NPCC Implementation of the NERC Compliance Monitoring And Enforcement Program (CMEP)



Similar documents
North American Electric Reliability Corporation. Compliance Monitoring and Enforcement Program. December 19, 2008

Program Guide for Risk-based Compliance Monitoring and Enforcement Program. ERA-01 Rev. 1. NPCC Manager, Entity Risk Assessment

MEMORANDUM OF UNDERSTANDING THE INDEPENDENT ELECTRICITY SYSTEM OPERATOR THE NORTH AMERICAN ELECTRIC RELIABILITY CORPORATION

PROCEDURE. Ontario Technical Feasibility Exception PUBLIC. Issue 0.2 IESO_PRO_0680

Re: NERC Notice of Penalty regarding Pacific Gas and Electric Company FERC Docket No. NP10-_-000

CIP Cyber Security Security Management Controls

Standard CIP 004 3a Cyber Security Personnel and Training

DELEGATION AGREEMENT

The North American Electric Reliability Corporation ( NERC ) hereby submits

A. Introduction. B. Requirements. Standard PER System Personnel Training

2016 Business Plan and Budget. Texas Reliability Entity, Inc. Approved by Texas RE Board of Directors. Date: May 21, 2015

Standard CIP 007 3a Cyber Security Systems Security Management

Standard CIP Cyber Security Security Management Controls

POLICY ON COMPLIANCE INCENTIVES FOR MUNICIPALITIES

UMDNJ COMPLIANCE PLAN

How To Audit A Financial Institution

CP#64 / Environmental Monitoring Services

Privacy Law in Canada

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

CIP Cyber Security Electronic Security Perimeter(s)

Standard CIP Cyber Security Systems Security Management

Assist Members in developing their own national arrangements through being able to draw on and hence benefit from the experience of other members;

Compliance Management Systems (CMS) Division of Depositor and Consumer Protection

ORI Gu idel in es f o r Inst it u t ion s an d Wh ist l eblow e rs: (November 20, 1995)

MISO Annual Compliance Program Update

Federal Energy Regulatory Commission. Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693)

SUITABILITY IN ANNUITY TRANSACTIONS MODEL REGULATION

SETTLEMENT AGREEMENT. b. The terms of any settlement will become public information only if, and when, the settlement is approved by the Commission.

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Consideration of Laws and Regulations in an Audit of Financial Statements

New Brunswick Electricity Business Rules

ELECTRIC POWER RESEARCH INSTITUTE BOARD OF DIRECTORS CONFLICT OF INTEREST POLICY. Article I: Purpose

BANKING UNIT BANKING RULES OUTSOURCING BY CREDIT INSTITUTIONS AUTHORISED UNDER THE BANKING ACT 1994

Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard

SAN FRANCISCO ADMINISTRATIVE CODE CHAPTER 96: COORDINATION BETWEEN THE POLICE DEPARTMENT AND THE OFFICE OF CITIZEN COMPLAINTS

POLICY SUBJECT: EFFECTIVE DATE: 5/31/2013. To be reviewed at least annually by the Ethics & Compliance Committee COMPLIANCE PLAN OVERVIEW

REVISED. SUITABILITY IN ANNUITY TRANSACTIONS MODEL REGULATION Executive Summary

SUMMARY OF CHANGES COMMERCIAL ARBITRATION RULES

GENERAL UNIVERSITY POLICY APM REGARDING ACADEMIC APPOINTEES University Policy on Faculty Conduct and the Administration of Discipline

DELAWARE DEPARTMENT OF INSURANCE MARKET CONDUCT EXAMINATION REPORT

"The Regulations Governing the Trusted Auditing Firms. of the Securities and Exchange Organization"

Virginia Commonwealth University School of Medicine Information Security Standard

INTERNATIONAL STANDARD ON AUDITING 250 CONSIDERATION OF LAWS AND REGULATIONS IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

How To Ensure Health Information Is Protected

How To Manage A Company

02 DEPARTMENT OF PROFESSIONAL AND FINANCIAL REGULATION

Executive Memorandum No. 16

Sub. H.B. 9 * 126th General Assembly (As Reported by H. Civil and Commercial Law)

SETTLEMENT AGREEMENT AND CONSENT ORDER OCWEN FINANCIAL CORPORATION AND OCWEN LOAN SERVICING, LLC

IN THE MATTER OF THE SECURITIES ACT R.S.O. 1990, c. S.5, AS AMENDED -AND- IN THE MATTER OF SYSTEMATECH SOLUTIONS INC., APRIL VUONG AND HAO QUACH

HOUSE BILL 2485 AN ACT AMENDING TITLE 12, CHAPTER 13, ARIZONA REVISED STATUTES, BY ADDING ARTICLE 10; RELATING TO HEALTH AND SAFETY AUDIT PRIVILEGE.

.kiwi Complaint Resolution Service. 21 Jan 2014 Version 1.0 Dot Kiwi Limited

RALLY SOFTWARE DEVELOPMENT CORP.

Preferred Professional Insurance Company Subcontractor Business Associate Agreement

INSTITUTIONAL COMPLIANCE PLAN

Inspection of Fazzari + Partners LLP Chartered Accountants (Headquartered in Vaughan, Canada) Public Company Accounting Oversight Board

ESSB H AMD TO APP COMM AMD (H /13) 388 By Representative Taylor FAILED 04/12/2013

3. Purpose: To improve the reliability of the Bulk Electric System by requiring the reporting of events by Responsible Entities.

State of Rhode Island and Providence Plantations DEPARTMENT OF BUSINESS REGULATION Division of Insurance 1511 Pontiac Avenue Cranston, RI 02920

Inspection of Chang G Park (Headquartered in San Diego, California) Public Company Accounting Oversight Board

Compliance Requirements for Healthcare Carriers

Accredited Body Report CPA Australia. For the period ended 30 June 2013

CHAPTER 5 CERTIFICATE STATUS MAINTENANCE C.R.S. 1973, , (5), and

SWIMMING AUSTRALIA LIMITED GAMBLING, BETTING AND MATCH FIXING POLICY. Swimming Australia Limited - Gambling, Betting and Match Fixing Policy Page 1

GUIDELINES FOR ADVERTISING AND MARKETING WELLNESS & HEALTH PROMOTION ACCREDITATION. Table of Contents

STT ENVIRO CORP. (the Company ) CHARTER OF THE CORPORATE GOVERNANCE AND NOMINATING COMMITTEE. As amended by the Board of Directors on May 10, 2012

Sample MEDIATION IN DOMESTIC RELATIONS

CONTENT OF THE AUDIT LAW

Minimum Performance and Service Criteria for Medicare Part D

NORTH CAROLINA WESLEYAN COLLEGE POLICY ON GENDER DISCRIMINATION AND SEXUAL HARASSMENT

OFAC Compliance- Internal Compliance Program

1.1.3 Professional Conduct and Ethics

Criteria for Quality Continuing Education

Align Technology. Data Protection Binding Corporate Rules Processor Policy Align Technology, Inc. All rights reserved.

TARTISAN RESOURCES CORP. INSIDER TRADING AND BLACK-OUT POLICY

DELAWARE DEPARTMENT OF INSURANCE MARKET CONDUCT EXAMINATION REPORT

FERRELLGAS CODE OF ETHICS FOR PRINCIPAL EXECUTIVE AND FINANCIAL OFFICERS

Not an Official Translation On Procedure of Coming into Effect of the Law of Ukraine On State Regulation of the Securities Market in Ukraine

COMPLIANCE PROGRAM FOR XL GROUP PLC

H. R SEC DIRECTORATE FOR INFORMATION ANALYSIS AND INFRA STRUCTURE PROTECTION.

130 FERC 61,163 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION ORDER APPROVING STIPULATION AND CONSENT AGREEMENT

Privacy Law in Canada

HOURLY CONSULTING AGREEMENT

Strategy and Procedures for Compliance and Enforcement

Insider Trading and Reporting Policy Revision Date: December 1, 2008

BPA Policy Contract Lifecycle Management

INVESTMENT INDUSTRY REGULATORY ORGANIZATION OF CANADA

NEW JERSEY ADMINISTRATIVE CODE Copyright 2013 by the New Jersey Office of Administrative Law

Subject: Safety and Soundness Standards for Information

The University of Texas at Austin COMPLIANCE AND ETHICS PROGRAM CHARTER

IN THE CIRCUIT COURT THIRD JUDICIAL CIRCUIT MADISON COUNTY, ILLINOIS PART FIVE - LAW DIVISION AMENDED COURT RULES

Guidebook for Social Work. Disciplinary Actions

INTERSTATE INSURANCE PRODUCT REGULATION COMMISSION OPERATING PROCEDURE FOR THE FILING AND APPROVAL OF PRODUCT FILINGS

STATE OF MICIDGAN DEPARTMENT OF LICENSING AND REGULATORY AFFAIRS OFFICE OF FINANCIAL AND INSURANCE REGULATION

STATEMENT FROM THE CHAIRMAN

NB Appendix CIP NB-1 - Cyber Security Personnel & Training

128 FERC 61,269 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION ORDER APPROVING UNCONTESTED SETTLEMENT. (Issued September 21, 2009)

AUDIT GUIDE FOR RECIPIENTS AND AUDITORS

Accountable Care Organization. Medicare Shared Savings Program. Compliance Plan

Transcription:

Northeast Power Coordinating Council, Inc. NPCC Implementation of the NERC Compliance Monitoring And CP-01 Rev.2 The NERC Rules of Procedure and the Regional Delegation Agreement are the overriding documents that govern the implementation of the CMEP. Process Owner: Assistant Vice President of Compliance Audits and Investigations Effective Date: 12/12/2011

Table of Contents 1. Introduction... 2 1.1. Applicability... 2 1.2. Organization... 2 1.3. Authority... 3 1.4. Staff Code of Conduct... 3 1.5. Antitrust... 3 2. Registration and Identification of Entities... 3 3. Reliability Standards Subject For Compliance Review... 4 4. Compliance Discovery Processes... 4 5. Enforcement Actions... 5 5.1. Issuance of Notices... 5 5.2. Settlement... 5 5.3. Remedial Action Directives... 5 5.4. Compliance Hearings and NERC Appeals... 5 5.5. Mitigation of Alleged Violations of NERC Reliability Standards... 5 6. Reporting and Disclosure... 6 7. Data Retention and Confidentiality... 6 8. References... 6 9. Summary of Changes... 7 Review and Re-Approval Requirements This document will be reviewed every two years from effective date, or as appropriate for possible revision. The existing or revised document will be re-approved by the NPCC Compliance Committee, distributed to staff and committees/working groups, as applicable, and will be posted to the NPCC website for member reference. Northeast Power Coordinating Council, Inc. 1

1. Introduction Within the State of New York and the six states comprising New England, NERC as the Electric Reliability Organization ( ERO ) has delegated its compliance and enforcement authority pursuant with the Energy Policy Act of 2005 ( EPAct ) to the Northeast Power Coordinating Council, Inc. ( NPCC ) in accordance with the approved Regional Delegation Agreement ( RDA ). The NPCC Compliance Staff monitors, assesses and enforces compliance with NERC Reliability Standards and NPCC Regional Standards utilizing the NERC established Compliance Monitoring and Enforcement Program ( CMEP ). The NERC Rules of Procedure, including its appendices and the RDA are the overriding documents that describe the implementation of the CMEP. This document, along with other Compliance Procedure documents, supplements those documents and describes the NPCC-specific implementation of the CMEP and its various components. CMEP implementation functions may include, but are not limited to, performing compliance audits, data gathering, data reporting, monitoring, investigations, evaluating and determining compliance and non-compliance, imposing penalties and sanctions, approving and tracking Mitigation Plans and issuing Remedial Action Directives. The terminology used herein is as defined by the NERC Rules of Procedure and the NERC Glossary of Terms. In addition, NPCC has or will have separate agreements with the Canadian Provinces of Ontario, Quebec, New Brunswick and Nova Scotia, or their designated representatives to define the implementation of mandatory NERC Reliability Standards and NPCC Regional Standards within their respective compliance monitoring and enforcement programs. The imposition or recognition of sanctions, Mitigation Plans or other remedial actions shall not be construed as an acceptable alternative to any Registered Entity's continued obligation to comply with the NERC Reliability Standards and Regional Standards. The NPCC compliance monitoring and enforcement functions are designed to be executed in a fair and non-discriminatory manner utilizing due process. NPCC Compliance Staff is charged with making the final decision regarding all compliance assessments. The NPCC Compliance Committee ( CC ) is charged with conducting a compliance hearing if requested by a Registered Entity in accordance with the NERC Rules of Procedure and the Scope of Work for the NPCC Compliance Committee. A Registered Entity may appeal the Compliance Committee s decision to NERC, as provided for in the NERC Rules of Procedure. 1.1. Applicability This document applies to the NPCC Compliance Staff, the NPCC CC and the processes used to implement the NERC CMEP. 1.2. Organization NPCC meets the governance requirements of the EPAct and its staff is independent of any owner, operator, or user of the bulk electric system. Northeast Power Coordinating Council, Inc. 2

1.3. Authority The NPCC Board of Directors ( Board ) and NPCC CC provide policy and procedure oversight of the CMEP. The CC will administer policies and procedures related to the CMEP as delegated by the Board. The NPCC Compliance Staff exercises its authority in carrying out the functions of the RDA in a fair, non-discriminatory manner with reasonable due process for the Registered Entity. NPCC Compliance Staff has the authority and responsibility for determining the compliance status of a Registered Entity, determining the initial sanctions and penalties due to non-compliance with a Reliability Standard, and issuing Remedial Action Directives, subject to NERC Rules of Procedure requirements. 1.4. Staff Code of Conduct NPCC Compliance Staff and its independent contractors shall follow the policies prohibiting activities that would cast doubt on and/or compromise the ability of the staff and any contractor of the NPCC to act with total objectivity with regard to the overall interests of its delegated function, the compliance program, and the applicability to those Registered Entities subject to the Reliability Standards. 1.5. Antitrust NPCC follows the anti-trust guidelines referenced in its Bylaws. In addition, NPCC Compliance Staff, NPCC Board of Directors, and NPCC CC members shall comply with all applicable state, provincial, and federal antitrust laws. 2. Registration and Identification of Entities The NPCC Compliance Staff shall register all known owners, operators and users of the bulkelectric system responsible for complying with the NERC Reliability Standards and Regional Standards, in accordance with Section 500 of the NERC Rules of Procedure, the Compliance Procedure Document CP-04, Procedure for NPCC Registration Process and Provincial Agreements. To be registered, an owner, operator or user of the bulk electric system must have at least one functional responsibility as defined in a Reliability Standard. The NPCC Compliance Staff develops and maintains a Regional Compliance Registry that is shared with NERC on a regular basis. The Registry lists all Registered Entities subject to monitoring, assessment and enforcement of Reliability Standards. At the time of registration, NERC will inform each Registered Entity of its compliance obligations related to the applicable Reliability Standards. The NPCC Compliance Staff will designate a contact person(s) and require each Registered Entity to designate a Primary Compliance Contact ( PCC ) responsible for sending and receiving all necessary information and communications concerning compliance matters. Northeast Power Coordinating Council, Inc. 3

3. Reliability Standards Subject For Compliance Review The annual NPCC CMEP includes monitoring an entity s compliance to a subset of the NERC Reliability Standards and applicable Regional Reliability Standards. This subset of actively monitored reliability standards is determined by NPCC Compliance Staff in conjunction with the other Regional Entities and NERC to ensure uniform compliance monitoring. The NPCC CC shall review the annual NPCC CMEP and provide input on any compliance schedule component as appropriate. Regardless of the subset of actively monitored NERC Reliability Standards a Registered Entity can be monitored for compliance with any and all applicable and regulatory approved standards at any time via any of the compliance monitoring processes discussed in this document. NERC Rules of Procedure (RoP) state that all Bulk Power System users, owners, and operators are required to comply with all applicable ERO governmental authority-approved Reliability Standards at all times. Regional Reliability Standards and regional variances approved by NERC and the applicable ERO governmental authority are enforceable and apply to all Registered Entities responsible for meeting those Reliability Standards within the Regional Entity boundaries, whether or not the BPS user, owner, or operator is a member of the Regional Entity. The yearly NERC Implementation Plan includes a set of Reliability Standards that were selected based upon ERO-identified high-risk priorities and a three-tiered approach to compliance auditing. The implementation plan also requires NPCC to consider a registered entity s compliance history when determining the scope of compliance monitoring activities. 4. Compliance Discovery Processes NPCC will use any or all of the following eight (8) discovery processes, to collect information to determine compliance status: (1) Compliance Audits (including On-Site and Off- Site Audits), (2) Self-Certifications, (3) Spot Checking, (4) Compliance Violation Investigations, (5) Self-Reporting, (6) Periodic Data Submittals, (7) Exception Reporting, and (8) Complaints. These discovery processes are described in detail in the NERC Rules of Procedure, Appendix 4C. To address NPCC-specific implementation of aspects of the CMEP, additional documentation, in the form of Compliance Procedures, have been developed. To date, in addition to this document, the following CP documents have been developed: CP-02 Procedure for Conducting On-Site Compliance Audits; CP-03 Procedure for Conducting Off-Site Compliance Audits; CP-04, Procedure for NPCC Registration Process, CP-05 Procedure for Conducting Spot Check Program; and CP-06 Procedure for Self- Certification and Self- Reporting. The NPCC Compliance Staff has also developed internal Compliance Instructions (CI) to complement the existing CP documents where applicable or to address other aspects of NPCCspecific implementation of the CMEP not covered in a CP document such as: developing and tracking of mitigation plans; issuance of violation notices; Compliance Violation Investigations; utilizing the NERC Workbook; penalties and sanctions; and periodic data submittals. Other aspects of the CMEP not specifically covered by a CP or CI are implemented according to the description in the NERC Rules of Procedure and its applicable appendices. Northeast Power Coordinating Council, Inc. 4

5. Enforcement Actions 5.1. Issuance of Notices For instances where a possible violation has occurred, NPCC Compliance Staff will issue a series of notices as it conducts its investigation. NPCC may issue a Notice of Possible Violation (NOPV), a Notice of Alleged Violation (NOAV), and a Notice of Confirmed Violation (NOCV). Once an NOCV has been issued and forwarded to NERC, NPCC will await the issuance of a Notice of Penalty (NOP) and FERC approval before a penalty or sanction is imposed. Upon completion by the Registered Entity of all requirements set forth in the NOP and any settlement agreement, a Notice of Confirmation of Payment and Completion of Enforcement Action will be issued. Should determination be made that there was no violation, a Notice of Dismissal will be issued. 5.2. Settlement Registered Entities may enter into settlement discussions at any time during the implementation of the CMEP. Settlement Agreements will be negotiated between the Registered Entity and NPCC before being forwarded to NERC and FERC for approval. A fundamental principal of any settlement discussion is the understanding that the Settlement Agreement must contain provisions for not only mitigating the identified violation and minimizing the risk of reoccurrence but also specific descriptions of proposed enhancements that clearly demonstrate a commitment to improved overall reliability. 5.3. Remedial Action Directives In accordance with the NERC Rules of Procedure, Appendix 4C - Section 7.0, NPCC may issue a Remedial Action Directive (RAD) when such action is deemed immediately necessary to protect the reliability of the bulk electric system from an imminent threat. The RAD will identify the immediate steps necessary to address the situation that led to the issuance of the RAD. In addition longer term corrective actions will be outlined and completion of the specified actions will be monitored by the NPCC Compliance Staff. Issuance of a RAD does not obviate the issuance of applicable violation notices and does not preclude a Registered Entity from entering into settlement discussions. 5.4. Compliance Hearings and NERC Appeals In the event that a Registered Entity disputes a compliance finding and/or penalty or sanction, the Registered Entity may request that a Compliance Hearing be conducted. As indicated earlier, the Compliance Hearing will be administered under the NPCC CC and done in accordance to the NERC Rules of Procedure, Appendix 4C - Attachment 2. The Scope of Work for the NPCC Compliance Committee describes the formation of the Hearing Body. As indicated in the scope document the Hearing will be conducted by an independent Hearing Officer. In the event that the Registered Entity or NPCC disagrees with the outcome of the Hearing, either entity may appeal to NERC and invoke the NERC Appeals Process. 5.5. Mitigation of Alleged Violations of NERC Reliability Standards A Registered Entity who agrees that an Alleged Violation has occurred shall file with the NPCC Compliance Staff either (i) a proposed Mitigation Plan to correct the Alleged Violation; or (ii) a description of how the Alleged Violation has been mitigated. The mitigation plan will be submitted in accordance with the NERC Rules of Procedure, Appendix 4C - Section 6.0 Northeast Power Coordinating Council, Inc. 5

6. Reporting and Disclosure The NPCC Compliance Staff shall prepare and submit to NERC all required reports as detailed in the NERC Rules of Procedure, Appendix 4C - Section 8.0. 7. Data Retention and Confidentiality The NPCC Compliance Staff shall abide by all applicable data retention and confidentiality agreements including those that are detailed in the NERC Rules of Procedure, Appendix 4C - Section 9.0 and any other direction from a NERC Bulletin. 8. References Uniform of the North American Electric Reliability Corporation Northeast Power Coordinating Council, Inc. 6

9. Summary of Changes Revision 1 This was a major revision to Revision 0. This document was written as a program description document and the implementation of the NPCC CMEP is included in the compliance procedures and instruction document. Document reformatted to conform to the revised NPCC procedure template formatting requirements. Revision 2 Addition to section3; addition to section 4; update of section 5.1. Summary of Changes Version Date Changes Made/Comments Reviewed By Date of Compliance Committee Approval O Original Procedure for NPCC s S. Buffamante handling of CMEP. 1 8/12/2009 Major revision S. Buffamante 8/12/2009 2 10/25/2011 Revisions to sections 3; addition to Sect.4 and update of Sect. 5 S. Buffamante 12/12/2011 Northeast Power Coordinating Council, Inc. 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information