach to compliance monitoring and enforcement. In 2015, the ERO Enterprise continues the implementation of all aspects of risk-based compliance monitoring and enforcement. This report notes key implementation efforts that took place during the first half of 2015 to illustrate how NERC and the Regional Entities remain in close coordination to ensure successful implementation. NERC 2014 ERO Enterprise Annual CMEP Report August 2015 iv

5 Introduction This report provides information on NERC and Regional Entity CMEP activities that occurred in 2014 during the transition to risk-based compliance monitoring, as well as information on the implementation of the risk-based CMEP during the first half of In November 2014, NERC management identified seven success factors to be measured over the course of 2015 in connection with the implementation of the risk-based CMEP. Those factors are: 1. ERO Enterprise Staff Competency (competency and perception): ERO Enterprise staff performing key activities are trained and competent in their areas of responsibility, such as risk assessment, audit, internal controls evaluation, and enforcement, and are regarded by registered entities as being well qualified in their roles. 2. Information and Outreach: Registered entities have the information they need through outreach, program transparency, and sharing of best practices to prepare for engaging with the Regional Entities and NERC in the risk-based compliance and enforcement activities. 3. Consistency: The common tools, processes, and templates used by Regional Entities for risk-based compliance activities with registered entities are consistent on matters where consistency is important, and NERC has adequate oversight of that interface. 4. Regulator Trust: The ERO Enterprise has strengthened the trust of the Federal Energy Regulatory Commission (FERC) and applicable Canadian government authorities regarding risk-based compliance and enforcement. 5. Balanced Transparency: An appropriate level of transparency has been determined for various facets of risk-based compliance and enforcement, balancing efficiency and the confidentiality needs of a registered entity with the needs of industry as a whole to learn from others (e.g., transparency of compliance exceptions and aggregation logs, as well as feedback to each entity regarding inherent risk or internal controls evaluation). 6. Metrics Identified: Metrics are identified for key expected results from risk-based compliance and enforcement and benchmarked for Recognized Value: The value of risk-based compliance and enforcement of registered entities is apparent to the public and can be clearly and publicly articulated. For 2015 and beyond, NERC will use the seven success factors, effective Compliance and Certification Committee (CCC) criteria, appropriate metrics and benchmarks, and other factors to measure successful implementation of risk-based compliance monitoring and enforcement and to evaluate and report on NERC and Regional Entity CMEP activities. Each year, NERC and the Regional Entities implement the CMEP by performing various responsibilities and duties. Per Section of the Rules of Procedure (RoP), 1 NERC is required to evaluate the goals, tools, and procedures of each Regional Entity CMEP to determine its effectiveness using criteria developed by the CCC. In prior years, NERC used the CCC criteria to review Regional Entity CMEP activities and provide information on NERC s review within the annual CMEP report. As 2014 was a transition year to risk-based compliance monitoring, NERC, Regional Entities, and the CCC began revising the CCC criteria to reflect risk-based activities. The CCC started revising its criteria in the beginning of 2014 to reflect the developments of the ERO Enterprise Risk-Based Compliance Monitoring Framework and finalized this criteria in May Therefore, use of the criteria in effect during NERC Rules of Procedure, NERC 2014 ERO Enterprise Annual CMEP Report August 2015 v

6 Introduction was not appropriate to fully review and evaluate Regional Entity effectiveness for CMEP activities. Further, as a transition year, both NERC and the Regional Entities worked diligently to finalize guidance and processes. NERC and the Regional Entities continually monitor these guidance documents and processes to evaluate whether they adequately allow the ERO Enterprise to accurately assess compliance and enforcement risks to the BPS. NERC typically posts the report evaluating the prior year s activities during the second quarter of each year. However, as 2014 was dedicated to transitioning to a risk-based CMEP, this report is being published during the third quarter in order to provide an overview of initial implementation during the first half of Consistent with the approach for prior annual reports, NERC collected information for this CMEP Annual Report from the Regional Entities and NERC staff throughout 2014 and the first quarter of NERC 2014 ERO Enterprise Annual CMEP Report August 2015 vi

7 Significant 2014 Projects Risk-Based Compliance and Enforcement Activities Completed in 2014, the RAI was a collaborative effort among NERC, the Regional Entities, and industry, using riskbased approaches to enhance the effectiveness of compliance monitoring and enforcement. Over the course of 2014, the ERO Enterprise tested a number of concepts, processes, and programs for implementation in By the end of September 2014, NERC had published guides and program documents related to all of the new and expanded processes and programs to enable implementation in In early 2014, representatives from each of the eight Regional Entities, in collaboration with NERC, reviewed results from the 2013 risk-based pilot programs and identified specific approaches or processes that the ERO Enterprise should use for its single, common method for risk-based compliance monitoring. To assist the evaluation teams in determining the best approaches, NERC and the Regional Entities invited a group of industry professionals to develop the evaluation criteria. The established criteria included transparency, design effectiveness, alignment to Reliability Standards, implementation requirements, and registered entity impact. The processes developed through RAI associated with the CMEP have resulted in the development of a common framework for oversight of registered entities based on the identification of risk elements, assessment of an entity s inherent risk, and evaluation of its internal controls. Each of these components enables the Compliance Enforcement Authority (CEA) to select the appropriate compliance monitoring tools based on risk. The ERO has based the framework on the use of risk based compliance monitoring practices similar to those used in other industries. The focus, method, and frequency of monitoring engagements rely on a common ERO Enterprise approach to assess a registered entity s BPS reliability risk and may be further refined based on the strength of the registered entity s management controls related to compliance with Reliability Standards. Throughout 2014, NERC conducted a series of training opportunities for industry in the form of webinars and inperson workshops. To prepare for the implementation of risk-based compliance monitoring and enforcement, NERC and Regional Entities presented an RAI 101 webinar in October. In addition, two stakeholder-focused workshops occurred in November. These workshops included a panel of participants from NERC, Regional Entities, and registered entities to discuss the components of the transformed, risk-based ERO Enterprise CMEP. Each of the eight Regional Entities also held workshops to extend understanding of the risk-based compliance and enforcement program. In 2015, the ERO Enterprise will transition to risk-based reliability assurance methods with full implementation of a risk-based CMEP. Risk-Based Compliance Monitoring During 2014, Regional Entities began conducting risk-based compliance activities, including Inherent Risk Assessments (IRAs) and Internal Control Evaluations (ICEs). Beginning in June 2014, two teams of NERC and Regional Entity staff worked to finalize a single, common approach to IRAs and ICEs. During the final stage, these teams designed guidance documents to provide an overall framework for how Regional Entities would conduct IRAs and ICEs as part of the overall ERO Enterprise Risk-Based CMEP 2 and Risk-Based Compliance Monitoring Framework. 3 The teams used the 2013 pilot results and evaluation criteria to finalize guidance documents. The 2 Risk-Based%20CMEP.pdf. 3 Based%20Compliance%20Monitoring%20and%20Enforcement%20Program%20Visual%20Overview.pdf. NERC 2014 ERO Enterprise CMEP Annual Report August

8 Significant 2014 Projects two design teams also collaborated with industry representatives for their input on the development and content of the guidance documents. The ERO Enterprise Inherent Risk Assessment Guide 4 (IRA Guide), posted to the NERC RAI page 5 in October 2014, describes the process used to assess inherent risk of registered entities and serves as a guide for implementing and performing an IRA. As explained in the guide, an IRA is a review of potential risks posed by an individual registered entity to the reliability of the BPS. It contains factors such as assets, systems, geography, interconnectivity, prior compliance history, and overall unique entity composition. While the IRA Guide provides guidance on risk factors and associated criteria/thresholds for Regional Entity consideration, risk factors and the associated criteria/thresholds may vary by Region, entity size, or function. Depending on the unique characteristics of the registered entity, some of the risk factors listed in the IRA Guide may be more applicable than others, not applicable, or there may be additional risk factors not listed that should be considered. An ICE enables further refinement of the compliance oversight plan for individual registered entities. NERC, in partnership with Regional Entities, registered entities, and various other stakeholders, developed the ERO Enterprise Internal Control Evaluation Guide 6 (ICE Guide), also posted in October 2014 on the NERC RAI page, to assist CEAs in identifying and evaluating a registered entity s existing internal controls around CMEP objectives. The ICE is NERC s and the Regional Entities effort to formalize and standardize internal control reviews to complement risk-based monitoring of compliance. In most instances, an ICE focuses on controls related to entityspecific risks identified through the IRA and relevant to the applicable Reliability Standards, and enables CEA staff to leverage the entire breadth of compliance monitoring and enforcement processing tools more effectively. Because of the ICE, the Regional Entity may further focus compliance monitoring activities for a given entity. The depth and breadth of any particular area of review may decrease based on the Regional Entity s conclusions and its ability to rely on the internal controls of the registered entity. Figure 1 identifies the number of registered entities per Region for whom Regional Entities performed initial risk and control assessment activities during Some of these risk-based compliance activities were performed prior to the issuance of the ERO Enterprise IRA and ICE guidance documents and occurred under Regional Entity internal processes that preceded IRA and ICE Guides. With the rollout of the IRA and ICE Guides in October 2014, the Regional Entities have evolved processes to align with IRA and ICE Guides. The Regional Entities were, and remain as of the date of this report, in varying stages of implementation of the IRA and ICE Guides, which is reflected in the small number of IRAs and ICEs completed in Guide_ pdf Control%20Evaluation%20Guide.pdf. 2

9 Significant 2014 Projects FRCC MRO NPCC RF SERC SPPRE TRE WECC Number of Entities with IRAs or Similar Risk Assesment Activities Number of Entities with ICEs or Similar Control Review Activities Figure 1: Risk-based compliance activities performed in 2014 At the time of this report, 245 registered entities are scheduled to be audited in 2015 in the United States. Throughout the year, Regional Entities update their audit schedules based on possible changes in entity registrations, assessment of risks and decisions to change monitoring tools, decisions to combine or separate audits involving CIP and Operations and Planning (O&P) scope areas, etc. The ERO Enterprise is committed to completing IRAs for all registered entities on the 2015 audit schedule. Figure 1 shows that Regional Entities completed IRAs for 177 registered entities, or 72%, that were scheduled for a 2015 audit. 3

10 Significant 2014 Projects Number of 2015 scheduled audits Number of IRA Completed for entities on 2015 audit schedule Figure 1: Total number of entities on 2015 audit schedule compared to total number of IRAs completed for audit schedule Regional Entities will continue conducting IRAs during the course of the next few years in order to assess inherent risk and develop compliance oversight plans for all registered entities. The ERO Enterprise continues discussions around how Regional Entities will complete IRAs for all registered entities. Regional Entities completed 20 ICEs associated with 177 completed IRAs for registered entities on the 2015 audit schedule (see Figure 3). In addition, Regional Entities have completed 28 IRAs and 15 ICEs for entities that are not scheduled for an audit in Ongoing ICE-related activities, not reflected in Figure 3, also continue for registered entities who opt in for an ICE or who are interested in having an ICE performed. For example, Regional Entities may have held initial discussions with registered entities or sent internal control questionnaires to registered entities to begin the ICE process. 4

11 Significant 2014 Projects Figure 3: Total number of IRAs and ICEs conducted for entities on 2015 audit schedule Risk-Based Enforcement Since 2013, NERC and the Regional Entities have exercised discretion when deciding whether to initiate a formal enforcement action regarding certain instances of noncompliance that pose a minimal risk to the reliability of the BPS. Noncompliance that is not pursued through a formal enforcement action by the ERO Enterprise is referred to as a compliance exception. Beginning in October 2013, NERC and the Regional Entities began to allow select registered entities with demonstrated effective management practices (e.g., self identifying, assessing, and mitigating instances of noncompliance) to self-log minimal-risk noncompliance that would otherwise be individually self reported. The self-logging program enables registered entities that have demonstrated effective management practices to keep track of minimal-risk noncompliance (and related mitigation) on a log that is periodically reviewed by the Regional Entity. Minimal-risk noncompliance added to the log is presumed to be disposed of as a compliance exception. All Regional Entities utilized the self-logging program in Continuing in 2014, the compliance exception and self-logging of minimal-risk issues represent the expansion of a risk-based approach to ensuring reliability. These programs leverage existing internal practices at registered entities related to self-monitoring, identification, assessment, and correction of noncompliance with Reliability Standards. By appropriately valuing and rewarding such efforts (i.e., by providing a disposition path outside of a formal enforcement action), the ERO Enterprise encourages the enhancement of internal controls and selfidentification of noncompliance throughout the industry. As of December 31, 2014, 19 registered entities were permitted to self-log minimal-risk noncompliance. As of June 30, 2015, 39 registered entities are self-logging. 7 The registered entities that have been approved for self-logging represent a diverse group that performs various reliability functions, including Generator Owners, Generator Operators, Balancing Authorities, Transmission Planners, and Reliability Coordinators, among others. Currently, seven out of eight Regional Entities have registered entities participating in the self-logging program. 8 The compliance exception disposition program builds on the success of the Find, Fix, Track (FFT) and Report 7 There were a few registered entities that were deregistered from the NERC Compliance Registry, while other new registered entities were added, increasing the overall number of self-logging entities. 8 One of the RF entities in the program logs noncompliance associated with activities in the SPP RE footprint as well. Currently, no registered entities are self-logging in FRCC. 5

12 Significant 2014 Projects program, which was the first step in implementing a risk-based strategy. This track recognizes that not all instances of noncompliance require the same type of enforcement process. The ERO Enterprise disposed of 116 instances of noncompliance as compliance exceptions in The Regional Entities used their discretion for issues discovered in 2014 as well as those discovered in past years (see Figure 4). Figure 4: Compliance exceptions by discovery year As shown in Figure 5, in 2014, 34% of noncompliance was disposed through the FFT process, and 10% were provided compliance exception treatment. The utilization of streamlined disposition tracks for lesser-risk issues remained steady and reflected the continued use of these tracks as well as an initial shift of usage of compliance exceptions in lieu of FFTs. Figure 5: Compliance exceptions by discovery year (2013 and 2014) 6

13 Significant 2014 Projects During the first half of 2015, out of 387 instances of noncompliance posing a minimal risk to the reliability of the BPS, the ERO Enterprise disposed of 269 (70%) as compliance exceptions. The compliance exception disposition track allows the Regional Entities to dispose noncompliance posing a minimal risk efficiently, so that they can focus on noncompliance posing a moderate or serious risk. Compliance exceptions may come from violations of any of NERC s Reliability Standards. As shown in Figure 6, in 2014, 53% of compliance exceptions were related to non-cip Reliability Standards, and 47% of compliance exceptions were related to CIP Reliability Standards. Figure 6: 2014 compliance exceptions by standard family 7

14 Significant 2014 Projects Managing the Transition to Version 5 of the CIP Standards NERC initiated the CIP Version 5 transition program in an effort to collaborate with Regional Entities and responsible entities to understand how to implement the CIP Version 5 Reliability Standards in a manner that is timely, effective, and efficient. The transition program is meant to provide industry with a clear path and approach to transition from CIP Version 3 directly to CIP Version 5. That path includes expectations for compliance and enforcement. NERC understands that a variety of issues could arise as entities transition to new or revised versions of Reliability Standards. If the ERO Enterprise and the registered entities do not properly understand and address these issues, a spike of noncompliance could result after the CIP Version 5 effective date. The Implementation Study, an important part of the overall CIP Version 5 transition program, began in 2013 and was completed in As explained in the Implementation Study Final Report, CIP Version 5 Transition Program 9 issued in October 2014, the study centered on a representative sample of six registered entities that volunteered to transition to compliance on an accelerated schedule with the new Reliability Standards. NERC and the Regional Entities did not conduct compliance monitoring activities or pursue enforcement actions related to CIP Version 3 for Implementation Study participants; however, they did perform ongoing oversight and review of the implementation activities. As anticipated, NERC, the Regional Entities, and the study participants identified a number of issues through the course of the study that called for additional guidance and clarity. While none of the participants planned or expected to completely transition to CIP Version 5 during the period of the study, they indicated that they made considerable progress and that their efforts substantially increased their confidence that they will be ready to implement the CIP Version 5 standards successfully on or before the effective date. NERC has developed lessons learned documents and FAQ documents, which are available on the CIP Version 5 transition program web page. While these documents are designed to represent a comprehensive set of guidance documents that will help all responsible entities transition to CIP Version 5, in 2015 the ERO Enterprise will continue to collaborate with stakeholders to develop additional documents as new issues are identified. As described in the CIP V5 Transition Guidance, 10 registered entities that were engaged in a compliance audit had the option of participating in a CIP Version 5 review. Prior to an audit, spot check, or other compliance monitoring activity, the responsible entity notified its Regional Entity whether it had transitioned or was in the process of transitioning to implementing a particular CIP V5 standard or requirement. If the responsible entity had transitioned or was in the process of transitioning to a CIP V5 requirement that is mostly compatible with a CIP V3 requirement, the Regional Entity s compliance monitoring activities focused on the responsible entity s implementation of the CIP V5 requirement, not the compatible CIP V3 requirement. If the responsible entity satisfied the core obligations of the CIP V5 requirement, the Regional Entity did not also review the responsible entity s compliance with the compatible CIP V3 requirement. The responsible entities compliance with the CIP V5 requirement was deemed as compliant with the compatible CIP V3 requirement. Figure 7 illustrates the number of CIP audits completed and the number of Version 5 reviews completed out of the total CIP audits Regional Entities conducted during

15 Significant 2014 Projects FRCC MRO NPCC RF SERC SPPRE TRE WECC Total Number of CIP Audits Completed Numbers of Audits that Included CIP V5 Review Figure 7: Compliance audits with CIP Version 5 consideration Regional Entity Coordinated Oversight of Multi-Region Registered Entities In 2014, the ERO Enterprise collaborated on coordinating the oversight of MRREs. MRREs are registered entities with a single registry number or affiliates registered in more than one Regional Entity footprint. The purpose of the MRRE coordinated oversight is to provide a structure for improving both efficiency to a registered entity in responding to compliance oversight and consistency in the compliance oversight procedures, tools, communication, and interfaces affecting the registered entity. Participation in the MRRE coordinated oversight will be voluntary for registered entities. The program has undergone several stages of gradual implementation and is now in its full implementation phase. Currently, 74 registered entities have joined the program, but more are expected to sign up by the end of The registered entities that opted to join the program are registered for various reliability functions in multiple Regions. Regional Consistency Reporting Tool To assist the ERO Enterprise in its efforts to improve consistency among the Regional Entities and drive continuous improvement in day-to-day operations, the Regional Entities created the Regional Consistency Reporting Tool. Launched in November 2014, this reporting tool enables registered entities or other relevant industry stakeholders to report any perceived inconsistency in the methods, practices, or tools between two or more Regional Entities. It does not, however, function as an appeal of a Regional Entity action or decision, nor does it replace the NERC or Regional Entity compliance hotlines for complaint reporting. The Regional Consistency Reporting Tool is hosted on a secure, third-party server. Reports are submitted only to those personnel at each Regional Entity with specific permissions and training based on the issue. Once a report is received, the Regional Entity assesses and evaluates the report. The evaluation reports are then incorporated into a public findings spreadsheet. The identity of the reporter, if provided, remains protected. Moreover, the reporter has the option to remain anonymous at the time of making the report. The Tool is available through links on the NERC s Key Players web page and each of the Regional Entity websites. 9

16 Significant 2014 Projects ERO Enforcement Matters In 2014, NERC and FERC successfully reached settlement with five of the entities involved in the September 8, 2011 system disturbance (Event) that left approximately 2.7 million customers in the southwest United States and Baja Peninsula in Mexico without power. In May 2015, NERC and FERC reached the sixth and final settlement related to the Event. These settlements have included numerous mitigating activities that address both violations of specific Reliability Standards and requirements and broader issues identified during the inquiry into the event. The five entities were fined a total of $7,250,000 in civil penalties and invested an additional $14,650,000 in reliability enhancements within the Western Interconnection. Below are summaries of the settlements. Arizona Public Service The loss of a single 500 kv transmission line (the Arizona Public Service (APS) Hassampaya-North Gila 500 kv line (H-NG)) initiated the event but was not the sole cause of the widespread outages during the Event. APS lost 389 MW of firm load that impacted approximately 70,000 customers. NERC and FERC staff determined that APS failed to perform a unique next-day study or failed to properly assess whether one was required based on current system conditions, failed to plan for unscheduled system changes, and failed to coordinate its next-day studies with neighboring TOPs. APS agreed to mitigation measures addressing reliability issues identified as a result of the Event and also agreed to a civil penalty of $3,250,000, which included $1,250,000 in reliability enhancements. Imperial Irrigation District During the Event, significant overloading occurred on three Imperial Irrigation District (IID) 230/92 kv transformers located at the Coachella Valley and Ramon substations as a result of flows being redistributed through the system after the loss of H-NG. The loss of the three transformers resulted in automatic undervoltage load shedding in IID s northern 92 kv system and the loss of multiple generators and transmission lines. IID lost 929 MW of firm load that impacted approximately 146,000 customers. NERC and FERC staff determined that IID failed to have valid next-day and current-day plans and failed to coordinate operations with neighboring entities, and IID also failed to establish valid System Operating Limits (SOLs), which resulted in operating in an unknown state. IID agreed to mitigation measures addressing reliability issues identified as a result of the Event and also agreed to a civil penalty of $12,000,000, which included $9,000,000 in reliability enhancements. Southern California Edison The intertie separation scheme at the San Onofre switchyard operated properly during the Event by simultaneously opening all five 230 kv transmission lines connecting Southern California Edison (SCE) and San Diego Gas & Electric (SDG&E). The resulting cut in power to SDG&E s system, however, caused a rapid frequency decline indicative of a severe imbalance between generation and load in SDG&E s system. SCE did not lose any firm load during the Event. NERC and FERC staff determined that SCE failed to adequately study and coordinate the intertie separation scheme at the San Onofre switchyard with protection systems. SCE agreed to mitigation measures addressing reliability issues identified as a result of the Event and also agreed to a civil penalty of $650,000, which included $400,000 in reliability enhancements. Western Area Power Administration Desert Southwest Following the loss of H-NG, Western Area Power Administration Desert Southwest (Western-DSW) experienced significant voltage depression on its 161 kv system. During the Event, Western-DSW needed another entity to shed load in order to mitigate against its declining voltage. Western-DSW lost 74 MW of firm load that impacted five customers. NERC and FERC staff determined that Western-DSW did not operate its 161 kv system within the established voltage SOLs following a single contingency, nor did Western-DSW operate its system to prevent lowvoltage conditions and resulting loss of load following a single contingency. Western-DSW agreed to mitigation measures addressing reliability issues identified as a result of the Event. 10

17 Significant 2014 Projects California Independent System Operator While monitoring the Path 44 rating, California Independent System Operator (CAISO) did not monitor the intertie separation scheme, which had a higher threshold than the path operating limit, and did not attempt corrective action specifically to avert the operation of the intertie separation scheme. NERC and FERC staff determined that CAISO failed to monitor the flow on Path 44 and to follow the established SOL methodology when setting the SOL for Path 44. CAISO agreed to mitigation measures addressing reliability issues identified as a result of the Event and also agreed to a civil penalty of $6,000,000, which included $4,000,000 in reliability enhancements. Western Electricity Coordinating Council and Peak Reliability At the time of the event, WECC as a Reliability Coordinator was responsible for maintaining a wide-area view of the Western Interconnection, which extends from Canada to Mexico, and includes all or part of 13 states and a population of 78 million. NERC and FERC staff concluded that WECC failed to identify and prevent violations of SOLs and Interconnection Reliability Operating Limits; was unaware of the impact of protection systems, including the S-Line remedial action scheme and separation scheme at the San Onofre switchyard; and used an inadequate SOL methodology that exposed its area to cascading outages. WECC and Peak Reliability, WECC s successor as Reliability Coordinator, stipulated to the facts in the agreement, and WECC agreed to pay the $16,000,000 civil penalty, of which $3,000,000 will be split evenly between the U.S. Treasury and NERC, and $13 million will be invested in reliability enhancement measures that go above and beyond mitigation of the violations and the requirements of the Reliability Standards. WECC and Peak Reliability also agreed to mitigation and reliability activities and to submit to compliance monitoring. 11

18 ERO Enterprise CMEP Activities 2014 ERO Enterprise CMEP Implementation Plan The ERO Enterprise used risk-based processes and procedures that were in effect during 2014 while recognizing that 2014 was a transition year for risk-based CMEP activities. There were some significant changes from the 2013 to the 2014 CMEP Implementation Plan, including: A single, consolidated ERO CMEP Implementation Plan with regional implementation appendices, A regional Implementation Plan template, An actively monitored list (AML) without a tiered approach for compliance monitoring, and An increased emphasis on regional reliability. The Regional Entity Implementation Plans, found in Appendices 1A 1H of the 2014 ERO Enterprise CMEP Implementation Plan, 11 described existing Region-specific processes that will also evolve as the ERO Enterprise proceeds with risk-based activities. The 2014 AML of Reliability Standards contained 53 Reliability Standards monitored through compliance audits, spot checks, and self-certifications. Regional Entity Compliance Monitoring Through 2015, NERC and the Regional Entities continue to track how a registered entity s IRA and ICE affect that entity s compliance oversight plan and whether an IRA or ICE leads to a modification of a regional audit schedule or determination of an alternate monitoring method. For example, at the end of Q1 2015, Regional Entities completed IRAs for 118 entities scheduled for a 2015 audit. As a result of the IRAs, 23 registered entities were removed from the audit schedule and 22 registered entities were required to make self-certifications as the appropriate monitoring method for the year. For 2014, Regional Entities performed compliance monitoring activities using various methods outlined in the CMEP and according to their 2015 Annual CMEP Implementation Plans. Figure 8 illustrates the total number of compliance activities involving compliance audits and spot checks NERC 2014 ERO Enterprise CMEP Annual Report August

19 ERO Enterprise CMEP Activities Figure 8: Total number of compliance monitoring activities across ERO Enterprise Figures 9 and 10 further break down the total number of compliance monitoring activities for O&P and CIP NERC Reliability Standards by compliance audits, both on-site and off-site, and spot checks performed by each Regional Entity FRCC MRO NPCC RF SERC SPP RE TRE WECC Off-site On-site Spot Check Figure 9: 2014 compliance monitoring of O&P NERC Reliability Standards FRCC MRO NPCC RF SERC SPP RE TRE WECC Off-site On-site Spot Check Figure 10: 2014 compliance monitoring of CIP NERC Reliability Standards 13

20 Percent satisfaction ERO Enterprise CMEP Training, Education, and Outreach ERO Enterprise Training on Major Initiatives At the start of the ERO Enterprise s implementation of risk-based compliance monitoring activities, a NERC and Regional Entity training team developed and conducted initial training for ERO Enterprise staff on the implementation of the IRA and ICE guides. To ensure consistency in training and approach, there was a core NERCled training team composed of staff from NERC Compliance Assurance and Enforcement groups and Regional Entities. The training team was responsible for identifying learning objectives and developing education and activity materials for scheduled training sessions. The initial training for IRA and ICE concepts involved focusing first on those Regional Entity staff whose roles involved IRA and ICE performance, and then on all ERO Enterprise staff. The training included foundational and applied concepts by using real-life scenarios and examples. Training in 2015 will go into further depth with both IRA and ICE concepts. The Regional Entities had 100 percent participation at the training events. In addition to the ERO Enterprise staff who attended in-person training sessions for IRA and ICE and webinars for CEA staff not performing IRA and ICE processes, three FERC staff members from the Office of Electric Reliability and Office of Enforcement attended the in-person training sessions. The purpose of FERC staff attendance was for them to understand NERC s training and education activities and overall implementation efforts for risk-based compliance monitoring. Following each of the training sessions, the training team distributed a survey to obtain information on the general satisfaction, delivery method, content, and overall value participants felt they gained from the sessions. Figure 11 illustrates the overall satisfaction rates for each of the training sessions. As shown, there was a continued increase in the overall satisfaction after each training session was completed, revised, and improved. 60% 53.3% 50% 40% 30% 33.3% 44.4% 40.0% 20% 10% 0% 6.7% 11.1% 11.1% 5. Very Satisfied 4. Satisfied 3. Somewhat Satisfied In-person Training for IRA and ICE Performers 0.0% 0.0% 2. Not Satisfied 1. Not Applicable Education Webinars for CEA Staff Figure 11: Regional Entity participant satisfaction with content and delivery NERC 2014 ERO Enterprise CMEP Annual Report August

21 ERO Enterprise CMEP Training, Education, and Outreach Industry Stakeholder Outreach Regional Entities conducted outreach activities for industry stakeholders that covered a wide range of topics and vehicles for information delivery. Throughout 2014, topics included general CMEP information on compliance audits and other discovery methods. Topics also included NERC Reliability Standards and technical components that focused on areas like physical security, CIP Version 5 transition, and the BES definition. Further, the Regional Entities conducted outreach heavily focused on the implementation of risk-based compliance and enforcement. Regional Entities delivered outreach through face-to-face workshops, webinars, and monthly calls. Overall, the activities were well received by the industry, but there is a recognized need for continued outreach and education for the ERO Enterprise s ongoing initiatives like CIP Version 5 and the risk-based CMEP. In total, the Regional Entities held over 20 compliance workshops for industry stakeholders throughout the ERO Enterprise in 2014 (see Figure 12). Regional Entities also hosted compliance workshops, traditionally held twice a year, to communicate and provide information on ERO Enterprise and Regional Entity compliance activities. Not represented in the chart below are the additional meetings and events hosted by the Regional Entities that may have been focused on a single subject area and separate from the Regional Entity compliance workshops FRCC MRO NPCC RF SERC SPPRE TRE WECC Number of workshops conducted Figure 12: 2014 industry stakeholder workshops Throughout 2015, Regional Entities will continue to conduct webinars, workshops, and other outreach events to address industry s questions and concerns, including concerns with risk-based compliance monitoring and enforcement. Figure 13 is a summary of outreach events conducted by Regional Entities in the first half of Due to scheduling of reoccurring outreach events, like Regional Entity compliance workshops and compliance user group meetings, some Regional Entities may not have had events during a specific quarter. 15

22 Total Events ERO Enterprise CMEP Training, Education, and Outreach FRCC MRO NPCC RF SERC SPP Texas RE WECC Regional Entity Hosting Event Q2 Q1 Figure 13: Regional industry outreach events for risk-based compliance monitoring Guidance Documents In addition to the guidance documents discussed elsewhere in this report, the ERO Enterprise developed user guides to provide information and advice for registered entities to use when reporting instances of noncompliance to a CEA. Specifically, the ERO Enterprise developed an ERO Mitigation Plan Guide and a companion ERO Self- Report User Guide. ERO Mitigation Plan Guide The ability of a CEA to arrive at a final determination for all noncompliance of standards in an efficient manner is in part dependent on the quality of the information it has about the noncompliance and related mitigation. Therefore, the ERO Enterprise developed an ERO Mitigation Plan Guide to describe the type and quality of information that must be submitted to allow for a prompt evaluation. While the benefits of more thorough and timely mitigation plans being submitted to Regional Entities include faster determination of how an issue of noncompliance should be processed and faster processing times, the plan is also important for the registered entity to perform the actions necessary to correct the issue to protect the reliability of BPS. Therefore, the guide aids the registered entity in developing a plan that will not only identify and correct the original possible noncompliance, but will also include steps to prevent future occurrence of similar issues. The guide supplements information provided in the NERC CMEP by providing further guidance on what should be included in a mitigation plan. ERO Self-Report User Guide The Self Report User Guide provides guidance to assist registered entities with the submission of self reports. The guide is intended to enhance the registered entities understanding of the information necessary for NERC and the Regional Entities to provide efficient and timely resolution of potential noncompliance. In evaluating a selfreport, CEAs consider the individual facts and circumstances surrounding each instance of noncompliance. Therefore, as explained in the guide, a quality self report consists not only of identifying the Reliability Standard and requirement at issue, but also providing enough description to enable the CEA to understand the nature, cause, and duration of the potential noncompliance. The guide also describes guidelines to help registered entities 16

23 ERO Enterprise CMEP Training, Education, and Outreach assess the risk to the reliability of the BPS posed by noncompliance with a Reliability Standard. The guide does not to establish a rigid set of criteria; rather, it defines certain principles to use when assessing risk associated with a particular instance of noncompliance. 17

24 Coordinated Management Oversight As the ERO, NERC has the oversight authority, responsibility, and obligation to monitor a Regional Entity s adherence to the NERC RoP, specifically the CMEP, and performance of delegated responsibilities. NERC s oversight activities are also guided by the objectives outlined in the ERO Enterprise Strategic Plan. In particular, in the ERO Enterprise Strategic Plan, 12 strategic goal 2 provides that the ERO Enterprise shall: Be a strong enforcement authority that is independent, without conflict of interest, objective, and fair, and promote a culture of reliability excellence through risk-informed compliance monitoring and enforcement. The ERO retains and refines its ability to use standards enforcement when warranted and imposes penalties and sanctions commensurate with risk. NERC oversight of the Regional Entity programs includes the review of the processes, supporting evidence, and other information provided by the Regional Entities over the course of focused engagements of individual program areas. NERC communicates the recommendations and findings to the Regional Entities to help the ERO Enterprise develop responsive strategies and solutions to potential issues and ensure uniform and consistent implementation of the CMEP. Data Flow/Metrics NERC monitors a number of indicators associated with ERO Enterprise performance. NERC analyzes compliance and enforcement data to assist with the monitoring of CMEP processes and to help identify trends that may affect BPS reliability. For example, analysis of new and repeat noncompliance helps identify significant and emerging risks that may adversely affect BPS reliability. Performance indices are also computed on a regular basis to quantify the performance of the Regional Entities and NERC in processing violations and mitigation plans, as well as to provide insight in determining the effectiveness of regional programs and the adequacy of Regional Entity and NERC resources. Monitoring Activities NERC has an annual review and evaluation program through which it oversees specific CMEP-related processes. As a result of the review, NERC provided feedback to the Regional Entities on opportunities to enhance consistency and effectiveness of processes in order to be in compliance with the CMEP. In 2013 and 2014, NERC conducted reviews of the dismissal process, settlement agreements, the FFT process, and mitigation plans. In addition, during NERC collaborated with the Regional Entities to review risk-based pilot programs and design a consistent risk-based framework for compliance monitoring and enforcement. As of 2015, NERC performs an evaluation of new risk-based enforcement processes. Specifically, NERC evaluates each Regional Entity s implementation of the self-logging and compliance exception programs to ensure they align with the self-logging program document and the compliance exception program document, respectively. Further, in 2015 and beyond, Regional Entity processes for dismissals and FFT issues will continue to be reviewed annually. The FFT program is also subject to an annual review by FERC. NERC works with FERC staff to coordinate these reviews and to minimize duplication by considering the same or a similar set of FFTs as part of the sample. 12 ERO Enterprise Strategic Plan as approved by the NERC board in February 2014 and posted on the NERC website at: an%202014%e2%80% pdf. NERC 2014 ERO Enterprise CMEP Annual Report August