NERC regulatory compliance program: where to start?

Do your assets include aggregated power generation above 75 MVA, do they provide transmission services at 100 kV or more, or are they equipped with special protection systems? If so, they are considered to be part of the BES and must comply with NERC’s reliability operations and planning standards (OPS) and those for critical infrastructure protection (CIP) cybersecurity standards. NERC’s OPS are grouped in categories that include communications (COM), facilities design, connections and maintenance (FAC), modelling, data and analysis (MOD) and protection and control (PRC).

It also means that you must work with the Electric Reliability Organization (ERO) and one of its NERC regional agencies, as illustrated below. The ERO/NERC is responsible for developing and enforcing reliability standards.

In Canada, provincial energy ministries, through their respective utility commissions or energy boards, in conjunction with the respective NERC regional entities, have established compliance monitoring and enforcement programs (CMEP) for the NERC reliability standards.

Establishing your compliance program

The first essential step is to establish integrated NERC Regulatory Compliance Program documentation for your NERC standards (as per leading compliance program structures) to fulfill your regulatory compliance obligations.

Tip: Do not underestimate the importance of and the effort required to establish integrated NERC Regulatory Compliance Program documentation and the tools and process needed to support and facilitate its execution

A NERC/regional compliance audit always begins with reviewing the completeness and effectiveness of the compliance program documentation, followed by reviewing evidence and records on the effective execution of required compliance tasks.

Subject matter experts can provide the guidance and resources needed to establish, review and enhance your NERC compliance program documentation, as per leading compliance program practices.

Sustaining your NERC regulatory compliance

Establishing a NERC Regulatory Compliance Program takes time, whereas sustaining your obligations is a daily and continuous challenge.

NERC Regulatory Compliance Program sustainment activities are periodic or event-driven processes and activities that demonstrate you are effectively meeting obligations. Responsibilities in carrying out these activities are assigned in your organization to technical experts, those responsible for compliance and those responsible for compliance processes. Compliance program sustainment activities include:

• Periodic reviews and updates to compliance program documentation to reflect any changes to reliability standards or changes to your entity’s governance (roles and responsibilities) and execution processes
• Effective management for planning and executing compliance sustainment activities
• Capture and management of compliance evidence records
• Planning and execution of technical activities
• Provisioning the tools/equipment and resources to execute the required compliance testing and validation process.

Engaging regulatory and technical experts

External technical and regulatory resources are often needed to support internal resources in carrying out more technically demanding compliance maintenance activities. Here are some examples of technical expertise BBA offers for compliance maintenance:

• Audit readiness assessment and support
• Compliance management tools deployment, compliance evidence, data gathering and reporting
• Cybersecurity program compliance, vulnerability assessments and cyber incident response tests/drills
• Review and validation of protection system settings with regard to compliance requirements and system limitations
• Protection system maintenance planning and execution
• Facility modelling and operation limits
• Generator testing and model validation

Engaging experts provides you with the required support and confidence in sustaining your compliance obligations. Our experts will also keep you up-to-date on the latest development on reliability standards and upcoming industry changes.

Going further

To learn more about the NERC Regulatory Compliance Programs and support for compliance sustainment services, please feel free to contact one of our experts today and follow BBA for more NERC guidance!