Internal Compliance Assessment John Babik - JEA FRCC Spring Workshop April 8-10, 2014

Transcription

1 Internal Assessment John Babik - JEA FRCC Spring Workshop April 8-10,

2 Agenda Electric System Financial Results culture of reliability excellence Internal Program Elements of Program Process Report Examples Follow up Actions Questions 2

3 Internal Program culture of reliability excellence Elements of JEA s Program Leadership Organization Structure Participation in Industry Efforts Training & Communication Monitoring & Metrics Internal Controls 3

4 Elements of Program Leadership Organization Structure Industry Efforts Training & Communication Monitoring & Metrics Internal Controls 4

5 Elements of Program Leadership Organization Structure Industry Efforts Training & Communication Monitoring & Metrics Internal Controls Accountability & Responsibility: Departments Develop, maintain & communicate JEA s Internal Program Conduct formal & informal internal Reliability Standards assessments Develop and maintain compliance training program Review NERC Alerts; ensure appropriate action is taken Monitor national and regional standards development; communicate and seek input from Standard Owners as applicable Lead investigation of potential violations; analyze & report Internal Assessment to Region Provide NERC subject matter expertise to resolve questions, facilitate communications with NERC/FRCC staff and provide guidance on Standards 5

6 Why? FERC and NERC encourage registered entities to conduct selfassessments and that self-reporting of potential violations discovered during such self-assessments is strongly encouraged The process compliments the NERC Event Analysis process for events that impact or have the potential to impact the BES JEA s policy encourages employees to report any concerns of a possible compliance violation Many of the approved standards requirements are not clearly defined and therefore open to different approaches for compliance It is important to have an established process to determine whether a potential compliance violation is truly a compliance violation requiring a self-report An Internal Assessment is used: Create and manage the lessons learned process Corrective Action and Performance Measure 6

7 Open Process A successful NERC event analysis process is dependent on the collaboration of many internal groups working together A collaboration and an open engagement between NERC, the Regions and registered entities is critical to identify root causes and factors that drive events on the BES All reported BES events will always be informally scrutinized for compliance by regulators and peers (second guessing) Sharing with regulators greatly improves efficiency Jump-starts the process Avoids answering multiple, randomly ordered questions Provides all the relevant information at one time (whole picture) The report Narrative is the starting point 7

8 C l o s e O u t P r o c e s s I n t e r n a l R e v i e w F o r N E R C C o m p l i a n c e S t a n d a r d s Electric System Financial Results JEA s is well documented in Procedure EC Handling Potential NERC Reliability Standard Violations Investigation Process (Appendix B EC ) JEA Employee, Customer, Member of Community or Other Individual Department Standard Owners (SO) Chief Electric Officer (CECO) department notified of possible compliance issue Is event impacting reliability? Yes Resolve impact to reliability No Log the Event Notification on department shared directory Other Record(s) Preliminary Review Issue No B Yes A Notify Standard Owner, JEA NERC Officer, CECO Personnel performance issue? Other Record(s) CAN s & RFI s Standards Schedule Investigation Gather Background Info Yes ES A0202 LR 606 Guidelines for Disciplinary Action No Investigation Draft Report Review and Finalize Report Review Internal Assessment Report with CECO, (Counsel if Necessary) Self Report? No B Yes Notify CIP Steering/ Electric Committee Yes Notify Electric Risk Committee (ECRC) C Investigation process complete Update compliance metrics Save report and evidence to Investigations folder on shared directory B Investigation Report 8

9 Process Steps: Notification of an event or a receipt of complaint/issues Review initial action Prepare Report Follow up actions 9

10 The Director will initiate a Investigation Process when one of the following events are initiated: JEA customer reports a complaint related to a potential NERC Electric Reliability compliance violation JEA employee reports that a potential NERC Electric Reliability compliance violation may have occurred The Director suspects that a potential NERC Electric Reliability compliance violation may have occurred NERC Event Brief Analysis report is submitted to the RE An event report is submitted to NERC, DOE or the RE 10

11 Review Initial Action Start with Event report (if available) Impact on BES Impacted standards and requirements Evaluation template IRAC from Regional Entities Schedule interviews if necessary 11

12 Report Template Electric System Financial Results Report Report 1. P urpose 2. References 3. Background 4. Glossary of Terms 5. Description of the Event 6. System Impact 7. Conclusion 8. Assessment review 9. Assessment Summary NERC Std./ Req. Relevant Requirement Details of Assessment Effort (Criteria Assessed) Gaps/Issues Identified Considerations/Process Improvements 10. Next Steps 12

13 Report (Example 1) NERC Std./ Req. TOP R4 Relevant Requirement The TOP enters an unknown operating state and shall restore operations within 30 minutes. Details of Assessment Effort (Criteria Assessed) The TOP loses partial visibility, control and monitoring of the BES. The TOP s situational awareness tools were functional and were calculating ACE and monitoring generation, tie flows, and frequency. The TOP also contacted the RC, neighboring BA s, TOP s and the Florida Reserves Sharing Group Coordinator to notify them that the EMS is down and they need to monitor adjacent facilities and tie lines. Support staff was contacted to troubleshoot the issue. The last contingency analysis run was clear, load was dropping and generation was manually lowered to manage ACE. Thus, the TOP believed it had N-1 coverage during the period. Gaps/Issues Identified No finding of noncompliance The Department verified that all emergency procedures were followed and at no time did the TOP experienced an unknown operating state Considerations/ Process Improvements No compliance process improvements were identified. 13

14 Report (Example 2) NERC Std./ Req. CIP-008, R1 Relevant Requirement CIP-008 requires the entity to document a process for identifying, classifying, responding and reporting cyber security incidents as outlined in CIP-008, R1. Further the Requirement 2 requires that the entity review and tests this procedure at least annually. Details of Assessment Effort (Criteria Assessed) The entity s support staff was contacted by the System Operator to troubleshoot the issue. The support staff was the first responders and was able to promptly escalate the issue to the Network SME using NOC services. However, due to other ongoing network related repairs, the network SME made incorrect conclusions which resulted in delayed response. The network SME followed the entity s Cyber Incident Response Procedure. All appropriate staffs were contacted in a timely manner and incident was escalated. Gaps/Issues Identified No finding of noncompliance CIP staff reviewed the handling of the incident and all related documentation was assessed including the Cyber Incident Response Procedure and Incident Response test plan. All the documentation demonstrated that network SME followed the procedure and completed the necessary steps for complying with CIP_008, R1 and R2 Considerations/ Process Improvements CIP compliance has identified that the network SME made assumptions prior to assessing situation. CIP will conduct a mandatory review of the incident and a follow-up training to ensure that SMEs gather required information before making conclusions. Training will also include discussions on NERC Event categories and thresholds. 14

15 Elements of Program Follow up Actions: Submit the Report to FRCC Submit self report to FRCC, if appropriate Event warrants internal disciplinary action? Initiate mitigation plans and corrective actions Review ICP process; make changes to prevent reoccurrence Provide additional training if required Draft lessons learned document and communicate 15

16 Questions? John Babik (904)