Regulatory & Compliance Qualifications. Qualifications
|
|
- Millicent Rodgers
- 8 years ago
- Views:
Transcription
1 Prepared by: Contact: Quanta Technology, LLC Bryan Rushing 4020 Westchase Blvd., Suite 300 Raleigh, NC (919) office (636) cell
2 CONFIDENTIAL/PROPRIETARY: This document contains trade secrets and/or proprietary, commercial or financial information not generally available to the public. It is considered privileged and proprietary to the Offeror, and is submitted by Quanta Technology LLC in confidence with the understanding that its contents are specifically exempted from disclosure under the Freedom of Information Act [5 USC Section 552 (b) (4)] and shall not be disclosed by the recipient [whether it be Government (local, state, federal, or foreign), private industry or non-profit organization] and shall not be duplicated, used or disclosed, in whole or in part, for any purpose except to the extent in which portions of the information contained in this document are required to permit evaluation of this document, without the expressed written consent of the Offeror. If a contract is awarded to this Offeror as a result of, or in connection with, the submission of this data, the right to duplicate, use or disclose the data is granted to the extent provided in the contract. 2
3 Executive Summary Quanta Technology is pleased to offer these qualifications and reference projects in the area of operational and programmatic compliance with both national and regional reliability standards. Quanta Technology embraces the philosophy of sustainability and reliability, and commits to plan and implement projects using technology and practices that are progressive, renewable and cost effective. This document contains a summary of the Quanta Technology, LLC ("Quanta Technology") qualifications to assist electric utilities, energy companies and reliability organizations with issues related to Regulatory Services, including NERC Electric Reliability Organization ("ERO") and Regional Reliability Organization ("RRO") Compliance Services. This document includes information about our key personnel credentials and a summary of related projects previously performed by the Quanta Technology staff. Quanta Technology is a subsidiary of Quanta Services, Inc., an S&P 500 member company. Our experts have worked closely with every major utility in North America and many around the world. The breadth and depth of our technical knowledge, coupled with an intimate understanding of business drivers, allows our engagement teams to consistently identify ways to reduce cost, improve reliability and better manage risk throughout organizations. Our experts at Quanta Technology have considerable experience related to infrastructure planning, engineering and construction, and the impact these have on an organization's business. 3
4 NERC as the ERO With the passage of the Energy Policy Act of 2005, an Electric Reliability Organization (ERO) was created to develop and enforce compliance with mandatory reliability standards in the U.S. under the jurisdiction of the Federal Energy Regulatory Commission (FERC). This non-governmental, "self-regulatory organization" was created in recognition of the interconnected and international nature of the bulk power grid. In 2006, the North American Electric Reliability Corporation (NERC) applied for, and was granted, this designation. NERC delegates much of the monitoring and enforcement authority to the eight Regional Entities through FERC approved delegation agreements. Today, NERC's reliability standards are mandatory and enforceable in the United States and in several provinces in Canada. Entities in the U.S. found to be in violation of a standard can be subject to fines of up to $1 million per day, per violation. In Canada the penalties depend on the provincial regulations in place. All bulk power system owners, operators and users must comply with approved NERC reliability standards. Those portions of the NERC Rules of Procedure approved by FERC and Canadian regulators also apply to bulk power system owners, operators and users. These entities are required by the Energy Policy Act of 2005 and FERC regulations to register with NERC through the appropriate Regional Entity. Should the entity fail to register, NERC or its Regional Entity may dictate and include the entity in the compliance registry. NERC generally relies on the Regional Entities to monitor compliance and enforce the NERC standards with bulk power system owners, operators and users through approved delegation agreements. Regional Entities are responsible for monitoring compliance of the registered entities within their regional boundaries, assuring mitigation of all violations of approved reliability standards, and assessing penalties and sanctions for failure to comply. The Quanta Technology staff has been assisting utilities and generation companies with all aspects of compliance with the more than 100 NERC reliability standards and myriad of 1500 requirements, from program design to audit preparations. Quanta Technology also assists companies with compliance with the Critical Infrastructure Standards (CIP) adopted by NERC and approved by FERC. Quanta Technology Service Offerings Our team is comprised of industry experts with extensive utility and energy industry experience. We have a strong customer focus to ensure that our clients' objectives are fully and effectively met. Our service offerings are flexible so that they can be tailored to meet specific client objectives. Quanta Technology typically provides regulatory and compliance services to utilities, independent power producers and any registered NERC entity. Quite often our services are delivered to clients via their designated law firms in the form of specific technical expertise. Where Quanta Technology can provide constructive industry value, we may also provide services to regulatory and standard developing bodies. Perhaps, one of the most compelling values we bring to compliance matters is the capability of helping clients to resolve any variance in a manner that minimizes risk of an expensive and negative publicity from an undesirable settlement. 4
5 Compliance with the NERC Reliability Standards Corporate ERO Compliance Program Structure and Design Establishing an effective Corporate Compliance Program requires having a program that is auditable, manageable, sustainable, cost effective and traceable. We have the ability to help define our clients Corporate Policy Statements, Corporate Procedures, Corporate Process level design, IT and document platforms, Training and Communication Plans. Process Design Specific communications, duties, data sharing, recording keeping and so on are now required on specific timelines by ERO. Well-designed processes ensure employees know exactly what they should do to achieve compliance. We will assess existing processes, suggest changes and help implement changes to ensure compliance. Documentation Development To achieve auditable compliance, clear and concise documentation needs to be developed. We can develop easily understood, logically organized and accessible documentation for use by operators, engineers and planners. Corporate Program Audit Our corporate program audits are designed around the tests identified in the FERC Policy Statement on enforcement and in the NERC Reliability Assurance Initiative (RAI). We evaluate the appropriateness, comprehensiveness and effectiveness of organization s ERO Compliance Program. Our experts perform a gap analysis of program attributes against appropriate benchmarks (i.e., good utility practices, industry best practices). Commissioning Before a new element of the Bulk Electric System is placed into service, all reliability related compliance issues should be resolved and the Internal Compliance Program in place. Examples include new power plants, wind farms, control centers, etc. Our team will help coordinate the applicable testing, training, and documentation in order to demonstrate compliance on day one of operation and help establish the programs necessary to maintain compliance with the NERC Reliability Standards. Gap Analysis & Compliance Roadmap Our team of experts will assess a client s compliance program, processes, documentation and training to determine if gaps exist in achieving auditable compliance with the ERO Standards and Alerts, such as the Aurora security threat, and other focused requirements, such as updating transmission line rating records. We will then create, document and help implement (if desired) a roadmap to compliance. Engineering & Field Labor Assistance Quanta Technology can draw upon an extensive pool of engineering and field labor resources to assist in gathering and reporting asset "as is" condition information to support the assessment of assets required to be reported by NERC. Examples are Quanta Technology can mobilize and provide field personnel to assess condition of tower structures and associated power equipment, and we can mobilize energized transmission maintenance crews to gather line rating data without the delays for obtaining scheduled line outages to conduct work de-energized. Critical Infrastructure Protection (CIP) Critical Infrastructure Identification The CIP-002 standard currently requires registered entities to identify critical assets using a Risk-Based Assessment as a precursor to identifying critical cyber security assets. However, this standard does not specify a methodology. We can help our clients understand, select and implement the most effective method available for this effort. The recently approved CIP version 5 set of standards contains High, Medium and Low Impact categories that will include assets that may have previously not been included in a Risk-Based Assessment. 5
6 Audit Preparedness Practice Audit Quanta Technology will perform an on-site comprehensive review and assessment of a client s compliance program, processes, documentation and procedures. This effort is designed to emulate a NERC on-site audit and will identify areas for attention. Our team can also perform a simplified one or two day off-site review. This service is designed to assess the design of a client s compliance program and perform spot audits for compliance with randomly selected standards. Due Diligence Review of Self-Audits Self-audits are part of the NERC Enforcement and Compliance Program. However, self-audits inherently introduce a bias. Quanta Technology can perform an independent review of the self-audit as a helpful check on a client s self-assessment. Remediation Assistance Quanta Technology can help focus a client's remediation efforts to effectively address the audit team's concerns, including assistance for preparing remediation or mitigation plans that will meet the regulatory requirements. Additional Regulatory Support Services Event Analysis and Investigation Quanta Technology possesses subject matter experts in all areas of power system planning, design, operations, cyber security and critical infrastructure protection. This expertise and the first-hand knowledge of NERC s event analysis processes and the NERC and FERC compliance investigative processes, provides a unique perspective to assist with a company s self-analysis and investigation. NERC and FERC have expressed their view that those responsible for the planning, design and operation of the bulk power system have the responsibility to conduct such analyses and investigations. While NERC and/or FERC may conduct their own analysis and investigation, Quanta Technology can assist with preparation and support of such an analysis and investigation. Settlement Development and Risk Mitigation Settlement of reliability standards variances is often the most effective way to bring closure to the issue with a Regional Entity, NERC and FERC. Settlements can be structured to address the issues while neither admitting nor denying if a violation existed. Quanta Technology staff has extensive experience with the development of settlement agreements and navigating the settlement processes. Expert Witness and Testimony Quanta Technology's senior staff have provided expert testimony in numerous state and federal jurisdictions and can provide this service should it be required. Expert testimony can be required in hearings related to reliability standard compliance, certification of power system facilities, rate cases and investigation of system events. Due Diligence Reviews Quanta Technology has assisted a number of clients conduct due diligence reviews related to asset acquisition for compliance with the NERC reliability standards. This work provides the client with a clear understanding of the compliance risk prior to acquisition. Training On-site training is available on any of the NERC Reliability Standards and compliance program implementation. We can tailor the material to focus on any entity identified in the NERC Reliability Standards. 6
7 Selected Regulatory Project Experience The following is a list of selected regulatory compliance projects for which the Quanta Technology staff has assisted clients in recent years. Some projects were performed prior to the staff members joining Quanta Technology. More detailed descriptions and references are available upon request. NERC Compliance Organizational Design, Major Northeastern Utility Quanta Technology performed a compliance related staffing assessment for a major northeastern utility. Quanta Technology defined how the recommended new positions fit into the organization, identified the critical nature of the duties, and document the new positions task relationships to other positions within the organization. We also identified the critical work functions and the specific job responsibilities that supported each work function document. In addition, Quanta Technology also estimated the percentage of time allocated to each critical work function and specific job responsibilities for the new positions. Quanta Technology also developed job descriptions and the org chart for these positions. The project was based on early work documenting the compliance duty impacts on existing staff. The project also relied on additional interviews and data collection to supplement the earlier work. NERC Compliance Staff Assessment, Major Northeastern Utility The client desired an independent staff assessment to determine of the current and future staffing levels (based on forthcoming NERC standards) and distribution of duties relative to reliability standard compliance was adequate or optimal. Quanta Technology conducted staff interviews and administered an electronic survey to gain insight from current staff on the staffing level and distribution of duties. Compliance Program Review, Major Midwest Utility Quanta Technology performed a review of the documented Internal Compliance Program documentation in order to assess the effectiveness of the program relative to FERC guidance, change management mechanisms, training, and the attributes of the NERC Reliability Assurance Initiative. Compliance Program Plan, Major Eastern Utility Quanta Technology drafted a comprehensive compliance program plan to coordinate functions between operations and corporate compliance departments, facilitate change management, coordinate periodic self-reviews, and manage audit, self-reports and mitigation plans as may be required. Pre-Audit Support, ERCOT Transmission Owner Quanta Technology reviewed and streamlined applicable standards to assist the Transmission Owner (TO) prepare for ERCOT s audit in An assessment and review was done on the identified standards. Any identified gaps in evidence were closed by recommending mitigation strategies. Pre-Audit Review, Midwestern Utility Quanta Technology reviewed and commented upon the evidence set assembled for PRC-001, PRC-004, PRC-005, PRC-008 and VAR-002 for a Distribution Provider and a Generator Operator in the upper Midwest. Feedback was also provided on RSAW language in anticipation of a spring 2010 audit by RFC. NPCC Pre-Audit Assessment, Northeast Utility Generation Plants in NPCC Quanta Technology reviewed the organization s power plants within NPCC for compliance status as relates to all the applicable standards. The objective involved reviewing organization compliance program and developing mitigation actions as necessary. This included establishing goals for the audit team, identifying internal knowledge gaps on compliance, developing a training program to close those gaps and identifying all applicable standards. 7
8 Pre-Audit of Generation Plants within NPCC Quanta Technology simulated a pre-audit for the client with respect to its applicable Power Plants within the NPCC footprint. Quanta Technology reviewed compliance status of all applicable standards using the applicable NERC RSAWS. Developed mitigation actions as necessary before notice of table top audit was sent. Helped executives understand financial exposures and performed remediation to mitigate risks to the non-compliance gaps that were identified and developed a comprehensive compliance report summarizing compliance gaps and suggested mitigation actions. Critical Assessment Support in New England Quanta Technology reviewed relevant documents related to critical infrastructure in the northeast. Performed a survey of critical infrastructure assessment methodologies from peer organizations to evaluate how black-start capability is treated with respect to a Critical Infrastructure designation. Critical Cyber Asset Risk Based Assessment Quanta Technology has performed Risk Based Assessments for critical cyber asset identification for several clients since the approval of Version 3 of the CIP standards. These assessments included both flow based analysis for generator operational criticality and onsite inspections of cyber related equipment within the Electronic Security Perimeter (ESP). Critical Infrastructure Protection Mock Audit for Compliance, major Midwest Utility Quanta Technology performed a mock audit of evidence for compliance with the CIP standards. The project included identification of applicable requirements, assistance with completing the Reliability Standard Audit Worksheets (RSAWs), off site review of evidence and accompanying data requests for supplemental evidence, Subject Matter Expert interviews, guidance on audit and evidence strategy, and a final report with recommendations for improvement. Critical Infrastructure Protection, Identification of High, Medium and Low Impact Assets, Major Northeast Utility Quanta Technology executed a field review of transmission, generation and substation sites to assess and catalogue High, Medium and Low Impact cyber systems. This project was in preparation of the enforcement of the Version 5 CIP standards. NERC Standards Program Design, Utility in Northeast Quanta Technology designed and prepared a written manual of an Electric Reliability Organization ( ERO ) Compliance Program for the Utility. Quanta Technology reviewed the Utility s current processes and procedures with respect to applicable ERO. Identified any additional recommended processes and procedures to include in a corporate ERO compliance program and provided a written ERO Compliance Manual describing necessary policy, processes and procedures necessary to manage ERO compliance activities within the Utility from Executive Oversight and Legal, the Utility Compliance Program Manager to the applicable line organizations. System Restoration Plan, Utility in Northeast Quanta Technology assessed the initial cranking paths used to perform a bottom-up system restoration approach as required by NERC EOP-005 and the PJM M36 System Restoration Manual. Project included a regulatory assessment of requirements governing black start restoration processes, identified appropriate black start resources, identified initial cranking paths, performed EMTP and PSS/E transient studies to ensure the adequate performance of these paths, identified necessary steps to satisfy the restoration time requirements established by PJM, provide switching sequences for incorporation into the BGE system restoration plan, and tested relay action during the restoration sequences. ERO Compliance Program Design, Midwestern Utility Reviewed attributes of client's ERO compliance program, compared these attributes to a benchmark of best practices, identified gaps and improvement opportunities. Findings and recommendations were documented for follow up by the client. 8
9 ERO Compliance Program Audit, Midwestern Utility Quanta Technology provided an audit of the ERO Compliance Program for a utility in the MRO Region. This audit assessed the "presence and quality" of the ERO compliance program, performed a gap analysis against a benchmark of best practice in the area of program design, and assessed staffing levels necessary to effectively & efficiently implement the Program. Compliance Support, Midwestern Utility Prepared a Corporate Compliance Manual to formalize and document the process used by organization staff to manage compliance activities throughout the organization. This manual was based upon the template manual and processes developed by Quanta Technology. Additionally, Quanta Technology reviewed changes created by the organizations staff in response to the practice audit findings. Quanta Technology also provided assistance in designing and documenting mitigation steps and improvement actions identified in practice audit findings. Quanta Technology additionally, provided SME expertise to the organization for additional benchmarking, process refinement for NERC standard interpretation in preparation for the organization s upcoming audit. ERCOT RRO Pre-Audit Assessment, Large Independent Power Producer Quanta Technology performed a pre-audit for IPP's power plants within West Texas. Quanta Technology reviewed compliance status of all applicable standards using the applicable NERC RSAWS. Developed mitigation actions as necessary before notice of table top audit was sent. Helped executives understand financial exposures and performed remediation to mitigate risks to the non-compliance gaps that were identified and developed a comprehensive compliance report summarizing compliance gaps and suggested mitigation actions. Critical Infrastructure Support, Confidential Client In this Project Quanta Technology studied the impact of losing key generation stations on the ERCOT system under both normal and contingency operating conditions. Several recommendations were given based on the study results. ERO Compliance Project, Large Independent Power Producer For this project, the Quanta Technology team performed an entity assessment of a large, international Independent Power Producer ("IPP") and developed compliance procedures which established internal processes, protocols and record keeping systems that were necessary to achieve auditable compliance with the applicable regulatory approved standards. Quanta Technology also performed on-site, pre-audit review of power plant compliance records, processes and procedures to identify gaps and remediation actions required to achieve compliance. 9
10 Key Personnel The individuals listed in this section represent expertise in every area covered by the ERO Standards developed and administered by NERC. Bryan Rushing, Senior Director Transmission & Regulatory Bryan Rushing has more than 14 years of progressive technical, operational, problem solving and commercial experience in the power supply industry. He is skilled in identifying transmission and generation development opportunities, technical and economic valuation, strategy formulation and plan implementation. Bryan is very familiar with the Midwest regional transmission organizations, as well as, NERC and FERC given his years of service with Ameren and LS Power. Bryan is a Member of the Institute of Electrical and Electronics Engineers (IEEE). Thomas J. Gentile, PE, Vice President Transmission Eastern Region Tom Gentile has over 30 years of experience and proven leadership with transmission and distribution system planning, analysis, engineering, program/project management, and interfacing with RTOs/ISOs and regulatory agencies. He is intimately familiar with the New England and New York power system infrastructure, the requirements of the New England and New York ISOs, and The New York State Reliability Council (NYSRC), as well as, NERC, NPCC, NEPOOL, and FERC via his many years of service with National Grid. Tom has honed his knowledge transfer skills by many years of teaching power system analysis and design at the university level. He is a Senior Member of Power Engineering Society of the Institute of Electrical and Electronics Engineers (IEEE) where he is Chair of IEEE-USA Energy Policy Committee. Mr. Gentile is a Registered Professional Engineer in the Commonwealth of Massachusetts. Eric Udren, Executive Advisor Mr. Udren has more than 39 years of experience in design and application of protective relaying, control, and communications systems. In 1990, with ABB, he led the design of the first interface of a microprocessor protective relay to an optical current sensor for TVA. In 1996, he joined Eaton Electrical (Cutler-Hammer) in Pittsburgh, where he served as Engineering Manager for relays and metering. In 2004, Mr. Udren joined KEMA (US) as Senior Principal Consultant where he developed the technical strategy for some of the most progressive utility LAN-based substation protection and control upgrading programs using IEC and other data communications, including technical design for utility enterprise integration of substation information. In 2008, Mr. Udren joined Quanta Technology, LLC of Raleigh, NC as Executive Advisor, developing substation protection and control upgrading strategies for major North American utilities, relay application research and design, and new data communications applications. Mr. Udren is a Fellow of IEEE, Member of the IEEE Power System Relaying Committee (PSRC), Chair of two Standards Working Groups, and Vice Chair of the Relaying Communications Subcommittee. On two occasions, in 2001 and 2006, he received the PSRC Distinguished Service Award. He serves as Technical Advisor to the US National Committee of IEC for TC 95, Measuring Relays. He also serves as a U.S. Delegate to IEC TC 57 Working Group 10 responsible for IEC Eric serves on the NERC System Protection and Control Subcommittee, and the NERC Protection System Maintenance Standard Drafting Team. He has written and presented over 60 technical papers and chapters of books on relaying topics, and has taught courses on protection, control, communications, and integration. He holds 8 patents on relaying and power-system communications. He received his BSEE from Michigan State University in 1969, MSEE degree from New Jersey Institute of Technology in 1981, and the Certificate of Post-Graduate Study from Cambridge University (UK) in In 1969 he joined the Westinghouse Relay Division, where he developed software for the world s first computer-based relaying system. From 1978 to 1986, he supervised relaying and control software development for the EPRI-sponsored first development of a LAN-based integrated EHV substation protection and control system. 10
11 Bobbi Welch, Principal Advisor, Transmission & Regulatory Bobbi Welch, Principal Advisor, Transmission & Regulatory, is a project manager with extensive experience in the energy industry spanning regulated and deregulated business environments, wholesale and retail markets, generation, transmission and distribution, with an emphasis in developing new business units, collaborative work teams and start-up operations. Strong background in project management, process improvement, operations management and regulatory policy/nerc compliance. While at American Transmission Company, Bobbi led the functional compliance areas for System Operations and Asset Management and developed the company s first Risk-Based Assessment Methodology (RBAM) and Transmission Emergency Response Plan (TERP). Her areas of expertise are NERC Compliance (incl. emergency operations planning, system operator training), Transmission System Operations & Asset Management, and Project/Program Management & Process Improvement (Six Sigma) Lynda McGhie, Associate Consultant Lynda McGhie has over 25 years of experience in information technology and governance, cyber security, risk and compliance management, security engineering and architecture. She is a resourceful, practical, senior information technology and cyber security professional with extensive experience in energy, oil and gas and utilities. Ms. McGhie is currently specializing in Smart Grid Cyber Security and Critical Infrastructure Protection, including the development and implementation of cyber security programs, defensible security strategies and practical solutions to address complex cyber security solutions, balanced risk management and compliance programs with emphasis on NERC CIP, NIST and NISTIR control frameworks, HIPAA, SOX, GLBA, COBIT and PCI-DSS. Lynda is a proven thought leader who stays abreast of industry standards, best-of-practice technologies and best practices. For the last five years, she has been working with utilities in the area of Transmission and Distribution including Independent Systems Operators, Municipals, Advanced Metering Infrastructure (AMI), Synchrophasors (PMUs), Smart Grid and Critical Infrastructure. Bob Janusaitis, Associate Consultant Bob Janusaitis, NERC/CIP Consultant, has over 30 years of experience in risk management, including cyber security, information systems audit, information technology governance, disaster recovery/business continuity and emergency management. An innovative problem solver with experience spanning numerous industries/sectors, including energy, manufacturing, distribution, financial services, healthcare, critical infrastructure and key resources. Investigative research, straight talking, and a common sense business approach, is combined with a unique ability to rapidly assess issues and present a balanced set of solutions. John S.F. Lim, Associate Consultant John Lim has more than 29 years of experience in Information Technology and Operations Technology systems infrastructure planning, design and implementation in a large electric power, gas distribution and steam distribution environment. A Certified Information Systems Security Professional (CISSP), John has also developed and implemented enterprise and operations cybersecurity policy and programs. John is actively engaged in industry and Federal critical infrastructure protection initiatives. John Blazekovich, Associate Consultant John Blazekovich has over 38 years in the electric utility industry at Commonwealth Edison and its parent organization, Exelon, which included compliance management responsibility for NERC and regional entity audit preparation, related activities and a wealth of transmission system operations experience. Mr. Blazekovich also served on the NERC Compliance and Certification Committee (CCC) from as a member of the investor-owned utility segment, and was the past chair of the Standards Interface Subcommittee. This material is intended strictly as general information about Quanta Technology, LLC and does not constitute the basis of any design advice or contract. Copyright
Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard
Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard The North American Electric Reliability Corporation 1 s (NERC) CIP Reliability Standard is the most comprehensive and pervasive
More informationNPCC Implementation of the NERC Compliance Monitoring And Enforcement Program (CMEP)
Northeast Power Coordinating Council, Inc. NPCC Implementation of the NERC Compliance Monitoring And CP-01 Rev.2 The NERC Rules of Procedure and the Regional Delegation Agreement are the overriding documents
More informationTransmission Function Employees Job Titles and Descriptions 18 C.F.R 358.7(f)(1)
Date of Last Change to the Provided Information August 27 th, 2015 Director, Transmission Operations The employee in this position is responsible for effectively managing the operation of FirstEnergy Utilities
More informationDan T. Stathos, CPA* Associate Director
Dan T. Stathos, CPA* dstathos@navigant.com Austin, Texas Direct: 512.493.5415 Professional Summary Dan Stathos, an in NCI s Austin, Texas office, has been involved with electric, gas, water and telephone
More informationNorth American Electric Reliability Corporation. Compliance Monitoring and Enforcement Program. December 19, 2008
116-390 Village Boulevard Princeton, New Jersey 08540-5721 North American Electric Reliability Corporation Compliance Monitoring and Enforcement Program December 19, 2008 APPENDIX 4C TO THE RULES OF PROCEDURE
More informationTop 10 Compliance Issues for Implementing Security Programs
www.dyonyx.com Top 10 Compliance Issues for Implementing Security Programs This White Paper articulates the top ten issues that we have encountered in the design and implementation of comprehensive Security
More informationCIP-003-5 Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-5 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and
More informationEMS & Control Center Services
Qualifications EMS & Control Center Services Prepared by: Quanta Technology, LLC 4020 Westchase Blvd., Suite 300 Raleigh, NC 27607 Phone (919) 334-3000 Fax (919) 334-3000 CONFIDENTIAL/PROPRIETARY: This
More informationWritten Statement of Richard Dewey Executive Vice President New York Independent System Operator
Written Statement of Richard Dewey Executive Vice President New York Independent System Operator Senate Standing Committee on Veterans, Homeland Security and Military Affairs Senator Thomas D. Croci, Chairman
More informationCIP-005-5 Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-5 3. Purpose: To manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security
More informationGRADUATE RELIABILITY TRAINING PROGRAM. Initiation Date: September 2012
GRADUATE RELIABILITY TRAINING PROGRAM Initiation Date: September 2012 Board Approved Date: May 2012 GRADUATE RELIABILITY TRAINING PROGRAM Program Description This program is intended for recent college
More informationProgram Guide for Risk-based Compliance Monitoring and Enforcement Program. ERA-01 Rev. 1. NPCC Manager, Entity Risk Assessment
NPCC Entity Risk Assessment Program Guide for Risk-based Compliance Monitoring and Enforcement Program ERA-01 Rev. 1 Process Owner: NPCC Manager, Entity Risk Assessment Effective Date: 03/02/2015 Table
More informationSummary of CIP Version 5 Standards
Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have
More information2016 Business Plan and Budget. Texas Reliability Entity, Inc. Approved by Texas RE Board of Directors. Date: May 21, 2015
2016 Business Plan and Texas Reliability Entity, Inc. Approved by Texas RE Board of Directors Date: May 21, 2015 1 Table of Contents Table of Contents... 2 Introduction... 3 Section A 2016 Business Plan
More informationApril 28, 2009. Dear Mr. Chairman:
April 28, 2009 The Honorable Edward J. Markey Chairman Subcommittee on Energy and Environment Committee on Energy and Commerce U.S. House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: I
More informationCIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationAURORA Vulnerability Background
AURORA Vulnerability Background Southern California Edison (SCE) September 2011-1- Outline What is AURORA? Your Responsibility as a Customer Sectors Impacted by AURORA Review of Regulatory Agencies History
More informationElectric Field Operations Organization
NSTAR Electric Transmission Function Job Summaries Electric Field Operations Organization Vice President, Electric Field Operations (Transmission) This position has primary responsibility for the planning,
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationTRANSMISSION GRID DEVELOPMENT & PORTFOLIO SERVICES December 22, 2014. Senior Vice President Trans Grid Development & Portfolio Services
TRANSMISSION GRID DEVELOPMENT & PORTFOLIO SERVICES December 22, 2014 Senior Vice President Trans Grid Development & Portfolio Services The Senior Vice President Transmission Grid Development & Portfolio
More informationHITRUST CSF Assurance Program
HITRUST CSF Assurance Program Simplifying the information protection of healthcare data 1 May 2015 2015 HITRUST LLC, Frisco, TX. All Rights Reserved Table of Contents Background CSF Assurance Program Overview
More informationNorth American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)
Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a
More informationUtility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security
Boeing Defense, Space & Security Ventures Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Tristan Glenwright - Boeing BOEING is a trademark of Boeing Management Company. The
More informationLast revised: September 1, 2014 TRANSMISSION FUNCTION TITLES AND JOB DESCRIPTIONS
Last revised: September 1, 2014 TRANSMISSION FUNCTION TITLES AND JOB DESCRIPTIONS EVP, Chief Operations Officer, has primary responsibility for the overall planning, operations and control of the transmission
More informationJob Descriptions. Job Title Reports To Job Description TRANSMISSION SERVICES Manager, Transmission Services. VP Compliance & Standards
Updated July 11, 2013 Job Descriptions Job Title Reports To Job Description TRANSMISSION SERVICES VP Compliance & Standards Develops strategy and business plans for efficient, safe, reliable, regulatorycompliant
More informationThe Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85
The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85 percent of the state s electric load and 75 percent of the
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationExecutive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.
Executive Summary Statement of Nadya Bartol Vice President, Industry Affairs and Cybersecurity Strategist Utilities Telecom Council Before the Subcommittee on Oversight and Subcommittee on Energy Committee
More informationService Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard
Information Systems Audit and Controls Association Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard February 4, 2014 Tom Haberman, Principal, Deloitte & Touche LLP Reema Singh,
More informationVoluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council
Voluntary Cybersecurity Initiatives in Critical Infrastructure Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org 2014 Utilities Telecom Council Utility cybersecurity environment is full of collaborations
More informationThe North American Electric Reliability Corporation ( NERC ) hereby submits
December 8, 2009 VIA ELECTRONIC FILING Kirsten Walli, Board Secretary Ontario Energy Board P.O Box 2319 2300 Yonge Street Toronto, Ontario, Canada M4P 1E4 Re: North American Electric Reliability Corporation
More informationUpdated November 20, 2015. Director, System Planning
Updated November 20, 2015 Job Descriptions Job Title Reports To Job Description SYSTEM PLANNING & SERVICES VP Compliance Manages the system planning and services staff. The director is responsible for
More informationISACA North Dallas Chapter
ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis
More informationCYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES
CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES How can you better prepare and respond to cyber risks? ACE developed Loss Mitigation Services to help policyholders understand and gauge various areas
More informationDr. A. D. (Dee) Patton. President and Principal Electrical Engineer
Dr. A. D. (Dee) Patton President and Principal Electrical Engineer Associated Power Analysts, Inc. Principal Electrical Engineer, Forensic Electrical Engineering Education, Licenses and Professional Associations
More informationWhite Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid
White Paper Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid Contents Executive Summary... 3 Integration of IT and OT... 4 Smarter Grid using Integrated
More informationCIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationIT Security & Compliance Risk Assessment Capabilities
ATIBA Governance, Risk and Compliance ATIBA provides information security and risk management consulting services for the Banking, Financial Services, Insurance, Healthcare, Manufacturing, Government,
More informationFERC, NERC and Emerging CIP Standards
Protecting Critical Infrastructure and Cyber Assets in Power Generation and Distribution Embracing standards helps prevent costly fines and improves operational efficiency Bradford Hegrat, CISSP, Principal
More information146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION
146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Cheryl A. LaFleur, Acting Chairman; Philip D. Moeller, John R. Norris, and Tony Clark. Reliability Standards
More informationCyber Security Standards Update: Version 5
Cyber Security Standards Update: Version 5 January 17, 2013 Scott Mix, CISSP CIP Technical Manager Agenda Version 5 Impact Levels Format Features 2 RELIABILITY ACCOUNTABILITY CIP Standards Version 5 CIP
More informationJOHN H. STOUT PRESIDENT, MARINER CONSULTING SERVICES, INC. 1303 LAKEWAY DRIVE TAYLOR LAKE VILLAGE, TEXAS 77586 713-252-0535
JOHN H. STOUT PRESIDENT, MARINER CONSULTING SERVICES, INC. 1303 LAKEWAY DRIVE TAYLOR LAKE VILLAGE, TEXAS 77586 713-252-0535 JSTOUT@MARINERCONSULT.COM WWW.MARINERCONSULT.COM OVER 36 YEARS OF EXPERIENCE
More informationU.S. Department of Energy Office of Inspector General Office of Audits and Inspections
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections Audit Report Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security DOE/IG-0846 January 2011
More informationSan Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015. Electric Grid Operations
San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015 Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission
More informationENGINEERING COMPETENCIES ENTRY LEVEL ENGINEER. Occupation Specific Technical Requirements
ENGINEERING COMPETENCIES ENTRY LEVEL ENGINEER Responsible for performing entry level engineering analysis, design, plan, review and inspection for small to medium projects and/or designated segments of
More informationERCOT Design and Implementation of Internal Controls and benefits for NERC CMEP/RAI
ERCOT Design and Implementation of Internal Controls and benefits for NERC CMEP/RAI Matt Mereness, ERCOT Compliance Director August 2015 Anfield Summit Outline of discussion ERCOT Background Business Case
More informationStandard CIP 007 3 Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for securing
More informationALTERNATIVE ELECTRIC SUPPLIER APPLICATION FOR THE MICHIGAN PUBLIC SERVICE COMMISSION RETAIL ACCESS PARTICIPATION AGREEMENT
ALTERNATIVE ELECTRIC SUPPLIER APPLICATION FOR THE MICHIGAN PUBLIC SERVICE COMMISSION RETAIL ACCESS PARTICIPATION AGREEMENT Michigan law, PA 286 of 2008, Section 10a(1)(a), provides that the Michigan Public
More informationWhen this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard.
CIP-002-5 Cyber Security BES Cyber System Categorization When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard. A.
More informationINTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT
Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated
More informationEntity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire
Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire Upcoming Audit Date: March 16, 2015 Upcoming Audit Type: O&P Audit Start of Audit Period: March 16, 2012 Date Submitted: Table of Contents
More informationSECURITY. Risk & Compliance Services
SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationEMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES
EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES Aligning information with business and operational objectives ESSENTIALS Leverage EMC Consulting as your trusted advisor to move your and compliance
More informationSan Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, 2015. Electric Grid Operations
San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, 2015 Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission
More informationU.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO
U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW November 12, 2012 NASEO ISER Response: from site focused to system focused Emergency Preparedness, Response, and Restoration Analysis and
More informationAudit-Ready SharePoint Applications
Audit-Ready SharePoint Applications Page 1 of 16 July 7, 2015 Table of Contents 1 Overview... 3 2 Company Background... 4 3 Audit-Ready SharePoint Applications... 4 3.1 Audit-Ready Compliance Dashboard...
More informationMEMORANDUM OF UNDERSTANDING THE INDEPENDENT ELECTRICITY SYSTEM OPERATOR THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION
MEMORANDUM OF UNDERSTANDING BETWEEN THE INDEPENDENT ELECTRICITY SYSTEM OPERATOR AND THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION AND THE NORTHEAST POWER COORDINATING COUNCIL, CROSS-BORDER REGIONAL
More informationNERC-CIP S MOST WANTED
WHITE PAPER NERC-CIP S MOST WANTED The Top Three Most Violated NERC-CIP Standards What you need to know to stay off the list. www.alertenterprise.com NERC-CIP s Most Wanted AlertEnterprise, Inc. White
More informationElectric Operations Manager
CITY OF ANAHEIM invites applications for the position of: Electric Operations Manager SALARY: $10,602.75 - $14,578.75 Monthly $127,233.00 - $174,945.00 Annually OPENING DATE: 04/07/16 CLOSING DATE: Continuous
More informationOlav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord
Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, 28.09.2015 CASE: Implementation of Cyber Security for Yara Glomfjord Implementation of Cyber Security for Yara Glomfjord Speaker profile Olav Mo ABB
More informationREQUEST FOR BENEFIT BROKERAGE AND CONSULTING SERVICES
REQUEST FOR BENEFIT BROKERAGE AND CONSULTING SERVICES July 25, 2012 I. INTRODUCTION The Corporation for Public Broadcasting (CPB) is interested in selecting an experienced firm specializing in benefit
More information130 FERC 61,163 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION ORDER APPROVING STIPULATION AND CONSENT AGREEMENT
130 FERC 61,163 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Jon Wellinghoff, Chairman; Marc Spitzer, Philip D. Moeller, and John R. Norris. Florida Blackout Docket
More informationSan Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions. Electric Grid Operations
San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission system operations
More informationInformation Bulletin
Public Policy Division Impact of NIST Guidelines for Cybersecurity Prepared by UTC Staff 1. Introduction... 3 2. Cybersecurity Landscape... 3 3. One Likely Scenario... 5 4. Draft NISTIR 7628, Guidelines
More informationEASTERN INTERCONNECTION RELIABILITY ASSESSMENT GROUP (ERAG) AGREEMENT
EASTERN INTERCONNECTION RELIABILITY ASSESSMENT GROUP (ERAG) AGREEMENT THIS AGREEMENT ( Agreement ), effective as of August 1, 2006 is entered into by and among the Florida Reliability Coordinating Council,
More informationENVIRONMENTAL, HEALTH AND SAFETY PERSONNEL MANAGEMENT LEVELING GUIDE
ENVIRONMENTAL, HEALTH AND SAFETY PERSONNEL MANAGEMENT LEVELING GUIDE Levels Job Codes Scope of Position Top Environmental Affairs Executive (Corporate) 1000 The most senior Environmental, Health and Safety
More informationPanel Session: Lessons Learned in Smart Grid Cybersecurity
PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory
More informationREQUIREMENTS FOR CERTIFICATION BODIES TO DETERMINE COMPLIANCE OF APPLICANT ORGANIZATIONS TO THE MAGEN TZEDEK SERVICE MARK STANDARD
REQUIREMENTS FOR CERTIFICATION BODIES TO DETERMINE COMPLIANCE OF APPLICANT ORGANIZATIONS TO THE MAGEN TZEDEK SERVICE MARK STANDARD Foreword The Magen Tzedek Commission has established a standards and certification
More informationData Management Issues associated with the August 14, 2003 Blackout Investigation
Material derived from PNNL-SA-40401 Originally presented June 8, 2004 Data Management Issues associated with the August 14, 2003 Blackout Investigation Jeff Dagle, PE Chief Electrical Engineer and Team
More informationTRANSMISSION Field Services (January 30, 2014)
TRANSMISSION Field Services (January 30, 2014) Vice President Transmission Field Services The Vice President - Transmission Region Operations is responsible for the safe, reliable, cost-effective, and
More informationGovernance. What s a Governance?
Governance What s a Governance? Governance FERC - Federal Energy Regulatory Commission NERC - North American Electric Reliability Council. NPCC - Northeast Power Coordinating Council NYSRC - New York State
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationA. Introduction. B. Requirements. Standard PER-005-1 System Personnel Training
A. Introduction 1. Title: System Personnel Training 2. Number: PER-005-1 3. Purpose: To ensure that System Operators performing real-time, reliability-related tasks on the North American Bulk Electric
More informationFederal Energy Regulatory Commission. Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693)
Federal Energy Regulatory Commission Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693) This Guide is prepared in accordance with the requirements of section 212 of the Small
More informationIEEE-Northwest Energy Systems Symposium (NWESS)
IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific
More informationRegulatory Compliance Management for Energy and Utilities
Regulatory Compliance Management for Energy and Utilities The Energy and Utility (E&U) sector is transforming as enterprises are looking for ways to replace aging infrastructure and create clean, sustainable
More informationJOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.
JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President
More informationSupporting FISMA and NIST SP 800-53 with Secure Managed File Transfer
IPSWITCH FILE TRANSFER WHITE PAPER Supporting FISMA and NIST SP 800-53 with Secure Managed File Transfer www.ipswitchft.com Adherence to United States government security standards can be complex to plan
More informationBest Practices in ICS Security for System Operators. A Wurldtech White Paper
Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationH. R. 5005 11 SEC. 201. DIRECTORATE FOR INFORMATION ANALYSIS AND INFRA STRUCTURE PROTECTION.
H. R. 5005 11 (d) OTHER OFFICERS. To assist the Secretary in the performance of the Secretary s functions, there are the following officers, appointed by the President: (1) A Director of the Secret Service.
More informationFINAL DOCUMENT. Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Manufacturers Part 1: General Requirements
GHTF/SG4/N28R4:2008 FINAL DOCUMENT Title: Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Manufacturers Authoring Group: GHTF Study Group 4 Endorsed by: The Global Harmonization
More informationKeeping the Lights On
Keeping the Lights On Fundamentals of Industrial Control Risks, Vulnerabilities, Mitigating Controls, and Regulatory Compliance Learning Goals o Understanding definition of industrial controls o Understanding
More informationCORPORATION FOR PUBLIC BROADCASTING Request for Proposals Community Service Grants Business Process Analysis
CORPORATION FOR PUBLIC BROADCASTING Request for Proposals Community Service Grants Business Process Analysis Deadline for response: May 8, 2013 5 p.m. EST RFP AT A GLANCE The Corporation for Public Broadcasting
More informationVendor Risk Management Financial Organizations
Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current
More informationFERC Regulations: Managing Compliance Through ETRM Technology
www.allegrodev.com FERC Regulations: Managing Compliance Through ETRM Technology Bart Thielbar Senior Research Analyst Sierra Energy Group; The R&A Division of Energy Central Abstract An Allegro White
More informationNERC CIP Compliance with Security Professional Services
NERC CIP Compliance with Professional Services The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is
More informationNational Occupational Standards. Compliance
National Occupational Standards Compliance NOTES ABOUT NATIONAL OCCUPATIONAL STANDARDS What are National Occupational Standards, and why should you use them? National Occupational Standards (NOS) are statements
More informationNERC Cyber Security Standards
SANS January, 2008 Stan Johnson Manager of Situation Awareness and Infrastructure Security Stan.johnson@NERC.net 609-452-8060 Agenda History and Status of Applicable Entities Definitions High Level of
More informationGuide to Pcaob Inspections
Guide to Pcaob Inspections october 2012 Since 2002, a new regulator, the Public Company Accounting Oversight Board (PCAOB), has had responsibility for overseeing auditors of public companies. Regular inspections
More informationCIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014
CIP v5/v6 Implementation Plan CIP v5 Workshop Tony Purgar October 2-3, 2014 Revision History CIP v5/v6 Implementation Plan Change History Date Description Initial Release July 25, 2014 Revision V0.1 August-2014
More informationWhite Paper on Financial Institution Vendor Management
White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety
More informationU.S. DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
U.S. DEPARTMENT OF COMMERCE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY ) Developing a Framework ) To Improve ) Docket No. 130208119-3119-01 Critical Infrastructure Cybersecurity ) ) RESPONSE OF THE
More informationCAISO Information Security Requirements for the Energy Communication Network (ECN)
Page 1 of 11 REVISION HISTORY VERSION DATE DESCRIPTION DRAFT 0.1 11/27/2002 Initial Draft 1.0 10/13/2003 Initially Released Version 1.1 11/15/2005 Minor clean-up. 1.2 05/30/2006 New logo and appendix change
More informationRE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity
October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure
More informationEFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013
EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 1 AGENDA Why Cybersecurity? A Few Helpful Cybersecurity Concepts Developing Expertise:
More informationFINRA Publishes its 2015 Report on Cybersecurity Practices
Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February
More informationPROCEDURE. Ontario Technical Feasibility Exception PUBLIC. Issue 0.2 IESO_PRO_0680
PROCEDURE PUBLIC IESO_PRO_0680 Ontario Technical Feasibility Exception Issue 0.2 This procedure provides guidance to TFE applicants on the Ontario-adapted NERC Technical Feasibility Exception process.
More information