Agenda Member Representatives Committee Highlights... · The nominating committee received a number...

104
Agenda Member Representatives Committee August 13, 2014 | 1:15–5:15 p.m. Pacific The Westin Bayshore, Vancouver 1601 Bayshore Drive Vancouver, BC V6G 2V4 Canada 604-961-6970 Introductions and Chair’s Remarks NERC Antitrust Compliance Guidelines and Public Announcement* Consent Agenda 1. Minutes — Approve a. July 16, 2014 Conference Call* b. May 6, 2014 Meeting* 2. Future Meetings* 3. Nominations a. Update from Board of Trustees Nominating Committee* b. Schedule for MRC Officer and Sector Elections* Regular Agenda 4. Responses to the Board’s Request for Policy Input* a. Reliability Assurance Initiative b. Critical Infrastructure Protection Version 5 Transition c. Risk-Based Registration Design and Implementation Plan d. Cybersecurity Risk Information Sharing Program 5. Additional Policy Discussion from Board Committee Meetings* a. Corporate Governance and Human Resources Committee b. Finance and Audit Committee i. NERC 2015 Business Plan and Budget ii. Regional Entities’ and WIRAB 2015 Business Plan and Budgets

Transcript of Agenda Member Representatives Committee Highlights... · The nominating committee received a number...

Page 1: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Member Representatives Committee August 13, 2014 | 1:15–5:15 p.m. Pacific The Westin Bayshore, Vancouver 1601 Bayshore Drive Vancouver, BC V6G 2V4 Canada 604-961-6970

Introductions and Chair’s Remarks NERC Antitrust Compliance Guidelines and Public Announcement* Consent Agenda

1. Minutes — Approve

a. July 16, 2014 Conference Call*

b. May 6, 2014 Meeting*

2. Future Meetings*

3. Nominations

a. Update from Board of Trustees Nominating Committee*

b. Schedule for MRC Officer and Sector Elections*

Regular Agenda

4. Responses to the Board’s Request for Policy Input*

a. Reliability Assurance Initiative

b. Critical Infrastructure Protection Version 5 Transition

c. Risk-Based Registration Design and Implementation Plan

d. Cybersecurity Risk Information Sharing Program

5. Additional Policy Discussion from Board Committee Meetings*

a. Corporate Governance and Human Resources Committee

b. Finance and Audit Committee

i. NERC 2015 Business Plan and Budget

ii. Regional Entities’ and WIRAB 2015 Business Plan and Budgets

Page 2: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

iii. Long-term Assessment Stabilization Initiative

c. Compliance Committee

i. Physical Security Implementation

d. Standards Oversight and Technology Committee

i. ERO Enterprise IT Application Strategy

ii. Geomagnetic Disturbance Standard

iii. Defintion of Bulk Electric System Implementation

iv. Reliability Standard Audit Worksheet Review and Revision Process

e. Other

6. CO2 Strategic Discussion*

7. Polar Vortex Report Update*

8. Assessing the ERO’s Effectiveness*

9. Regulatory Update*

*Background materials included

Member Representatives Committee Agenda August 13, 2014

2

Page 3: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Antitrust Compliance Guidelines I. General It is NERC’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or that might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that unreasonably restrains competition. It is the responsibility of every NERC participant and employee who may in any way affect NERC’s compliance with the antitrust laws to carry out this commitment. Antitrust laws are complex and subject to court interpretation that can vary over time and from one court to another. The purpose of these guidelines is to alert NERC participants and employees to potential antitrust problems and to set forth policies to be followed with respect to activities that may involve antitrust considerations. In some instances, the NERC policy contained in these guidelines is stricter than the applicable antitrust laws. Any NERC participant or employee who is uncertain about the legal ramifications of a particular course of conduct or who has doubts or concerns about whether NERC’s antitrust compliance policy is implicated in any situation should consult NERC’s General Counsel immediately. II. Prohibited Activities Participants in NERC activities (including those of its committees and subgroups) should refrain from the following when acting in their capacity as participants in NERC activities (e.g., at NERC meetings, conference calls and in informal discussions):

• Discussions involving pricing information, especially margin (profit) and internal cost information and participants’ expectations as to their future prices or internal costs.

• Discussions of a participant’s marketing strategies.

• Discussions regarding how customers and geographical areas are to be divided among competitors.

• Discussions concerning the exclusion of competitors from markets.

• Discussions concerning boycotting or group refusals to deal with competitors, vendors or suppliers.

Page 4: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC Antitrust Compliance Guidelines 2

• Any other matters that do not clearly fall within these guidelines should be reviewed with NERC’s General Counsel before being discussed.

III. Activities That Are Permitted From time to time decisions or actions of NERC (including those of its committees and subgroups) may have a negative impact on particular entities and thus in that sense adversely impact competition. Decisions and actions by NERC (including its committees and subgroups) should only be undertaken for the purpose of promoting and maintaining the reliability and adequacy of the bulk power system. If you do not have a legitimate purpose consistent with this objective for discussing a matter, please refrain from discussing the matter during NERC meetings and in other NERC-related communications. You should also ensure that NERC procedures, including those set forth in NERC’s Certificate of Incorporation, Bylaws, and Rules of Procedure are followed in conducting NERC business. In addition, all discussions in NERC meetings and other NERC-related communications should be within the scope of the mandate for or assignment to the particular NERC committee or subgroup, as well as within the scope of the published agenda for the meeting. No decisions should be made nor any actions taken in NERC activities for the purpose of giving an industry participant or group of participants a competitive advantage over other participants. In particular, decisions with respect to setting, revising, or assessing compliance with NERC reliability standards should not be influenced by anti-competitive motivations. Subject to the foregoing restrictions, participants in NERC activities may discuss:

• Reliability matters relating to the bulk power system, including operation and planning matters such as establishing or revising reliability standards, special operating procedures, operating transfer capabilities, and plans for new facilities.

• Matters relating to the impact of reliability standards for the bulk power system on electricity markets, and the impact of electricity market operations on the reliability of the bulk power system.

• Proposed filings or other communications with state or federal regulatory authorities or other governmental entities.

Matters relating to the internal governance, management and operation of NERC, such as nominations for vacant committee positions, budgeting and assessments, and employment matters; and procedural matters such as planning and scheduling meetings.

Page 5: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Draft Minutes Member Representatives Committee Pre-Meeting Informational Session Conference Call and Webinar July 16, 2014 | 11:00 a.m.–1:00 p.m. Eastern Introductions and Chair’s Remarks Chair John Anderson, with vice chair Sylvain Clermont present, convened a duly-noticed open meeting by conference call and webinar of the North American Electric Reliability Corporation (NERC) Member Representatives Committee (MRC) on July 16, 2014 at 11:03 a.m., Eastern. The meeting provided the MRC and other stakeholders an opportunity to preview proposed agenda topics for the MRC Board of Trustees (Board) and Board committee meetings scheduled to be held August 13-14, 2014 in Vancouver, BC. The meeting announcement, agenda, and list of attendees are attached as Exhibits A, B, and C, respectively. NERC Antitrust Compliance Guidelines and Public Meeting Notice Kristin Iwanechko, committee secretary, directed the participants’ attention to the NERC Antitrust Compliance Guidelines and the public meeting notice included in the agenda. Schedule of Quarterly NERC Meetings and Conference Calls The draft schedule of events for the upcoming meetings in Vancouver was included in the agenda package for today’s meeting. The MRC meeting is scheduled to begin at 1:15 p.m. on August 13. Review of Proposed Board and Board Committees’ Meeting Agenda Items Charlie Berardesco noted that the preliminary agenda items for the Board of Trustees and Board committee meetings scheduled for August 13-14, 2014 in Vancouver are identified in the slide presentation included in the agenda package for today’s call (Exhibit D). Mr. Anderson encouraged MRC members to review all agenda materials for the Board and Board committee meetings, once posted and available on July 30, 2014, and attend as many of these meetings as possible, in advance of the MRC’s meeting on August 13, 2014. Review of Proposed MRC Agenda Items for August 13 Mr. Anderson noted that the preliminary MRC agenda items for the upcoming August 13, 2014 meeting in Vancouver are identified in the slide presentation included in the agenda package for today’s call (Exhibit D). Topics include:

• Update from the Board of Trustees Nominating Committee;

• Schedule for MRC officer and sector elections;

• Discussion of the responses submitted to the policy input request from the Board;

• Additional discussion of the issues presented at the Board committee meetings on August 13;

Page 6: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

• Update on the polar vortex report; and

• Strategic discussion on the proposed EPA CO2 Section 111(d) regulation. Policy Input Reminder Mr. Anderson announced that the Board’s request for policy input is scheduled to be released today and responses are due by Wednesday, August 6 to Kristin Iwanechko, committee secretary. NERC staff provided updates on the following topics included in the policy input letter:

• Reliability Assurance Initiative (RAI);

• Risk-based Registration Initiative;

• Critical Infrastructure Protection (CIP) Version 5 Transition; and

• Cybersecurity Risk Information Sharing Program (CRISP). Informational Items NERC staff provided updates on the long-term reliability assessment and emerging issues, and the polar vortex report.

Proxy Reminder Proxy notifications for the August 13 meetings must be submitted in writing to Kristin Iwanechko, committee secretary. Meeting Adjourned There being no further business, the call was terminated at 12:59 p.m., Eastern. Submitted by,

Kristin Iwanechko Secretary

MRC Informational Session Minutes, July 16, 2014 2

Page 7: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Draft Minutes Member Representatives Committee May 6, 2014 | 1:00–5:00 p.m. Eastern Hyatt Regency Philadelphia at Penn’s Landing 201 South Columbus Blvd Philadelphia, PA 19106 215-928-1234 Chair John Anderson, with Vice Chair Sylvain Clermont present, called to order the North American Electric Reliability Corporation (NERC) Member Representatives Committee (MRC) meeting on May 6, 2014, at 1:04 p.m., Eastern. The meeting announcement, agenda, and list of attendees are attached as Exhibits A, B and C, respectively. Introductions and Chair’s Remarks Mr. Anderson welcomed attendees and acknowledged the attendance of FERC staff, the NERC Board of Trustees (Board), and new members Marion Lucas and State Commissioner Asim Haque. Mr. Anderson recognized the MRC responses to the April 9, 2014 policy input request from Fred Gorbet, chairman of the Board. He reminded attendees that full presentations were conducted at the committee meetings and will not be repeated during the MRC meeting. Mr. Anderson also thanked everyone that attended the informational session on April 9, 2014 and acknowledged that these sessions were started to better prepare participants for the upcoming quarterly meetings. He welcomed input from MRC members on whether a different format should be considered. NERC Antitrust Compliance Guidelines and Public Announcement Kristin Iwanechko, committee secretary, called attention to the NERC antitrust compliance guidelines and the public meeting notice. Any questions should be addressed to NERC’s general counsel, Charles Berardesco. Ms. Iwanechko declared a quorum present with the following recognized proxies:

• Greg Ford for Michael L. Smith – Cooperative Utility

• Barry Lawson for Jay Bartlett – Cooperative Utility

• Jackie Sargent for John DiStasio – State/Municipal Utility

• Martin Huang for Mike Penstone – Federal/Provincial

• Charles Acquard for Lawrence Nordell – Small End-Use Electricity Customer

• Holly Rachel Smith for David Clark – State Government

Page 8: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Minutes The MRC approved, on a motion by Bill Gallagher and seconded by Steve Naumann, the draft minutes of its April 9, 2014 conference call and the draft minutes of its February 5, 2014 meeting in Phoenix, Arizona (Exhibits D and E, respectively) subject to a minor correction. Recommended Slate of Stakeholder-based Members to the Reliability Issues Steering Committee (RISC) Mr. Clermont reported that a nominating committee consisting of himself, Gerry Cauley, Ken Peterson, and Bob Schaffeld had been formed to propose nominees for the RISC. The nominating committee received a number of candidates and looked for a balance among executive level expertise, experience with NERC, and regional, regulator, and sector diversity. Based on its review, the nominating committee recommended five at-large members (Daniel Froetscher, Ray Gorman, Scot Hathaway, Duane Highley, and Steve Whitley) and Nabil Hitti as an MRC representative. Bob Schaffeld, chair of the RISC, also noted that Terry Bilke is included as the Compliance and Certification Committee representative on the slate of candidates submitted to the Board for approval. The MRC endorsed, on a motion by John Twitty and seconded by Steve Naumann, the recommended slate of stakeholder-based members to serve on the RISC for two-year terms for election by the Board of Trustees. Request for MRC Members to Serve on the Board of Trustees Nominating Committee Mr. Anderson noted that three Board members’ terms are ending February 2015 (Ken Peterson, Jan Schori, and Bruce Scherr, with Bruce Scherr being term limited). The nominating committee, chaired by Janice Case, will present three nominees for election at the February 2015 MRC meeting. All Board members not up for re-election will serve on the nominating committee and five MRC members are asked to serve on the nominating committee. Several MRC members have already volunteered and Mr. Anderson asked that any additional members interested in serving notify himself or Mr. Clermont before the end of the day. Mr. Anderson noted that the nominating committee will have a face-to-face meeting in August in Vancouver, with interviews occurring earlier than past years. Ms. Case noted that the Board of Trustees will approve the nominating committee either on a scheduled conference call or an action without a meeting. Responses to the Board’s Request for Policy Input Mr. Anderson acknowledged the MRC’s responses to Fred Gorbet’s April 9, 2014 letter requesting policy input on the Reliability Standard Audit Worksheet (RSAW) review and revision process, the risk-based registration initiative, and a potential alternative funding mechanism to support expanded cyber security information sharing and capabilities. The following comments on the policy input topics are not all inclusive, but provide the general tenor and scope of the discussion:

Member Representatives Committee Meeting Minutes May 6, 2014

2

Page 9: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Reliability Standard Audit Worksheet (RSAW) Review and Revision Process

• MRC members were supportive of the process and believed the redline changes sent to the MRC in advance of the meeting were very responsive to the policy input submitted. MRC members recognized that there may be more issues to address that were outside the scope of the working group, but believed the proposed process is a step in the right direction.

• While MRC members were supportive, some raised questions during the Compliance Committee meeting in the morning to be addressed in the final process.

• An MRC member asked for clarification on the reference to the SOTC chair considering whether the effective date of the proposed changes would increase compliance requirements retroactively. NERC staff clarified that the RSAW cannot increase or change compliance requirements and the language would be refined to consider whether the RSAW revision seeks to retroactively change how evidence of compliance with the requirements is provided.

• An MRC member asked how often NERC expects to post revisions under the proposed process. Gerry Cauley noted that any new standard will already have a fairly stable RSAW that was posted with the standard during balloting, and he does not expect frequent revisions.

• An MRC member questioned the need for the process to be included in the Standard Oversight and Technology Committee’s mandate and whether a periodic review of the process would be necessary. Mr. Anderson noted that he expects the process to be an ongoing effort. Mr. Cauley stated that the process itself would not likely need to be included in the mandate, but that addition to the mandate adding the new duty for the SOTC would be appropriate.

• MRC members agreed that no formal approval was necessary. NERC management and the NERC Board of Trustees supported the process and committed to developing a final version based on comments received during the May meetings.

Risk-Based Registration Initiative Mark Lauby, senior vice president and chief reliability officer at NERC, discussed the current challenges that face registration and the vision of the risk-based registration initiative to tailor requirements based on risk. The advisory group developed a whitepaper that identified types of threshold changes initially being discussed and formed various ad hoc groups for threshold determination. Mr. Lauby highlighted some of the comments received in response to the policy input letter, including general support from industry, the need for a simple approach, appreciation for eliminating functions not impacting reliability, the need to ensure that risk-based registration activities are not in conflict with the BES definition, and the need to consider aggregate impacts. Mr. Lauby noted that the advisory group anticipates posting the draft design for industry comment in May or June, with the goal to present a final design to the Board at its November meeting.

• Some MRC members suggested that changing the applicability section of standards may be a better way to address the registration issues, but some also acknowledged that it would likely be a longer-term solution since those changes would require going through the standards development process.

Member Representatives Committee Meeting Minutes May 6, 2014

3

Page 10: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

• Mr. Cauley noted the whitepaper is an early draft that includes a lot of ideas and there seems to be an opportunity based on fact, analysis, and historical experience to potentially eliminate a small number of registered functions. To eliminate a function(s), the expectation is to have demonstrated analysis showing that nothing would be lost by removing the function(s). He also noted that there seems to be some confusion about tiers but reminded MRC members that a tiered approach has been used before and approved by FERC as part of the GO/TO project.

• Some MRC members were concerned about the tiered approach discussed in the whitepaper, specifically because this initiative is occurring at the same time as the implementation of the BES definition, which includes its own set of requirements. The MRC members want to make sure that the sequencing of initiatives does not create uncertainty; rather, create greater clarity and ensure that the registry only includes those entities that have an impact on reliability.

Potential Alternative Funding Mechanism to Support Expanded Cyber Security Information Sharing and Capabilities Mr. Cauley noted that in an effort to further increase the separation of the ES-ISAC from compliance and enforcement activities, NERC recently separated the CIP compliance audit group from the ES-ISAC and moved that group under compliance operations reporting to Jerry Hedrick. The ES-ISAC director now reports directly to the president and CEO. NERC is also introducing a code of conduct which further memorializes very specific procedures for staff to ensure that security information received through the ES-ISAC is not shared with compliance and enforcement. Another separation that NERC is considering is a physical separation within the DC office. This is not currently included in the budget, but Mr. Cauley requested that industry provide feedback on the value of that separation. Steve Naumann provided an overview of CRISP, a tool developed by the US government national labs, and its deployment to industry was discussed at the ESCC. It is a public-private partnership to share cyber threat information in a timely manner where users that have an information sharing device will collect data that is sent to the CRISP analysis center to analyze the data and send alerts and mitigation measures to those entities that have a node in place. The CRISP system also includes the Cyber Federated Model (CFM) which is the exchange of the near real-time information. He noted that there are two companies that have the CRISP hardware/software in service, and three more are in negotiations. The proposal from the ESCC is to have 22 or 23 participants by the end of the year across different sectors. Essentially, the ES-ISAC would take information from those that have CRISP and use that information to benefit the electric industry. Mr. Cauley stated that he believed the CRISP program would be very valuable for industry and for the ES-ISAC. He noted that by installing a node, NERC would be able to take patterns of what is being seen and share it more broadly with industry. He stated that if there is a critical mass of CRISP users in the industry, it may be important for NERC to install a node and be active in this program. This would cost approximately $200-$300k for basic NERC participation and could likely be funded from reserves. There would also be an opportunity for additional NERC staff to assist with analysis which would require additional expenditures of approximately $600-$850k per year. Mr. Cauley asked whether the

Member Representatives Committee Meeting Minutes May 6, 2014

4

Page 11: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

program should be funded through general assessment funds or through an additional fee from CRISP users.

• Several MRC members were supportive of NERC installing a node and believe it is critical for the ES-ISAC to be involved with the CRISP program.

• MRC members asked whether entities that did not volunteer funding would benefit from the program and wanted to ensure that the whole industry would benefit from NERC having a node. Mr. Cauley explained that if NERC had a node, NERC would be able to provide information more broadly to industry.

• In addition to the suggested physical separation of the ES-ISAC, an MRC member encouraged NERC and industry to consider whether there are other forms of separation that might be logicial.

• An MRC member asked what type of product would be sent to industry if NERC and the ES-ISAC get a node. Mr. Cauley noted that it could be some type of electronic post or alert. Mr. Naumann also stated that it could be as simple as a list of ISPs.

• An MRC member noted that at some point, NERC should think about how Canadian entities would be able to receive the data and how that could be managed.

Additional Policy Discussion from Board Committee Meetings Attendees shared comments in response to the discussions from the Board committee meetings: Compliance Committee

• Regarding the Reliability Assurance Initiative (RAI), an MRC member acknowledged the timely distribution of the audit manual in April, but requested more frequent outreach and more communication to industry regarding the status and timing of future RAI deliverables.

Standards Oversight and Technology Committee

• An MRC member emphasized the importance of timely distribution of materials to industry with respect to the CIP Version 5 transition.

• For the stage 2 geomagnetic disturbance mitigation standard, an MRC member asked if the work being done on the stage 2 standard is contemplating that some of the operating procedures entities have in place today will be part of the mitigating actions that would be accepted to meet the stage 2 standard requirements. Mark Lauby explained that the stage 2 standard will not be prescriptive as to what solutions make the most sense for any organization and entities will have to look at the different types of technologies and approaches that make sense.

2015 Business Plan and Budget Michael Walker, senior vice president and chief and financial and administrative officer at NERC, noted that the 2014-2017 strategic plan was updated to try to improve the focus, reduce the number of goals, and improve the metrics. The strategic plan, goals, and metrics drive the resource allocation and

Member Representatives Committee Meeting Minutes May 6, 2014

5

Page 12: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

planning among NERC and the Regional Entities. Gerry Cauley provided an update on the 2014 metrics, noting that NERC revised some of the metrics based on feedback received at the February meeting. He also noted that NERC has developed an accountability matrix which captures stakeholder comments and how they were addressed. The accountability matrix was included in the Board agenda package. Mr. Walker then highlighted a number of priorities by department within NERC that are included in the business plan and budget: risk-based registration initiative; reliability standards initiatives; compliance and enforcement initiatives; reliability assessment and performance analysis initiatives; critical infrastructure protection initiatives; ES-ISAC initiatives; training; enterprise applications; and corporate services. He provided details on NERC budget projections, noting that NERC is becoming more mature as the Electric Reliability Organization and the budget is starting to stabilize in terms of overall operating expenses. He also noted that assessment projections are under development. Mr. Walker reminded attendees that a consolidated budget with assessments will be posted on May 16, 2014 for 45-day comment period.

• MRC members commended NERC on its transparency throughout the development of the 2015 business plan and budget.

• One MRC member asked how the Reliability Assurance Initiative (RAI) would affect the budget. Mr. Walker noted that there are some additional resource demands, but NERC does not see a need to increase resources across the board to implement RAI.

• A Board member encouraged industry to provide its view on the importance of the physical separation of the ES-ISAC and installing a node for the ES-ISAC when submitting comments on the 2015 business plan and budget. Understanding the industry’s view on these items will be important when determining whether to include associated costs in the budget. Some MRC members expressed their support for including a line item in the budget for these items.

2014 Long-Term Reliability Assessment: Development Plan and MRC Input Tom Burgess, vice president and director of reliability assessment and performance analysis at NERC, introduced this item stating that the long-term reliability assessment (LTRA) is one of NERC’s key deliverables, and NERC has started the process of developing the assessment and collecting data. He noted that NERC will be asking the MRC for better insight on emerging issues and where NERC should focus its attention. John Moura, director of reliability assessment at NERC, discussed the need for more proactive thinking about whether the right framework for reliability assessment is being used and discussed proposed key issues for the 2014 LTRA. Mr. Moura explained that to develop the LTRA, NERC begins with the LTRA from the previous year and takes information that has passed through committees to put together a complete set of issues. To gather input from MRC members earlier in the development process, he noted that NERC would send out a survey after the meeting and urged MRC members to provide comments on how NERC and its committees should consider the emerging issues from a policy perspective. The survey will close on May 30, 2014, and NERC will begin developing the LTRA in June.

Member Representatives Committee Meeting Minutes May 6, 2014

6

Page 13: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Bob Schaffeld, on behalf of the RISC, encouraged MRC members to participate in the survey. He noted that the information is used in RISC prioritization efforts, and the RISC is looking for what emerging risks industry may be faced with in the future. Essential Reliability Services Whitepaper Mr. Burgess reported that NERC began an initiative and developed a whitepaper on essential reliability services. NERC established a task force (the ERSTF) of about 30 members led by Ken McIntyre. Throughout the rest of the year, various deliverables will be developed, including a framework and technical reference document. Mr. Moura stated that the formulation of the whitepaper resulted from a recommendation from the 2013 LTRA and the California ISO report. He noted that the objectives of this initiative, through the ERSTF, are to determine what are considered to be essential reliability services and how they impact reliability, how a resource mix change affects them, and what happens when you don’t have them. There are six essential reliability services outlined in the whitepaper: 1) operating reserve; 2) frequency response; 3) ramping capability; 4) active power control; 5) reactive power and voltage control; and 6) disturbance ride-through tolerance. Mr. Moura noted that a framework will be developed by the task force and is expected to be completed in the last quarter of 2014. A final assessment, which will use the framework, is expected to be completed in 2015.

• Dave Goulding suggested that the task force take another look at dynamic stability as a key essential reliability service.

• An MRC member asked for clarification on the final assessment. Mr. Moura explained that there are three parts: 1) the primer, which lays out what each of the essential reliability services are; 2) setting the framework to determine how to assess the essential reliability services, what data is needed, and what metrics will be used; and 3) actually doing the assessment by collecting the data and using the framework.

• An MRC member asked if part of the assessment will include interconnection-wide studies. Mr. Cauley noted that he would expect there to be a real study – interconnection-wide and regional – about the observed impacts.

• MRC members identified fuel assurance, gas delivery, and gas and electric coordination as issues to be looked into further.

• Mr. Cauley stated that this is an important initiative for NERC and the industry, and he hopes the task force can press forward in a timely fashion.

• An MRC member asked about looking at costs of the alternatives. Mr. Cauley noted that the charter is to identify the risks, make people aware of them, and educate policymakers. The charter does not necessarily include cost.

Five-Year Performance Assessment Willie Phillips, assistant general counsel at NERC, reminded attendees that FERC requires NERC to provide periodic performance assessments of the ERO. NERC is working on the first five-year

Member Representatives Committee Meeting Minutes May 6, 2014

7

Page 14: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

assessment due for filing on July 21, 2014. On March 3, 2014, NERC posted the first draft of the five-year assessment and the comments received during that posting were focused on enforcement and compliance, and the impact major initiatives have had on the ERO. Mr. Phillips noted that the next steps are to incorporate edits based on comments received into another draft of the assessment, which will also include a region-by-region assessment of the functions that NERC delgates to the Regions. NERC plans to finalize the ERO performance assessment by the end of May and post a revised draft of in June. NERC is on track to file the final five-year performance assessment with FERC by the July 21, 2014 deadline. Charles Berardesco, senior vice president and general counsel at NERC, noted that NERC recently received comments from the CEA outside of the commenting process and ensured those comments will be reflected in the next draft. NERC is committed to responding to all comments received. An MRC member asked about a prior stakeholder survey tied to performance and how the feedback was incorporated. Mr. Phillips stated that the assessment will address the comments from the survey. Regulatory Update Mr. Berardesco invited questions or comments regarding the regulatory report, which highlights Canadian affairs, as well as past and future significant FERC filings. Future Meetings The following are future dates for the MRC Pre-Meeting and Informational Sessions:

• July 16, 2014

• October 15, 2014 The following are future NERC Board and MRC meeting dates and locations:

• August 13-14, 2014 – Vancouver, Canada

• November 12-13, 2014 – Atlanta, GA

• February 11-12, 2015 – San Diego, CA

• May 6-7, 2015 – Washington, DC

• August 12-13, 2015 – Toronto, Canada

• November 4-5, 2015 – Atlanta, GA

Member Representatives Committee Meeting Minutes May 6, 2014

8

Page 15: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Adjournment There being no further business, the meeting terminated at 4:40 p.m., Eastern. Submitted by,

Kristin Iwanechko Secretary

Member Representatives Committee Meeting Minutes May 6, 2014

9

Page 16: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 2 MRC Meeting August 13, 2014

Future Meetings

Action Information Summary The following are the future meeting dates for 2014 and 2015. The dates for the 2014 Pre-Meeting and Informational Sessions conducted via conference call and webinar are also included below. 2014 Dates

October 15 Pre-Meeting and Informational Session

November 12-13 Atlanta, GA 2015 Dates

February 11-12 San Diego, CA

May 6-7 Washington, DC

August 12-13 Toronto, Canada

November 4-5 Atlanta, GA

Page 17: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 3a MRC Meeting August 13, 2014

Update from Board of Trustees Nominating Committee

Action Information Background On May 6, 2014, Chair John Anderson invited MRC members to volunteer to serve on the Board of Trustees Nominating Committee (BOTNC). In response to this solicitation, several members of the MRC expressed interest in serving with the MRC chair and vice chair on the BOTNC, and the following MRC members were named by the Board of Trustees to the BOTNC:

1. John Anderson – MRC Chair

2. Sylvain Clermont – MRC Vice Chair

3. Nick Brown – ISO/RTO

4. Bill Gallagher – Transmission Dependent Utility

5. Steve Naumann – Investor-Owned Utility The BOTNC chair, Janice Case, will provide a status report on the planned activities and schedule for the BOTNC.

Page 18: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 3b MRC Meeting August 13, 2014

Schedule for MRC Officer and Sector Elections

Action Information Background Chair John Anderson will announce the upcoming nomination and election cycle for the Member Representatives Committee (MRC) officers and those members whose terms expire in February 2015. The tentative schedule is shown below. MRC Officer Elections Tuesday, September 9 – nomination period opens Thursday, October 9 – nomination period closes Wednesday, November 12 – election of officers for following year by current MRC members MRC Member Nominations and Elections Friday, September 12 – nomination period opens Wednesday, November 12 – nomination period closes Tuesday, December 2 – election begins Friday, December 12 – election ends Reference Links Membership of MRC for 2014-2016 NERC Bylaws

Page 19: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 4 MRC Meeting August 13, 2014

Responses to the Board’s Request for Policy Input

Action Discussion. NERC staff will present additional information on the policy input items at the Board Committee meetings (Reliability Assurance Initiative and Cybersecurity Risk Information Sharing Program) and at the MRC meeting (Risk-Based Registration Initiative and CIP Version 5 Transition) on August 13, 2014. Background The policy input letter is issued by the Chair of the NERC Board of Trustees (Board) four weeks in advance of the quarterly meetings and includes relevant materials necessary to inform discussion. Written input from the MRC and stakeholders is due one week before the meetings and is then revisited during a dedicated discussion time on the MRC’s agenda, in the presence of the Board. Status On August 13, 2014, the MRC can expect to participate in further discussion of the responses received to the policy input request that was distributed on July 16, 2014 and of the presentations given on the policy input items at the Board Committee meetings and MRC meeting on August 13, 2014. The four items included in the policy input letter were presented at the MRC Pre-Meeting and Informational Session webinar on July 16, 2014. Background information on each of the policy input items are included in the agenda package for the webinar. Deadline for submitting policy input responses is August 6, 2014 and should be sent to [email protected] Enclosed Attachments

1. Background Document for CIP Version 5 Transition 2. Background Document for Risk-Based Registration Initiative 3. July 16, 2014 Board’s Letter Requesting Policy Input

Page 20: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 4 Attachment 1 MRC Meeting August 13, 2014

Critical Infrastructure Protection (CIP) Version 5 Transition Action The information below was presented at the MRC Informational Session on July 16, 2014. A status update will be presented at the MRC meeting on August 13, 2014.

Background Since October 2013, NERC has been actively collaborating with Regional Entities and industry to support transition from version 3 of the Critical Infrastructure Reliability Standards (CIP Version 3) to implementing the version 5 of the Critical Infrastructure Reliability Standards (CIP Version 5) in a manner that is timely, effective, and efficient. NERC established a transition program with the following goals and key elements:

• Periodic Guidance. To keep industry informed of various implementation and transition matters throughout the transition period.

• Implementation Study. To work closely with a small number of Responsible Entities to implement aspects of CIP Version 5 in an accelerated timeframe, and share lessons learned.

• Compliance and Enforcement. To further develop approaches that demonstrate compliance consistent with the Reliability Assurance Initiative (RAI)1.

• Outreach and Communications. To keep all stakeholders informed of developments related to the implementation of CIP Version 5 and invite input throughout the transition period.

• Training. To provide timely training to Regional Entities and industry on CIP Version 5 implementation.

As part of NERC’s CIP Version 5 transition program, NERC staff posted a draft updated Cyber Security Standards Transition Guidance (Transition Guidance) document for industry and Regional Entities to review through June 25, 2014. The primary objective of the Transition Guidance is to address questions related to compliance preparation activities for industry and Regional Entities as they transition from Version 3 to Version 5. A Transition Guidance presentation was also provided to the Critical Infrastructure Protection Committee in June 2014. The documents are available on the transition program website2 and will be updated based on stakeholder input as the transition program continues. The Implementation Study, another component of the transition program, is particularly important. The field work ended on June 26, 2014, providing an opportunity for NERC, Regional

1 Ref. NERC website http://www.nerc.com/pa/comp/Pages/Reliability-Assurance-Initiative.aspx 2 http://www.nerc.com/pa/CI/Pages/Transition-Program.aspx

Page 21: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Entities, and certain Responsible Entities to experience what is required to implement the CIP Version 5 standards in operational environments. NERC, with input from Regional Entities and stakeholder participants, will be drafting an Implementation Study report to summarize lessons learned,3 highlight certain implementation processes, and discuss CIP Version 5 resource impacts. NERC anticipates completion of that report in the third quarter of 2014. NERC and the Regions, with stakeholder input, also developed Reliability Standard Audit Worksheets (RSAWs), which cover the approved CIP Version 5 standards and the proposed modifications to those standards developed as part of the CIP Version 5 revisions project. The RSAWs were posted concurrently with the CIP Version 5 revisions for comment through July 16, 2014. In response to feedback on the RSAWs and Transition Guidance, NERC is developing auditor training to ensure that all Regional Entity CIP auditors have been trained on the CIP Version 5 standards (and revisions) and the RSAWs’ use. In addition, NERC produced an RAI-based Frequently Asked Questions4 document to assist industry in understanding how RAI integrates with the concepts of CIP Version 5. Next Steps in Managing Transition to CIP Version 5 With the field work of the Implementation Study complete, along with closure of the comment period on the Transition Guidance, NERC, the Regional Entities, and industry have an opportunity to assess understanding of transition expectations and opportunities for increased engagement in specific areas. NERC is committed to a ensuring smooth transition to CIP Version 5, but it also understands that there is more work needed to increase confidence amongst entities that their transition activities and efforts will meet future compliance and enforcement expectations. NERC is initiating a collaborative effort involving NERC staff, Regional Entity staff, Implementation Study participants, and other stakeholders to coordinate monthly through the transition period to identify and address pressing industry questions about CIP Version 5. Input from these activities will result in coordinated guidance for the transition, which may include development of supporting documents approved under section 11 of the Standard Processes Manual. Among the priorities for this group will be identification of any obstacles and challenges to increasing transitioning entities’ confidence, along with partnering with the Regions and stakeholders through continued communication and engagement. There will also be a number of training and outreach sessions planned for industry and Regional Entity staff, which will include industry readiness reviews by regional staff, webinars and other opportunities to discuss technical questions. As these are developed, they will be announced and posted on the NERC calendar. Extensive auditor training is being prepared, with initial sessions occurring in September 2014. Additionally, as RAI concepts are finalized, NERC will ensure continued outreach and education to support continued alignment between industry and NERC’s CIP compliance monitoring approaches.

3 http://www.nerc.com/pa/CI/Pages/Transition-Program-V5-Implementation-Study.aspx 4 http://www.nerc.com/pa/Stand/Prjct2014XXCrtclInfraPrtctnVr5Rvns/RAI-IAC_FAQ_v5-NERC_Final_06022014.pdf

Page 22: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Additional Information A link to the CIP V5 Transition Program and files is included here for reference: [http://www.nerc.com/pa/CI/Pages/Transition-Program.aspx]

Page 23: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 4 Attachment 2 MRC Meeting August 13, 2014

Risk-Based Registration Initiative

Action The information below was presented at the MRC Informational Session on July 16, 2014. A status update will be presented at the MRC meeting on August 13, 2014.

Background NERC launched the Risk-Based Registration (RBR) initiative in 2014. The ultimate end-state vision for the registration program is to ensure the right entities are subject to the right set of applicable Reliability Standards, using a consistent approach to risk assessment and registration across the ERO Enterprise. The RBR Advisory Group (RBRAG), comprised of representatives from NERC staff, Regional Entity staff, and Federal Energy Regulatory Commission staff, along with U.S. and Canadian industry representatives, has continued to provide valuable input and advice on the RBR design and implementation plan. The RBRAG technical task force also has made significant contributions to date and is continuing to work on technical support for the proposed design framework. Status Update On June 2, 2014, a draft design and implementation plan, draft NERC Rules of Procedure (ROP) Appendix 5B, and specific questions focused on key areas of the draft design were posted for public comment. NERC conducted an industry webinar on June 6, 2014 to provide an overview of the general project and answer general questions. Several hundred people attended the industry webinar. In addition, approximately fifty sets of comments were submitted by industry stakeholders. The RBRAG will post revised documents that take into account the comments received to date, as part of the MRC policy input package. The draft documents will be discussed at the MRC meeting in August. The draft design incorporates an evaluation of the risks and benefits provided by a given entity to ensure reliability, and identifies a corresponding properly tailored set of NERC Reliability Standard requirements for certain functional categories. The draft design also includes an implementation plan supporting a 2016 or sooner launch, along with business practice and IT requirements, with the possibility of early adoption options. These options result in addressing industry burden, while preserving reliability of the Bulk Power System. The second stage will address any remaining non-design issues or issues requiring a longer lead-time. Existing flexibility in the application of threshold criteria, the Functional Model categories, and scaled sets of applicable Reliability Standards provide opportunities for accelerated reform within the existing ROP. However, possible modifications to the ROP are being assessed and will be pursued as necessary. The final versions of registration criteria, implementation plan, and any necessary ROP changes will be presented to the MRC and Board of Trustees in November with an anticipated filing date at the end of that month.

Page 24: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

July 16, 2014 Mr. John A. Anderson, Chair NERC Member Representatives Committee c/o Electricity Consumers Resource Council 1111 19th Street, NW Suite 700 Washington, DC 20036 Re: August 2014 Policy Input to NERC Board of Trustees Dear John: I would like to invite the Member Representatives Committee (MRC) to provide policy input on four issues of particular interest to the Board of Trustees (Board) as it prepares for the meetings on August 13-14, 2014, in Vancouver, BC. Enclosed with this request is additional background information to help MRC members solicit inputs from their respective sectors. The four issues are: Item 1: Reliability Assurance Initiative (RAI) The goal of RAI is to fully implement a risk-based compliance monitoring and enforcement program. Partnering with industry, the ERO Enterprise executed a series of pilots to test and implement activities and approaches to support risk-based methods and evaluated the results of the pilots. Since the completion of the pilots, activities continue to document the processes and procedures as well as expand the use of select tools and techniques to additional Registered Entities. The ERO Enterprise is currently finalizing the documentation to complete a single design for the four modules outlined in the Compliance Oversight Framework (Framework): risk elements, inherent risk assessment (IRA), internal controls evaluation, and compliance monitoring and enforcement tools. Following the Board meeting in May, the ERO Enterprise worked on developing the IRA Guide (see Attachment A). The IRA Guide describes the process used to assess inherent risk of Registered Entities by the Regions and serves as a guide for implementing and performing an IRA. The MRC is encouraged to provide feedback on the draft IRA Guide. Specifically, the Board requests input on the following questions:

1. Do you agree with the process design of the draft IRA Guide to appropriately scope oversight? Are there areas for enhancement in the draft IRA Guide that would address specific concerns (please provide examples)?

Fred W. Gorbet, Chair Board of Trustees

3353 Peachtree Road NE

Suite 600, North Tower Atlanta, GA 30326

404-446-2560 | www.nerc.com

Page 25: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

2. What additional information or examples would help demonstrate the processes outlined in the draft IRA Guide?

3. What types of training and information on the draft IRA Guide would be beneficial to support clear communication and expectations between the CEA and registered entity for gathering and assessing data pertinent to risk?

4. Are there any other considerations not identified in the draft IRA Guide that you believe need to be addressed?

Item 2: Risk-Based Registration Initiative The July 16, 2014 MRC Informational Session agenda materials included an update on the Risk-Based Registration (RBR) Initiative launched in 2014 (see Agenda Item 4b), focused on reviewing the current registration criteria and practices to ensure the right entities are subject to the right set of applicable Reliability Standards, using a consistent and common approach to risk assessment and registration across the ERO Enterprise. NERC established a RBR Advisory Group (RBRAG) to provide input and advice for the RBR design and implementation plan. The RBRAG is comprised of representatives from NERC staff, Regional Entity staff, and Federal Energy Regulatory Commission staff, along with U.S. and Canadian industry representatives. An RBRAG technical task force has also been formed to provide technical support. In June 2014, NERC posted drafts of the RBR design and implementation plan, NERC Rules of Procedure (ROP) Appendix 5B, and specific questions focused on key areas of the draft design for public comment. Approximately fifty sets of comments were received. These comments have been reviewed with the RBRAG technical task force and considered in the revisions of the draft design, implementation plan, and ROP Appendix 5B, which are included in this MRC policy input package. The MRC is encouraged to provide feedback on these draft documents (see Attachments B and C), addressing the following questions:

1. Are there any additional issues that should be considered when completing the technical assessments needed to measure the potential risks to Bulk Electric System reliability from the proposed reforms?

2. Do you agree with the proposed design of the RBR program? Are there areas for enhancement that would address specific concerns?

3. Do the implementation plan and ROP revisions provide a clear and concise plan toward implementation of the proposed design?

4. Are there additional venues or mechanisms that NERC should consider to communicate the details of the proposed design and implementation plan?

Page 26: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

5. Are there any other considerations not identified in the draft design framework that you believe need to be addressed in this initiative?

The RBR design, implementation plan, and ROP enhancements, which are part of the Phase 1 RBR effort, will be included in the MRC agenda for discussion at the August 2014 meeting. With the additional contributions provided by this policy input and discussions at the next MRC meeting, the refined version of these documents will subsequently be posted for an additional 45-day period for industry comment. The final drafts will be brought to the Board at its November 2014 meeting for approval. Separate efforts regarding sub-set lists of applicable Reliability Standards for Transmission Owners/Transmission Operators and Generator Owners/Generator Operators will be addressed in Phase 2. Functional registration categories that are not changing as part of Phase 1 of RBR also will be re-evaluated. Further information on Phase 2 will be provided at the November 2014 Board meeting. Item 3: Critical Infrastructure Protection (CIP) Version 5 Transition The July 16, 2014 MRC Informational Session agenda materials included an update on the CIP Version 5 transition (see Agenda Item 4c). In the context of CIP Version 5 transition activities, the Board would appreciate feedback from the MRC on issues or concerns regarding the transition to CIP Version 5. NERC, the Regional Entities, and the industry share a common vision of a smooth transition to CIP Version 5 in a manner that does not result in an unexpected, large volume of possible violations. NERC is currently assessing input from the Implementation Study and industry comments to the draft guidance documents. Further, a working group made up of NERC staff, Regional Entities, study participants, and other stakeholders has been created and will meet monthly to address emerging questions and issues regarding the transition to CIP Version 5. The background document included in the MRC Informational Session agenda identifies the ongoing activities that have been completed to date and provides an overview of proposed next steps in managing the transition, which may include development of supporting documents approved under section 11 of the Standard Processes Manual. Specifically, the Board seeks input from the MRC on steps that NERC and the Regional Entities can take to enhance the effectiveness of their transition guidance and coordination efforts to provide stakeholders increased confidence that their CIP Version 5 transition efforts and activities are meeting implementation expectations. Similarly, please provide input on what activities and resources you view as most useful to achieving confidence in entities’ transition efforts. Item 4: Cybersecurity Risk Information Sharing Program (CRISP) The July 16, 2014 MRC Informational Session agenda materials included an update on CRISP (see Agenda Item 4d), a voluntary program to facilitate the exchange of cybersecurity information between electric utilities and the Electricity Sector-Information Sharing and Analysis Center (ES-ISAC) to enable electric power critical infrastructure operators to better protect their networks from sophisticated cyber threats.

Page 27: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

The Board seeks input from the MRC regarding the following:

1. Should NERC take on the risks and challenges associated with serving as the program lead for CRISP, as described in the MRC Informational Session background materials, and do you have any specific comments regarding the structure of the program?

2. On July 15, 2014, NERC posted the final draft of its 2015 business plan and budget and included detailed information regarding a proposed initial funding mechanism for NERC’s participation in the CRISP program. Do you have any specific comments regarding the proposed initial funding mechanism?

As a reminder, the full agenda packages for the Board, Board committees and MRC meetings will be available on July 30, 2014. I encourage the MRC to review the agenda materials for the August meetings, once available, and offer any additional input that is meaningful and timely to industry and stakeholders. Written comments should be sent to Kristin Iwanechko, MRC Secretary ([email protected]) by August 6, 2014 for the Board to review in advance of the meetings scheduled for Vancouver. Sincerely,

Fred W. Gorbet, Chair NERC Board of Trustees cc: NERC Board of Trustees Member Representatives Committee

Page 28: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Attachment A

Risk Elements and Inherent Risk Assessment Overview

Summary The RAI Oversight Plan Framework (Framework) consists of four modules as shown in the diagram below: Risk Elements; Inherent Risk Assessment; Internal Control Evaluation; and CMEP Tools.

The Inherent Risk Assessment (IRA) module, the second module of the Framework, defines the approach for assessing a Registered Entity’s risks in order to appropriately determine the scope for a chosen oversight method. The IRA is dependent upon the outputs of the Risk Elements module (currently under development and expected in August 2014). The attached draft IRA Guide documents lessons learned through the compliance pilots and how to implement risk assessment methodologies across the ERO Enterprise during the second half of 2014. The Risk Elements module will be used by the ERO, on an ongoing basis, to identify risks to the Bulk Electric System (BES) and evaluate where those risks correspond to registered functions and tasks, identifying those standards and requirements that address those risks. The Regional Entity will then conduct a more focused assessment on the Registered Entity’s specific risk factors to more clearly understand how a Registered Entity’s operations are exposed to those risks. The Risk Elements module provides the following inputs to the IRA model:

1. Specifically identified risks to the reliability of the BES ranked by considering significance, likelihood, vulnerability, and potential impact to the reliability of the BES;

2. Preliminary list of NERC Reliability Standards and requirements mapped to the reliability risks; and

3. Preliminary list of Registered Entities subject to the IRA process.

RAI Oversight Plan Framework

ScopeScope

Applicable Standards

RiskElements

Controls Not Evaluated

CMEP Tools

IRA

ICE

Com

plia

nce

Ove

rsig

ht P

lan

Oversight Scoping

Inherent RiskAssessment

Internal ControlsEvaluation

Input Input

• RE Functions• Characteristics - ERO /

Regional• Events• RISC

Page 29: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

These inputs, and how they tie in to the IRA, are shown in the diagram below.

Risk Elements

Registered Functions &

Tasks

IRA

BES Inherent Risk

Risk Sources

Map Risks to functions and rate

Reliability Standards &

Requirements

Identify and Assess Inherent Risk to the BES

Weight risks to functional tasks by impact, likelihood, & frequency. Link

Reliability Standards and requirements to functional tasks

Page 30: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 1 of 22

ERO Inherent Risk Assessment Guide

Effective: TBD

3353 Peachtree Road NE Suite 600, North Tower

Atlanta, GA 30326 404-446-2560 | www.nerc.com

Page 31: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 2 of 22

Table of Contents

1.0 Introduction ..........................................................................................................................................................3

2.0 IRA Module ...........................................................................................................................................................4

2.1 IRA Role Within the Overall Risk-based Compliance Oversight Framework ....................................................4

Figure 1. Risk-based Compliance Oversight Framework ....................................................................................4

2.2 Major inputs into the IRA module ....................................................................................................................4

2.2.1 Inputs from the Risk Elements module .........................................................................................................4

2.2.2 Understanding the Registered Entity ............................................................................................................5

2.3 Objectives of IRA module..................................................................................................................................5

3.0 IRA Module Overview ...........................................................................................................................................6

3.1 Information Gathering ......................................................................................................................................6

3.1.1 Information Gathering Process ..................................................................................................................7

3.1.2 Key Outputs ................................................................................................................................................8

3.1.3 Timing .........................................................................................................................................................8

3.2 Decision Making ................................................................................................................................................8

3.2.1 Decision Making Process ............................................................................................................................9

3.2.2 Key Outputs ............................................................................................................................................. 12

3.2.3 Timing ...................................................................................................................................................... 12

3.3 IRA Outcomes ................................................................................................................................................ 12

3.3.1 IRA Outcomes Process ............................................................................................................................ 12

3.3.2 Key Outputs ............................................................................................................................................. 12

3.3.3 Timing ...................................................................................................................................................... 13

3.4 Revision of the Inherent Risk Assessment ..................................................................................................... 13

4.0 Documentation .................................................................................................................................................. 14

4.1. Results Documentation .............................................................................................................................. 14

4.2. Documentation Retention .......................................................................................................................... 14

5.0 Possible Tools, Templates, and Other Needs .................................................................................................... 15

6.0 References ......................................................................................................................................................... 16

Appendix A – Definitions ......................................................................................................................................... 17

Appendix B – Information Attribute List ................................................................................................................. 18

Appendix C – Risk Factor Examples ......................................................................................................................... 21

Page 32: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 3 of 22

1.0 Introduction

This Inherent Risk Assessment (IRA) Guide (“Guide”) describes the process used to assess inherent risk of registered entities by the Compliance Enforcement Authorities (CEAs) and serves as a standard for North American Electric Reliability Corporation (NERC) and the eight Regional Entities (REs) for implementing and performing an IRA process for the purpose of achieving its intended result. CEAs1 perform an IRA of registered entities to identify areas of focus and the level of effort needed to monitor compliance with NERC Reliability Standards. The IRA is a review of potential risks posed by an individual registered entity to the reliability of the bulk power system (BPS). An assessment of BPS reliability impact due to inherent risk requires identification and aggregation of individual risk factors related to each registered entity, and the consideration of the significance of BPS reliability impact for identified risks. An IRA considers risk factors such as assets, systems, geography, interconnectivity, prior compliance history, and overall unique entity composition when determining the Compliance Oversight Plan for a registered entity. The IRA will be performed on a periodic basis. The frequency of the IRA may depend based on occurrence of significant changes or emergence of new reliability risks. Appendix A contains definitions of terms used within the IRA Guide.

Revision History Date Version Number Comments

1 NERC ROP, Section 401 (Scope of the NERC Compliance Monitoring and Enforcement Program): CEAs, which consist of NERC and the eight REs, carry out Compliance Monitoring and Enforcement Program (CMEP) activities in accordance with the NERC ROP and Appendix 4C CMEP, the respective Regional Delegation Agreements between NERC and each RE, and other agreements with the Canadian and Mexican regulatory authorities

Page 33: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 4 of 22

2.0 IRA Module

2.1 IRA Role Within the Overall Risk-based Compliance Oversight Framework The IRA module is the second module within the Risk-based Compliance Oversight Framework and serves as an important part of the risk-based Compliance Oversight Framework. The IRA considers outputs from the Risk Elements module (see section 2.2.1 for more details) Outputs from the IRA module are key input sources to the Internal Controls Evaluation (ICE) module, the Compliance Monitoring and Enforcement Program (CMEP) Tools module, and the overall Compliance Oversight Plan. Figure 1 below Illustrates the placement of the IRA module within the risk-based Compliance Oversight Framework.

Figure 1. Risk-based Compliance Oversight Framework Where the Risk Elements module provides a process for identifying and prioritizing risks the IRA module enables the CEAs in determining areas of focus for compliance oversight of a registered entity. Based on the risks formulated within the Risk Elements module, the IRA module is used to assist with the identification of Reliability Standards and Requirements that should be monitored.

2.2 Major inputs into the IRA module 2.2.1 Inputs from the Risk Elements module The Risk Elements module outputs represent risks to the reliability of the BPS, as known by both NERC and the REs, which would be subject to the IRA process. The Risk Elements module should provide the following inputs into the IRA module:

IRA

Page 34: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

2.0 IRA Module

NERC | IRA Guide | July 2014 5 of 22

Specifically identified risks to the reliability of the BPS ranked by considering significance, likelihood, vulnerability, and potential impact to the reliability of the BPS

Preliminary list of NERC Standards and Requirements mapped to the reliability risks

Preliminary list of registered entities subject to the IRA process Refer to the Risk Elements module for further details. Note: This Risk Elements phase is open to be completed.

2.2.2 Understanding the Registered Entity Understanding a registered entity is an essential aspect of the IRA and an overall risk-based Compliance Oversight Framework. CEA should conduct activities to gain an understanding of the registered entity and its operations (e.g. geographical foot print, prior compliance history/performance, types of BPS assets, recent asset acquisitions/changes, etc.). Some activities for understanding the registered entity and its operational environment may include:

Gathering and maintaining registered entity specific information and data (e.g., historical registered entity information on file with CEA Entity databases).

Proactively identifying risk trends and prevalent practices at the registered entity.

Establishing qualitative and quantitative risk factors for evaluating whether areas and levels of oversight focus is appropriate.

Considering the applicability and significance of standards / requirements that may apply to an entity based on the assets they own or operate.

Identifying areas where special consideration may be necessary. Some examples include (1) changes to the entity’s asset composition, (2) unique power system configuration or unique organizational structure, or (3) significant system events.

Understanding a registered entity’s attitude towards compliance with Reliability Standards. The attitude or “compliance culture” encompasses the organization, resources applied, objectives, and methods used by an organization to manage compliance. Characteristics of a strong risk and compliance culture include shared purpose and the dissemination of the purpose into commonality of purpose, values and honest communications throughout the registered entity. A registered entity’s internal compliance plan may be used as one of the indicators of how an organization incorporates risk concerns in its compliance management policies and practices.

2.3 Objectives of IRA module The objective of the IRA module is to provide guidance to CEA on specific Reliability Standards and Requirements of focus for a registered entity. The IRA module includes the following phases:

1. Information Gathering

2. Decision Making

3. IRA Outcomes This Guide provides a framework for performing each phase of the IRA, identifying expected outcomes, and estimates timing and level of effort for each phase.

Page 35: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 6 of 22

3.0 IRA Module Overview

The CEA should use the outputs from the Risk Elements module, identified risk factors, and its understanding of the registered entity and its operational environment (see section 2.2.2 for further details) to identify information required for the IRA. In doing so, the CEA should gather and review information for appropriateness (relevance) and sufficiency (completeness and accuracy) to afford a reasonable basis for a conclusion. During this process, the CEA should leverage knowledgeable parties, both internal and external, to provide input as necessary. Professional judgment should be applied during the process and documented to support the conclusions reached. The IRA output should be used as a key input when developing the Compliance Oversight Plan for a registered entity. Figure 2 below illustrates the three IRA phases and steps within each phase.

Figure 2. IRA Module Flow Chart

3.1 Information Gathering Guidance is provided for the following elements of this phase:

1. Procedures the CEAs should follow to identify, collect and analyze information

2. Outcomes of the Information Gathering phase

3. Estimated timing and levels of effort required for Information Gathering

Information Gathering

Decision Making

IRA Outcomes

Determine Information Needs

to Perform IRA

Develop Targeted Information

Request List and Collect Information

Risk Factor and Standards and Requirements

Applicability Review

Risk Factor Analysis

Review of IRA Conclusions

Results Documentation

Draft Compliance Oversight Plan for Registered Entity

Inventory On-hand Information

Key Questions in Information Gathering Phase 3.1.1.2 • What are the preliminary Standards and

Requirements of interest? • What are the top risks identified in Risk

Elements? • What risk factors are in scope? • What information do we need?

3.1.1.3 • Where do we get information from?

• Is the information appropriate and sufficient?

Page 36: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 7 of 22

Gathering appropriate and sufficient information is important to assess a registered entity’s inherent risk to the reliability of the BPS. The CEAs should tailor information requests based on the following:

Understanding of the entity (see Section 2.2.2 for further details)

Outputs from the Risk Element module (i.e., known risks to the reliability of the BPS, general risk rankings, and associated Reliability Standards and Requirements applicable to the entity’s registered functions)

Risk factors, as referenced in Appendix C, and associated Standards and Requirements (preliminary list) The CEAs should exercise professional judgment when identifying the most reliable sources that will provide the required information to perform an IRA. Professional judgment requires the proper skill set and experience to conduct the IRA. CEA staff should use existing information to conduct the IRA, rather than creating new data requests to the registered entity. Any additional data requests should be germane to the IRA

3.1.1 Information Gathering Process

3.1.1.1 Key Inputs (Sources):

Prioritized list of risks (Risk Elements Module)

Preliminary list of applicable Standards and Requirements (Risk Elements Module)

Understanding of the registered entity and its operations (Understanding the Registered Entity section herein)

Information Attributes Lists and their common sources (Appendix B)

3.1.1.2 Determine information needs to perform IRA The CEAs should inventory registered entity information available at the both NERC and the Regional levels to identify (1) the current information on file, (2) any information requiring revision, and (3) any incomplete information. The following steps may assist the CEAs in identifying the information already available, while highlighting additional information that may be required to complete the information lists for IRA decision making:

1. Review outputs from the Risk Elements module for applicability to the entity (i.e., Do certain known risks to the reliability of the BPS, based on functional registration, apply to the entity and drive the need for further information?) (See Section 2.2.1 herein for further details on Risk Elements outputs).

2. Leverage the CEA’s existing understanding of the entity which may include inventorying and aggregating information already held by the ERO (e.g., information from prior audits, compliance history information, and Transmission Availability Data System (TADS) information, etc.). Reconcile the information on hand with the information attributes list in Appendix B to identify potential information gaps and data verification needs (See Section 2.2.2 herein for detail on understanding the entity). The information attributes list in Appendix B contains primary and secondary information that is to be considered during the IRA process.

3. Reconcile and update, as necessary, risks factors to Standards and Requirements, and information on hand to identify further data needs for decision making in Section 3.2. The risk factors applied to the entity can be used to identify further information requests. Refer to Appendix C for examples of risk factors and risk factor criteria.

3.1.1.3 Develop Targeted Information Request List After completing an inventory of the information that is readily available and identifying the additional information needs, the CEA should develop targeted information requests. The information attributes list should

Page 37: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 8 of 22

be used as a resource when developing the information request. Refer to Appendix B for further instructions on information gathering and information attributes used during the Information Gathering phase. The CEA should minimize its request for IRA information from registered entities when the same information is available within the ERO or through other reliable sources. The CEA should confirm information collected is both appropriate and sufficient, noting that appropriateness is a measure of the quality of information that encompasses its relevance, validity, and reliability whereas sufficiency is a measure of the quantity of information that is necessary to draw conclusions. For example, to verify information appropriateness, CEA may confirm the accuracy and reliability of facility data with other independent sources such as maps, prior data requests, reliability assessments, event reports, and information from the Planning Authority (PA) or Transmission Planner (TP). Additionally, the information provided by the PA or TP should have a sufficient level of detail so one can understand the entity’s area of operations (maps, facilities, neighboring systems, etc.)

3.1.2 Key Outputs

Preliminary list of applicable risk factors

Targeted Information Request List

Updated / verified registered entity data

3.1.3 Timing

Duration: 1 – 4 weeks Timing is dependent on, among other things, (1) the availability of qualified CEA Staff, (2) information required and available, (3) resource and scheduling constraints of the registered entities and/or (4) coordination of corroborating information.

Level of effort: 8 to 160 hours Much of the information needed to conduct an IRA of a registered entity may already be available through

other data collection processes (e.g., Rules of Procedure (ROP) Section 1600 data collection), periodic data submittals, and previous compliance monitoring activities. Information collection efforts depend on the availability of this information from the CEA.

3.2 Decision Making Guidance is provided for the following elements of this phase:

1. Identify processes the CEAs should follow to assess and draw conclusions around risk factors, Standards and Requirements applicable to the registered entity.

2. Identify outcomes of the Decision Making phase.

3. Provide estimated timing and levels of effort required for Decision Making.

Once the CEA collects sufficient registered entity information, the CEA will reconfirm the Standards and Requirements that are applicable to the registered entity (refer to section 3.2.1.2). For example, Risk Factors

Key Questions for Decision Making Phase 3.2.1.1 • Based on Requirement and registered entity data,

- Which Standards and Requirements are not applicable? - Which risk factors are not applicable?

3.2.1.2 • Which risk factors are used to assess the level of

significance of Standards and Requirements in scope? 3.2.2 • What are the areas of focus?

• What level of effort should be assigned to each area of focus?

• What is our preliminary Compliance Oversight Plan?

Page 38: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 9 of 22

associated with special protective systems (SPSs) do not apply to a Transmission Operator (TOP) that does not have SPSs within its footprint. Additionally, a Vegetation Management Risk Element does not present a high risk to an entity operating in the desert in the Southwest. Once the CEA reconfirms the Standards and Requirements applicable to the registered entity, based on the defined evaluation criteria within the Risk Factor Analysis section, it will assess the risk factors applicable to the registered entity and determine the level of risk associated with each risk factor (refer to section 3.2.1.3).

3.2.1 Decision Making Process The following decision tree shows a high-level overview of the Decision Making phase.

3.2.1.1 Key Inputs (Sources):

Prioritized list of risks (Risk Elements module)

Preliminary list of applicable Standards and Requirements (Risk Elements module)

Preliminary list of applicable risk factors (IRA Information Gathering)

Risk Factor Examples (IRA Appendix C)

Updated / verified registered entity data (IRA Information Gathering)

3.2.1.2Risk Factor and Standards and Requirements Applicability Review The purpose of this step is to review information gathered to confirm the applicability of Standards and Requirements to the registered entity. The initial list of potentially applicable Standards and Requirements is

Page 39: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 10 of 22

determined based on a registered entity’s functional designation2; however, because of specific characteristics of a registered entity (e.g. certain types of assets are not owned or operated by them) a number of Standards and Requirements may not be applicable to them (see examples below). The CEA should use information gathered and risk factors to exclude the registered entity’s non-applicable Standards and Requirements. The CEA should document conclusions reached for Standards and Requirements excluded from further analysis based on the Applicability Review. For all Standards and Requirements (as well as corresponding risk factors) that are deemed applicable, the CEA will complete the Risk Factor Analysis in Section 3.2.1.3. To illustrate the Applicability Review, refer to the two examples below. Using collected registered entity information, it is possible to determine whether or not the risk factors and certain Standards and Requirements are applicable to the registered entity.

Example A: Applicability of Certain Risk Factors and Standards and Requirements Risk factor: Under Voltage Load Shedding (UVLS) consideration Information Attribute: UVLS Standard and Requirement Considerations: EOP-003-2 R2 Decision criteria: Does the registered entity have UVLS? Applicability Review and Conclusion:

Applicable: If the information gathered indicates the registered entity has UVLS, then the risk factor and Standard and Requirement considerations are applicable. The CEA would move forward to the Risk Factor Analysis (Section 3.2.1.3). Inapplicable: If the information gathered indicated the registered entity does not have UVLS, then CEA would document and remove the risk factor and associate Standard and Requirement from further consideration. No further review is needed.

Example B: Applicability of Certain Risk Factors and Standards and Requirements Risk factor: BPS exposure Information Attribute: Transmission Portfolio Standard and Requirement Considerations: FAC-003-1 Decision criteria: Does the registered entity own transmission lines operated at 200 kV or above? Applicability Review:

Applicable: If the information gathered indicates the registered entity owns transmission lines operated at 200kV or above, then the risk factor and Standard and Requirement considerations are applicable. CEA would move forward to the Risk Factor Analysis (Section 3.2.1.3).

2 An entities functional designation is based on the nature of the entity which includes: (1) balancing authorities, (2) distribution providers, (3) generator operators, (4) generator owners, (5) interchange coordinators or interchange authorities, (6) reliability coordinators, (7) transmission operators, and (8) transmission owners.

Page 40: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 11 of 22

Inapplicable: If the information gathered indicated the registered entity does not own transmission lines operated at 200kV or above, the CEA would document and remove associated Standard and Requirement from further consideration. No further review is needed.

Note: Examples A and B above are for illustrative purposes only. When making the determination of what would be applicable to a specific registered entity, the CEA will need to identify all relevant Standards and Requirements and related risk factors based on the information gathered.

3.2.1.3 Risk Factor Analysis After performing the Applicability Review, the CEA reviews the collected entity-specific information, as well as other known risks to the reliability of the BPS (i.e., inputs from the Risk Elements module), to determine areas of focus within the registered entity. Risk factors associated with the registered entity are weighted based on risk factor evaluation criteria as shown by the criteria columns in the Appendix C – Risk Factor Examples. Refer to Appendix C for a list of risk factors and risk factor criteria that can be used as a guide when determining an entity’s unique inherent risks to the reliability of the BPS. This can assist when evaluating the criteria of each risk factor associated with specific Standards and Requirements (e.g., qualitative risk classifications – high, medium, low). Note: Certain risk factors and the associated criteria/thresholds may vary by region. Depending on the unique characteristics of the entity, the conclusion may be that some of the listed risk factors may be more applicable than others, some may not be applicable at all, or there may be additional risk factors not listed that would be appropriate to consider. The CEA should document their professional judgment used in identifying risk factors and developing risk factor evaluation criteria. To illustrate the risk factor analysis, refer to the example below:

Example: Risk Factor Analysis for a generator operator (GOP)

Registered function: GOP Risk factors: UVLS and System events and trends Associated NERC Standards & Requirements: VAR-002-2b R1, R2, R3, R4 Information Attributes:

Reportable Events history (voltage instability/UVLS load shed events)

Generating Availability Data System (GADS), TADS data mining

Presence of reactive compensation devices

Risk Factor Criteria:

1. High – urban area or critical customers without any other nearby generators that can provide voltage support and inadequate compensation devices in the area. Or regions served by multiple transmission lines from outside the local area, where special measures must be taken to schedule sufficient local generation to support voltage in the area.

2. Medium – same conditions as above but with ample compensating devices and UVLS installations.

3. Low – voltage sensitive areas with multiple nearby generators that can provide Mega Volt Ampere (MVA).

Page 41: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 12 of 22

The CEA applies professional judgment and reaches conclusions based on the assessment of information attributes reviewed against the defined risk factor criteria. Qualitative and quantitative attributes associated with the information should indicate whether the risk factor is high, medium, and low.

3.2.1.4 Quality Review of IRA conclusions: The CEA should leverage internal and external subject matter experts throughout the IRA process as necessary. Once preliminary conclusions about the applicability of risk factors and Standards and Requirements have been reached, the CEA should consider the findings of other subject matter experts (if applicable) or conduct an independent management review of the IRA output to verify they appear appropriate based on the information known about the registered entity. Please refer to the NERC ROP for further guidance around documentation and work papers.

3.2.2 Key Outputs

Updated list of risk factors used to assess the registered entity’s inherent risk to the reliability of the BPS.

Comprehensive list of Standards and Requirements that are determined to be applicable to the registered entity based on the inherent risks to the reliability of the BPS.

List of risk factors and criteria (including evaluation of impact) mapped to applicable Standards and Requirements.

Documentation supporting inclusion/exclusion of Standards and Requirements.

3.2.3 Timing

Duration: 1 – 2 weeks depending on availability of the CEAs and volume and complexity of applicable risk factors and Standards and Requirements.

Level of effort: 5 – 10 full time employee (FTE) days. Specific time necessary to align risks with Standards and Requirements depends on the availability of this information and the CEA capabilities.

3.3 IRA Outcomes Once the IRA decisions process is complete, CEAs should document the process followed, the assumptions made, the specific information leveraged to identify areas of focus, and level of effort that occurred to perform the IRA. Additionally, the out of the IRA process should facilitate a collaborative dialogue with the registered entity regarding applicable risks.

3.3.1 IRA Outcomes Process The CEA should document each phase of the IRA process. To document each IRA phase, Information Gathering, Decision Making, and IRA Outcomes, CEAs should:

1. Identify processes the CEAs should follow to document conclusions around risk factors, Standards and Requirements applicable to the registered entity.

2. Document the outcomes of the Decision Making phase

3. Provide estimated timing and levels of effort required for IRA Outcomes.

3.3.2 Key Outputs

Registered entity specific IRA document that (1) identifies the inherent risks to the reliability of the BPS that are applicable to the registered entity, (2) lists the Standards and Requirements that could help

Key Questions for IRA Outcomes Phase 3.3 • What was done to support the

conclusion? • What level of information should the

Compliance Oversight Plan include? • How is supporting information

documented and maintained?

Page 42: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

3.0 IRA Module Overview

NERC | IRA Guide | July 2014 13 of 22

prevent inherent risks, 3) list of identified risks that are not mitigated by any existing Standards and Requirements, (4) details relevant information including key assumptions used during the IRA decision making process, timing of the IRA, key individuals involved (preparer, reviewer, approver), and information used during the assessment, and (5) summarizes how the IRA ties to the different analyses performed and subsequent conclusions.

Draft Compliance Oversight Plan for the registered entity.

3.3.3 Timing

Duration: 1 – 2 weeks depending on availability of the CEAs and volume and complexity of applicable risk factors and Standards and Requirements.

Level of effort: 5 - 10 FTE days. Level of effort is dependent on the volume and complexity of the information and conclusions reached.

3.4 Revision of the Inherent Risk Assessment The CEAs can review and revise the IRA of a registered entity at any time and should be cognizant of the effect that a registered entity’s risks may pose to maintaining a reliable BPS. This understanding is essential in performing an IRA as it establishes a frame of reference by which the IRA is conducted. It is important to note that an IRA will need to be revised as new, emerging, or unique information is obtained. For example, if a registered entity’s current IRA is based on ownership of a specific asset, but the registered entity later sells or retires that asset, the CEA should revise the IRA to consider the asset ownership change.

Page 43: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 14 of 22

4.0 Documentation

4.1. Results Documentation The CEAs should follow established documentation protocols, refer to the NERC ROP, and use its professional judgment, where appropriate, when determining documentation needs throughout the IRA process. The CEA should maintain documentation that clearly supports conclusions around scope. Documentation includes all data and information obtained, reviewed, and used as inputs to the IRA. Documentation should also include the process to review and analyze information such as, understanding of the Registered Entity and its environment, as well as any information regarding how a registered entity’s inherent risks may impact the reliability of the BPS. The CEAs should maintain documentation, demonstrating the nature and extent of information reviewed and IRA conclusions reached. The extent of the resulting documentation is directly linked to the (1) nature, size, and complexity of the issues, (2) procedures performed, and (3) methodologies and technologies used during the process. The more significant and complex these factors are, the greater and more detailed the documentation may be.

4.2. Documentation Retention Upon completion of the IRA process, the CEA should retain relevant documentation that supports the procedures performed and conclusions reached. Examples of documentation that should be retained includes, but may not be limited to, the following: IRA programs, analyses, memoranda, summaries of significant findings or issues, checklists, abstracts, copies of important documents, and paper or electronic correspondence concerning significant findings or issues. Additionally, finalized narrative descriptions, questionnaires, checklists, and flowcharts created through the IRA process are also considered important documentation and should be retained. When making the determination of the nature and extent of documentation that should be retained, the CEA should consider the information that would be required for an experienced compliance team member to understand the work performed and the conclusions reached during the IRA. It is important to note that incomplete or preliminary documentation does not need to be maintained.

Page 44: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 15 of 22

5.0 Possible Tools, Templates, and Other Needs

The purpose of this section is to identify possible tools, templates, or other needs to further enhance the IRA module and allow for the consistent execution of the IRA process. The ERO will identify next steps to develop and implement the items identified below.

Information Gathering Template – Template to maintain the preliminary list of applicable Standards and Requirements, by Registered Function (for the Registered Functions of the entity going through an IRA), that are linked to known risks to the reliability of the BPS. This template also includes a preliminary list of applicable risk factors.

Standards and Requirements Applicability Criteria – Criteria that need to be captured to identify which Standards and Requirements are not applicable to a registered entity based. One such criteria would be the fact the entity does not own or operate specific assets (e.g. if a registered entity does not own Transmission Facilities above 200kV or above, then FAC-003-1 would not be applicable). Once the criteria are defined, the CEA should consider developing an automated solution for applicability.

Risk Factors and Associated Criteria – A list of risk factors and their associated criteria that are weighted against registered entity data. This will help identify the areas in which the registered entity has inherent risks to the reliability of the BPS, which will help identify Standards and Requirements that could mitigate them.

IRA Output Template – Used to capture output of the IRA module that (1) identifies the inherent risks to the reliability of the BPS that are applicable to the registered entity, (2) lists Standards and Requirements that would mitigate the inherent risks, (3) information including key assumptions used during the IRA decision making process, timing of the IRA, key individuals involved with the IRA (preparer, reviewer, approve), and references to information, and (4) and a summary of the data that was used during the IRA along with how it ties to the different analysis performed and conclusions.

Compliance Oversight Plan – Template to document the strategy for an individual registered entity (including the compliance monitoring methods that will be applied to a particular entity)

CEA Competencies – Skill sets necessary to perform each of the different IRA phases within the IRA module. These competencies need to be explicitly defined and documented.

Updated / verified Registered Entity Data Inventory – List of collected registered entity information for the IRA.

Decision Making Template – Template to maintain a list of registered entity inherent risks to the reliability of the BPS. The template includes Standards and Requirements applicable to the registered entity, list of risk factors and criteria (including evaluation of impact) mapped to applicable Standards and Requirements, and documentation supporting inclusion/exclusion of Standards and Requirements.

IRA Training Materials – Training and implementation plan for IRA, which includes initial roll-out and maintenance.

IRA overview presentations and communications – ERO standardized presentations and communications for IRA related material to be used at workshops, training, webinars, etc.

Governance (change management, revisions, etc.) – Governance processes that clearly identify ownership, change management, and other processes needed to maintain the IRA module.

FAQ’s for the IRA module – A list of frequently asked questions posed by registered entities regarding the IRA module.

Page 45: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 16 of 22

6.0 References

Below are a list of reference materials that support the basic principles, concepts, and approaches within this Guide. The CEAs can use these reference materials to assist in applying the IRA process detailed in this Guide. These reference materials can assist with determining: (1) where and to what extent professional judgment should be applied, (2) the sufficiency and appropriateness of evidence to be examined, and (3) the sufficiency and appropriateness of the documentation required.

Generally Accepted Government Auditing Standards (GAGAS), located at: http://gao.gov/assets/590/587281.pdf

ERO Compliance Auditor Handbook, located at: http://www.nerc.com/pa/comp/Pages/ERO-Enterprise-Compliance-Auditor-Manual.aspx

Annual ERO CMEP Implementation Plan, located at: http://www.nerc.com/pa/comp/Resources/Pages/default.aspx

NERC ROP, located at: http://www.nerc.com/AboutNERC/Pages/Rules-of-Procedure.aspx

Page 46: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 17 of 22

Appendix A – Definitions

Areas of Focus: The outcomes of the IRA process and determines: Risks deemed applicable to the registered entity; Reliability Standards deemed appropriate to apply to the registered entity; and mapping of Risk Factors to Reliability Standards and Requirements Compliance Oversight Framework: The Compliance Oversight Framework is the risk-based approached that includes process steps and considerations of Risk Elements, IRA, Internal Control Evaluation (ICE), and CMEP Tools. Compliance Oversight Plan: A plan consisting of the oversight strategy for a registered entity. The plan will usually include areas of focus, level of efforts, timing, and overall strategy on use of CMEP tool(s). Compliance Enforcement Authority: NERC or the RE in their respective roles of monitoring and enforcing compliance with the NERC Reliability Standards. CMEP Tools: In context of IRA, these are tools used during the compliance monitoring processes to develop the CEAs’ Compliance Oversight Plan. CMEP tools are described in Section 3.0 of the NERC ROP, Appendix 4C, and includes but are not necessarily limited to Compliance Audits, Spot Checks, Self-Certifications, and Periodic Data Submittals. Information Attributes: Registered entity-specific data or information that is collected by Res to be used during IRA and the related process to support development of Compliance Oversight Plan. Inherent Risk: Risks specific to a registered entity that could impact the reliability of the BPS. Inherent Risk Assessment: A review of potential risks posed by an individual registered entity to the reliability of the BPS. Preliminary Area of Focus: At any point during the IRA module phases, the preliminary list of risks and mapped Reliability Standards that have not been removed from the potential Area of Focus. Professional Judgment: Represents the exercising of reasonable care and professional skepticism. Reasonable care concerns acting diligently in accordance with applicable professional standards and ethical principles. Professional skepticism is an attitude that includes a questioning mind and a critical assessment of evidence. Reasonable Assurance: Conclusions based on evidence that is sufficient and appropriate to support the CEA’s conclusions. (Note: Emphasis on reasonable, not ‘complete’ or ‘absolute’ assurance). Risk Factors: Considerations used during an IRA to identify a registered entity’s risk characteristics that are inherent to a registered entity’s configuration and may impact the reliability of the BPS.

Page 47: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 18 of 22

Appendix B – Information Attribute List

The information attributes list below contains primary and secondary information that is to be considered during the IRA process. The primary information list is the minimum list of information that should be considered during the IRA process regardless of the analytic tools, techniques, or methods applied for risk identification. The secondary list includes additional criteria that a CEA may consider during its IRA process, but have not been identified as critical to the completion of the IRA. The information attribute list is not intended to be an all-inclusive list for information considerations, but should serve as a guide to identify information needed for an IRA. The information attributes list summarizes the purpose of each information attribute, as well as provides criteria to understand data standards and rationale for collection. Specifically, the data criterion considers the nature and criticality of the data when conducting an IRA. It should be leveraged as a guide for identifying relevant data to be collected, but is not a comprehensive list. There are various sources of information used to collect data. These sources include: publicly available sources, third-party sources, CEA internal sources (i.e., NERC and REs), and direct information gathering from the registered entity. This guidance recognizes that each CEA may need to identify and prioritize its own methods for collecting information attributes based on its individual resources and capabilities. The CEA can refer to the “source” descriptions for each information attribute for possible collection methods. NERC advises Res to collaborate, where possible, to obtain registered entity information. However, due to certain limitations, a CEA may have to contact the registered entity directly.

Page 48: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – Information Attribute List

NERC | IRA Guide | July 2014 19 of 22

Information Attribute Specific Information/Date Purpose of Information Attribute Source(s)

Registered FunctionsNumber and type of functions and delegation

agreements of responsibilities (JRO/CFRs, etc.)

Confirm registration and assess applicability of Standards and

responsibilities.

Understanding reliability risk to BES

NERC Registry, CFR postings, Region, Entity

Total megawatt capability Peak Load and area capacity Magnitude of possible impact for BAs/TOPs/LSEsReliability Assessment Subcommittee (RAS),

TP/PA models, entity

Interconnection points and critical facilities

and paths

Cranking paths, Next start paths,

synchronization points, and BA boundaries

Understanding of potential operating risk for certain entity's

facilities.

Regional assessments, TP/PA models,

tieline database, one lines (entity), RC/TOP

information, critical asset list (Region or

entity), PRC-023 list

Special Protection Systems Design information

Reflects potential risks in system, management, awareness.

Misoperation occurs if not working when called upon and

understanding of roles and responsibilities(high impact low

frequency)

Regional SPS database

EMS/GMS Systems and Vendors

Power system analysis tools

Network Diagrams

Authentication and Encryption

Operating Systems

Use of specialized automation used in the

control system

Remote access capabilities

Physical security

System communication methods (e.g. copper,

microwave, routable/nonroutable,etc.)

ICCP systems

Undervoltage load shedding

Potential risks in local system, awareness, control, system

support/restoration/prevention. Very high risk facilities when called

upon to protect against misoperation

PA study, entity data submittals to REs and

other Regional data,

Underfrequency load shedding

Potential risks in local system, awareness, control, system

support/restoration/prevention. Very high risk facilities when called

upon to protect against misoperation

PA study, entity data submittals to REs and

other Regional data

System restoration plan and responsibilitiesUnderstanding entity and responsibilities for how you restore

system and reduce length of blackoutRC/TOP Plans, PA submittals to REs

Blackstart resourcesUnderstanding entity and responsibilities for how you restore

system and reduce length of blackoutEntity

IROLSUnderstanding of potential operating risk for certain entity's

facilitiesRC/TOP, PA, Entity

SOLS, Voltage SOLS, Stability SOLSUnderstanding of potential operating risk for certain entity's

facilitiesEntity

Critical Facilities designated by Planning

Authority

Understanding of potential operating risk for certain entity's

facilitiesPA

CIP Critical Transmission and Generation

Facilities

Understanding of potential operating risk for certain entity's

facilities Entity and Regional Entity database

SCADA and EMS systems 

To identify possible cyber gaps, CIP guidance, controls and

monitoring and operational planning (if the entity does not have

power system analysis tools then ability to serve load is unknown).

Possible risk is misplanning or causing an outage and identifying

SOLs (N-1). Identify in-house design/vendor issues

Entity and entity history

Primary Information Attributes

Page 49: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – Information Attribute List

NERC | IRA Guide | July 2014 20 of 22

Information Attribute Specific Information/Date Purpose of Information Attribute Source(s)

Generator name

Nameplate capacity

MVAR capability

Fuel type

Ownership

Compliance responsibilities

Transmission line mileage Magnitude of possible impactTADs for 200 kV and higher/entity and

system models for other

Transmission line unique identifier Magnitude of possible impactTADs for 200 kV and higher/entity and

system models for other

Line voltage Magnitude of possible impactTADs for 200 kV and higher/entity and

system models for other

Compliance responsibilities Awareness and entity understanding of entity footprint (asset

ownership) Entity

Ownership and operationAwareness and entity understanding of entity footprint (asset

ownership) Entity

Major changes to entity’s operations

Changes to transmission and generation

portfolios

(sales/acquisitions/retirements/replacements)

Magnitude of possible impact and potential changes in

responsibilitiesPublic media, entity, PA/BA

Regional Factors Affecting Reliability System geography Impact awareness Public info

Self-reports: Number, types, ratio of self-reports

versus violation history, Standards violated in

Self-Reports

Understanding of entity culture of compliance and potential areas of

concern and possible IRA impacts.Entity

Compliance activities: Involvement in TFEs,

periodic data submittals, self-certifications,

areas of concern and audit recommendations

Understanding of entity culture of compliance and potential areas of

concern and possible IRA impacts.Entity

Enforcement activities: Mitigation Plans and

milestones, corrective actions, mitigation plan

status that would impact further compliance

activities

Understanding of entity culture of compliance and potential areas of

concern and possible IRA impactsEntity

Number/type of misoperations Understand potential risk related to corrective actionMisoperations database, Entity reporting via

TADS, GADS, DADS

Root cause analysis/corrective

action/compliance assessmentUnderstand potential risk related to corrective action

NERC/RE (RAPA, operations group) reports

and information

Event reportsUnderstand entity operations and its high risk facility and

interconnection information RE

Emergency Energy Alerts To identify reoccurring issues that may impact reliable operations RC

Magnitude of possible impact Entity registration and system models

Events and Misoperations-operations

History

Compliance and Enforcement History

Transmission portfolio

Generation Portfolio

Primary Information Attributes

Data Element Sub data Element Purpose of Data Element Source (s)

System drawings of the registered entity’s

area (overall system one lines)

Awareness and entity understanding of entity footprint (asset

ownership)

RC/TOP Plans, PA submittals to REs,

Regional databases

Entity operating planning guides

Understanding of potential operating risk for certain entity's

facilities. Identify elements being monitored to implement operating

guide for system reliability. Helps identify high risks facilities that

would need to implement operating guides.

Entity and RCs

Number of Critical Assets Magnitude of possible impact Entity and Regional Entity database

Control Center Location(s) for primary and

back-upUnderstand level of redundancy and availability Certification documentation and Entity

Seasonal shutdownsMagnitude of possible impact and potential changes in

responsibilitiesEntity, PA/BA

New and current Service Level Agreements with

neighboring Registered EntitiesCoordination and assigned accountability Entity

Registered Entity’s current organizational

reporting structure and upper managementUnderstanding of general structure and accountability Entity

Number of changes to direct and supporting

staff to help ensure reliability.Understanding of general structure and accountability Entity

Regional Factors Affecting Reliability Seasonal/ambient conditions Impact awareness Regional Entity and public information

Legal or Regulatory Issues Affecting

ReliabilityUnderstand potential impact on resources and company culture Public media

Disturbance Monitoring Equipment

information

Identifying equipment to determine applicability of standards and

responsibilitiesIndividual (protecting working group)

Major changes to entity’s operations

Secondary Information Attributes

Page 50: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | IRA Guide | July 2014 21 of 22

Appendix C – Risk Factor Examples

Page 51: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix C – Risk Factor Examples

NERC | IRA Guide | July 2014 22 of 22

Page 52: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

NERC | Risk‐Based Registration Phase 1 ‐ Enhanced Draft Design Framework and Implementation Plan | July 2014 1 

                

         

3353 Peachtree Road NE Suite 600, North Tower

Atlanta, GA 30326 404-446-2560 | www. nerc. com 

Risk-Based Registration Phase 1 - Enhanced Draft Design Framework andImplementation Plan

July 2014 

Attachment B

Page 53: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Table of Contents Background and Introduction ..........................................................................................................................1

Design Framework Overview ...........................................................................................................................3

Ties to the BES Definition .............................................................................................................................3

Use of Materiality Test and NERC-Led Panel Review ......................................................................................3

Revisions to Registry Criteria ........................................................................................................................4

Removal of Three Functional Categories from NCR ........................................................................................4

Sub-sets of Applicable Reliability Standards ..................................................................................................5

Other Key Features......................................................................................................................................5

Design Framework ..........................................................................................................................................7

New BES Definition as model and anchor for risk-based registration ..............................................................7

Synchronize threshold revisions with BES Definition and align with risk ..........................................................8

Functional registration category removal if not material to reliability .............................................................9

Risk-Based Application of Reliability Standards............................................................................................ 13

Clarify terms and improve current procedures ............................................................................................ 15

Materiality ............................................................................................................................................ 15

Factors for Evaluating Materiality ........................................................................................................... 15

Establish a centralized review process..................................................................................................... 16

BES references....................................................................................................................................... 17

Deactivation .......................................................................................................................................... 17

NERC oversight and guidance on registration practices ............................................................................ 17

One-time attestations ............................................................................................................................ 18

Entity risk assessment in a common registration form ................................................................................. 18

Status quo for other functional registration categories ................................................................................ 18

Appendix A – Implementation Plan .............................................................................................................. A-1

Appendix B – RBRAG and Task Force Rosters ................................................................................................ B-1

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 i

Page 54: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Background and Introduction1 North American Electric Reliability Corporation’s (NERC) Risk-Based Registration (RBR) initiative seeks to ensure that the right entities are subject to the right set of applicable Reliability Standards, using a consistent approach to risk assessment and registration across the electric reliability organization (ERO) Enterprise.2 This document presents a draft design framework with proposed enhancements to the NERC Registration program, which is set forth in the NERC Rules of Procedure (ROP) Section 500,3 as well as Appendix 5A4 and Appendix 5B.5 Implementation of the Registry Criteria over the last eight years has yielded a wealth of experience and information that have informed these efforts and will drive the Registration program to a mature end-state. The NERC Registry Criteria provides for the registration of bulk power system (BPS) owners, operators and users that perform a function listed in the functional types identified in Section II of the Registry Criteria, meet the criteria in the Registry Criteria, and have a material impact on BPS reliability to register as one or more of fifteen functions.6 The NERC Compliance Registry (NCR) identifies the functional categories and entities that are subject to compliance with mandatory NERC Reliability Standards. The draft design framework reflects input from the Risk-Based Registration Advisory Group (RBRAG) 7 and the RBRAG technical Task Force (RBRAG Task Force),8 both of which were established by NERC for this initiative. It also reflects input from industry survey responses, public comments during the meetings of the NERC Board of Trustees (Board) and its committees, as well as the Member Representatives Committee (MRC) policy input comments. It also reflects input from over fifty sets of comments on the Draft Design and Implementation Plan that were submitted in June. The framework includes: (i) refined thresholds, where warranted, based on sound technical analysis and support, (ii) reduced Reliability Standard applicability, where warranted, based on sound technical analysis and support, and (iii) clearly defined terms, criteria and procedures that are risk-based and ensure reliability of the BPS, as anchored in the new Bulk Electric System (BES) Definition. The proposed enhancements reduce unnecessary burdens by all involved, while preserving BES reliability, and avoid causing or exacerbating instability, uncontrolled separation, or cascading failures. Specifically, the draft design framework proposes to:

1 NERC is already removing references to Regional Reliability Organization in the NERC Reliability Standards. As a result, the RBR redesign will not include this term. 2 All references to the Federal Energy Regulatory Commission (FERC or Commission) apply to U.S. registration only. Applicable Governmental Authorities in Canadian jurisdictions may have adopted their own Rules of Procedure and Compliance Registry requirements. 3 NERC Rules of Procedure, available at http://www.nerc.com/Fil ingsOrders/us/RuleOfProcedureDL/NERC_ROP_Effective_20140130.pdf. 4 NERC Rules of Procedure at Appendix 5A, Organization Registration and Certification Manual, available at http://www.nerc.com/Fil ingsOrders/us/RuleOfProcedureDL/Appendix_5A_OrganizationRegistration_20131004.pdf. 5 NERC Rules of Procedure at Appendix 5B, NERC Statement of Registry Criteria (Registry Criteria), available at http://www.nerc.com/Fil ingsOrders/us/RuleOfProcedureDL/Appendix_5B_RegistrationCriteria_20121220.pdf. 6 NERC Statement of Compliance Registry Criteria (Registry Criteria) at 2 (“Organizations will be responsible to register and to comply with approved Reliability Standards to the extent that they are owners, operators, and users of the Bulk Power System, perform a function listed in the functional types identified in Section II of this document, and are material to the Reliable Operation of the interconnected Bulk Power System as defined by the criteria and notes set forth in this document.”). See Registry Criteria at http://www.nerc.com/Fil ingsOrders/us/RuleOfProcedureDL/Appendix_5B_RegistrationCriteria_20121220.pdf. 7 The RBRAG is comprised of NERC staff, the Regional Entities, FERC, and U.S. and Canadian industry representatives and was formed to provide input and advice regarding the initiative’s design and implementation. The RBRAG provided the draft white paper to the Member Representatives Committee in April. See Appendix B hereto. 8 The RBRAG Task Force is an advisory group task force comprised of subject matter experts from NERC, the Regional Entities and industry. See Appendix B hereto.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 1

Page 55: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Background and Introduction

1. Synchronize the thresholds and criteria to the new BES Definition for the Generator Owners (GO)/Generator Operators (GOP) and Transmission Owners (TO)/Transmission Operators (TOP) functions

2. Refine the thresholds for one other functional category, Distribution Provider (DP), and ties it to the BES Definition

3. Deactivate registration of entities for three functional categories that are proposed for removal from the NCR that are commercial in nature, Purchasing-Selling Entity (PSE), Interchange Authority (IA) and Load-Serving Entity (LSE), recognizing that other entities are responsible for managing the aggregate reliability impacts of commercial transactions (e.g., BA, DP)

4. Develop Reliability Standard applicability sub-lists for certain limited situations, such as DPs that only own UFLS and do not meet other DP Registry Criteria (“UFLS-Only Distribution Providers”). The RBR is not changing Reliability Standard applicability sections for DPs and is not creating a new separate functional category. As separate efforts in Phase 2 of RBR, NERC will consider future development of applicability sub-lists for low risk TOs/ TOPs and GOs/GOPs

5. Clarify key Registry Criteria terms (BPS versus BES, material impact, materiality test, risk methods, etc.)

6. Develop Compliance Monitoring and Enforcement Program (CMEP) procedures to permit Registered Entities to make a one-time attestation of “Not Applicable” to a given Reliability Standard requirement with respect to self-certifications and other compliance monitoring activities

7. Implement a common ERO registration form that includes common data elements for registered entity registration. This form will be considered for future ERO Enterprise common IT platform applications

8. Centralize the review process for issues as to application of the Registry Criteria, materiality determinations not to register entities that meet the Registry Criteria thresholds, or to register entities that do not meet the Registry Criteria thresholds (”above-the-line” and “below-the-line” registration determinations, respectively), as well as determinations as to targeted application of Reliability Standards

9. Identify any other new or modified processes and procedures

10. Describe oversight and respective roles of Regional Entities and NERC

11. Identify what is not changing At this time, there are no proposed recommendations with respect to the following seven functional categories: Balancing Authorities (BAs), Planning Authorities (PAs)/Planning Coordinators (PCs), Reliability Coordinators (RCs), Transmission Planners (TPs), Resource Planners (RPs), Reserve Sharing Groups (RSGs) and Transmission Service Provider (TSPs). NERC notes that the draft design framework and implementation plan will be posted for a 45 day comment period in August, 2014. The draft design framework, implementation plan and NERC Rules of Procedure revisions will be presented to the NERC Board in November, 2014. The implementation plan has been developed to have an appropriate pace for completion by the end of 2015 to ensure a smooth transition to the new Registration program. Key highlights of activities in 2014 and 2015 are set forth in Appendix A hereto. Technical reviews and analysis are underway and will help inform the final Phase 1 RBR design. NERC expects these analyses to be available for review at the November Board meeting.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 2

Page 56: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework Overview NERC’s mission is to ensure reliability of the BPS. NERC achieves this, in part, by development and enforcement of mandatory Reliability Standards. Only those entities that are registered and included on the NCR are responsible and held accountable for compliance with mandatory Reliability Standards. Users, owners and operators of the BES are users, owners and operators of the BPS. Since 2006, NERC has registered entities for one or more functional categories depending on whether it is a user, owner or operator of the BPS. The overall objective of the RBR Initiative is to ensure that the right entities are subject to the right set of applicable Reliability Standards. This requires the use of a consistent approach to risk assessment and registration across the ERO Enterprise. The goal is to develop enhanced Registry Criteria, including the use of thresholds and specific Reliability Standards applicability, where appropriate, to better align compliance obligations with material risk to reliability. Ties to the BES Definition Going forward, entities will continue to be registered by the function(s) they perform as a user, owner or operator of the BES rather than on a facility-by-facility basis. Registration decisions will be made in accordance with proposed revised thresholds in the Registry Criteria. The proposed framework recognizes differences in treatment of owners and operators of the BES as compared to users of the BES. For owners and operators of the BES, the framework proposes to rely primarily on the BES Definition to determine eligibility for registration of such functions as TO, TOP, GO and GOP. A proposed tenet of registration is that those who own or operate BES Elements are eligible for registration as owners or operators. That is, for owners and operators, Registry Criteria are based on the BES Definition. This leaves the users of the BES and the question of what type of and how much “use” is material to the reliability of the BES. Even for use of the BES, the BES definition provides some guidance as to how much “use” has been deemed material when considering dispersed resources or power plants of greater than 75 MW. The framework proposes to: 1) use this 75 MW of use by energy produced by dispersed resources/power plants as a threshold for use deemed material by any type of use (including by load); and 2) test that 75 MW threshold through risk assessment. Use of Materiality Test and NERC-Led Panel Review Under both the current Registration program and the proposed revisions, if an entity meets the Registry Criteria, there is a rebuttable presumption that it has a material impact on the reliability of the BPS, and it is in a pool of eligible candidates that NERC and the Regional Entities may identify for registration.9 NERC and the Regional Entities may exercise discretion not to pursue registration of an entity that meets the Registry Criteria if not warranted by BES reliability considerations. Where registration is pursued, an entity that meets the Registry Criteria may nevertheless be able to demonstrate through a materiality test that it is not material to reliability and should not be registered. In addition, the materiality test may be used to establish that an entity that does not meet Registry Criteria should be registered because it does have a material impact on reliability. Such a process parallels the BES definition and exception process, where after application of the bright-line criteria, exceptions can be justified (both above-the-line and below-the-line). That is, bright-line criteria determine eligibility for registration just as bright-lines determine eligibility for equipment to be part of the BES in the BES definition. After application of the bright-lines, there is a materiality process where an entity can provide evidence of immateriality and therefore not need to register even if bright-lines are met, or conversely a Regional Entity can provide evidence of materiality and cause registration to occur even if the bright-lines are not met.

9 An entity’s obligations regarding self-registration are not changed by this initiative, nor is FERC’s ruling that entities are subject to compliance and enforcement for requirements applicable to a functional category only once they have been registered for that function.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 3

Page 57: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework Overview

Although the burden is on NERC and its Regional Entities to demonstrate that an entity meets the Registry Criteria for registration, the burden in the materiality process is on the entity making the request to be excluded from the NCR (despite satisfying the Registry Criteria) and on the Regional Entity to include an entity in the NCR (that does not satisfy the Registry Criteria), similar to the BES exception process. In the event of a dispute over whether an entity meets the Registration Criteria, the question goes to the NERC-led panel for review, as set forth in Figure 1 below. To make these determinations, a NERC-led panel, comprised of NERC and Regional Entity staff, is proposed to be established to address questions or issues that arise with respect to threshold application, materiality, or Reliability Standard requirement applicability. Revisions to Registry Criteria The proposed risk-based reforms to the Registry Criteria reflect and complement the new BES Definition. Namely, work over the last several years has culminated in a newly approved BES Definition that sets forth bright-line criteria as well as an exception process for transmission and generation assets that will go into effect in the U.S. on July 1, 2014,10 clarifying which assets may subject an entity to registration for the functions that involve owning and operating assets. For example, specific language in Part III for TOs, TOPs, GOs and GOPs has been removed, due to existing language for TOs and TOPs and modifications to the language for GOs and GOPs in Part II that tie directly into the BES Definition. As a result, the BES Definition (including the core definition, inclusions, exclusions, and the results of the exceptions process) provides the thresholds for TOs, TOPs, GOs and GOPs. The framework proposes revisions to the Registry Criteria for the DP functional registration category to (i) increase the peak load threshold from 25 MW to 75 MW to reflect the comparative risk load poses to reliability as compared to energy from dispersed resources/power plants; (ii) retain existing language, consistent with NERC’s clarification that it is the entity’s system that is directly connected to the BES;11 and (iii) add new registration criteria if an entity has responsibility for operating a cranking path or provides services to a nuclear plant, while retaining criteria related to owning or operating protection systems important for reliability (such as Special Protection Systems (SPS), undervoltage load shedding (UVLS) and transmission Protection Systems (TPS)). In addition, a sub-set of applicable Reliability Standards is identified for UFLS-Only DPs at or below 75 MW that do not meet the new thresholds, but who are part of a required underfrequency load shedding (UFLS) program. If an entity meets the Registry Criteria, it is deemed to have a material impact on the reliability of the BES, and it is in a pool of eligible candidates that NERC and the Regional Entities may identify for registration.12 NERC and the Regional Entities may exercise discretion not to pursue registration of an entity that meets the Registry Criteria if not warranted by BES reliability considerations. Removal of Three Functional Categories from NCR Of the fifteen13 functional registration categories, three functional “users” of the BES – PSE, IA and LSE – are proposed for removal from the NCR because (i) these functions are commercial in nature, (ii) the reliability impacts

10 The BES Definition went into effect on July 1, 2014 in certain Canadian jurisdictions. 11 The proposed reference to BES was formerly a reference to BPS. 12 An entity’s obligations regarding self-registration are not changed by this initiative, nor is FERC’s ruling that entities are subject to compliance and enforcement for requirements applicable to a functional category only once they have been registered for that function. 13 The fifteen registration functional categories include Reliability Coordinator (RC); Transmission Operator (TOP); Balancing Authority (BA); Planning Authority (PA); Transmission Planner (TP); Transmission Service Provider (TSP); Transmission Owner (TO); Resource Planner (RP); Distribution Provider (DP); Generator Owner (GO); Generator Operator (GOP); Load-Serving Entity (LSE); Purchasing-Sell ing Entity (PSE); Interchange Authority (IA); and Reserve Sharing Group (RSG).

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 4

Page 58: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework Overview

of commercial transactions are addressed in the aggregate within the standards (e.g., requirements to BAs, RPs and DPs within the BAL and other standards); and (iii) the requirements contained in the NERC standards for these functions are either already adequately covered by other contracts or regulations (e.g., pro forma Open Access Transmission Tariff (OATT), North American Energy Standards Board (NAESB) Standards, commercial contracts, market rules) or can be transferred to another entity or process without an adverse impact on reliability. Sub-sets of Applicable Reliability Standards For the remaining functional categories, RBR allows sub-sets of applicable Reliability Standards based on individual review of a specific entity as well as common characteristics of a class of entities, as applicable. This does not result in a change in the applicability section of a particular Reliability Standard; rather, it is the exercise of discretion, as part of the registration process, to determine whether a particular Reliability Standard or requirement shall apply to an entity. From Order No. 69314 to date, FERC has long recognized that NERC and the Regional Entities have the ability to apply sub-sets of Standards to registered functions. Tailoring Reliability Standard obligations has been successfully implemented in both the registration appeal context and Project 2010-07: Generator Requirements at the Transmission Interface (the GO/TO project). The redesigned framework builds on that use and experience to date and proposes a sub-set for one sub-category of the DP functional category as follows: UFLS-Only DP criteria apply to entities that do not meet the proposed DP registration criteria, but participate in a UFLS program needed for reliability. Such UFLS-Only DPs would only be responsible for complying with PRC-006-1 and any Regional Reliability Standard(s) whose purpose is to develop or establish a UFLS Program (excluding any then-existing Standard whose purpose is maintaining Protection Systems used for underfrequency load-shedding systems) in effect as of November 1, 2014, as well as any other Reliability Standards that identify UFLS-Only entities in their applicability section, but not the other standards applicable to a DP. As a result, maintenance and testing of these distribution Protection Systems would be on a voluntary basis instead of mandatory compliance obligation (in PRC-005-2 once per 6 to 12 years). Therefore, there is a small risk of potential failure to operate. NERC is moving consideration of a sub-set list of Reliability Standards for TOs/ TOPs and GOs/GOPs as separate efforts in Phase 2 of RBR. Other Key Features Other key features of the draft design framework include the use of one-time attestations and a common registration form. RBR also is exploring the use of a single, web-based design and other business tools and processes to support RBR. The RBR redesign reflects NERC’s responsibility and oversight to ensure that a Regional Entity implements the Registration program in a consistent manner. Each of these is described in more detail below. Technical reviews of the proposals set forth herein are ongoing. Where tariff and other agreements under the Commission’s Section 205 jurisdiction are considered in making a determination that subjecting a Registered Entity to a particular requirement is not justified based on risk, technical analyses in accordance with Section 215 of the Federal Power Act (FPA) will be required to identify any reliability implications of the proposals, so that no material reliability gaps are created. The proposed revisions remain subject to change based on technical review results and consideration of reliability stakeholder comments on the draft documents.

14 Mandatory Reliability Standards for the Bulk-Power System, 118 FERC ¶ 61,218, FERC Stats. & Regs. ¶ 31,242 (Order No. 693), order on reh’g, Mandatory Reliability Standards for the Bulk-Power System, 120 FERC ¶ 61,053 (Order No. 693-A) (2007).

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 5

Page 59: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework Overview

Notably, Registration decisions are separate and apart from application of the BES definition, including the BES exception process. The new BES Definition and exception process may resolve, to some extent, the treatment of Elements that are not necessary for the reliable operation of the BES. However, the revised BES Definition does not affect NERC’s ability to decide, on a case-by-case basis, that registration is not warranted in particular cases, or to restrict the applicability of standards to particular entities. Rather, the BES Definition solely relates to whether a particular Element is BES or not. Once the BES definition is applied, the owners and operators of the BES assets are eligible for registration. For users of the BES, the proposed registration criteria are specific to that function. The RBR process, including application of the Registry Criteria and materiality “exception” process, is then used as a way to identify those organizations that should be registered based on the functions they perform (e.g., do they “own and maintain” BES Facilities) and their risk or contribution to reliability.

Figure 1.RBR Flow Chart Overview

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 6

Page 60: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework New BES Definition as model and anchor for risk-based registration The new BES Definition went into effect on July 1, 2014 and includes processes for notifications of self-determined exclusions and inclusions, as well as exception requests to add elements to, or remove elements from, the BES on a case-by-case basis. Importantly, the BES Definition includes thresholds for transmission and generation owners and operators, but not users of the BES. The BES Definition is important to the RBR for two reasons. First, the structure of the BES Definition, approved by Federal Energy Regulatory Commission (FERC), is a useful model for the RBR. It begins with a bright-line threshold that identifies most facilities that are part of the BES, and then layers on clear exclusions and inclusions that address the most common configurations not adequately captured by the bright-line threshold. Combined, the BES Definition bright-line, exclusions and inclusions address the vast majority of elements that should be part of the BES, but elements can be included or excluded from the BES through a case-by-case exception process. The reformed registration process is similarly structured. The RBR redesign includes revised thresholds, with a case-by-case process to adjust registration (by inclusion or exclusion) where warranted based on a materiality determination that takes into account circumstances not captured by the revised thresholds. Second, the new BES Definition serves as a foundational anchor for Registry Criteria. While the statutory term BPS sets the outer limit of NERC authority, it has not been definitively defined by FERC. However, FERC has stated that users, owners and operators of the BES are users, owners and operators of the BPS. In addition, the existing Registry Criteria refers to the BPS as greater than 100 kV. Now that the BES is clearly defined, the term can be used to determine on a consistent basis the entities that warrant registration and address material impact on reliability. For this reason, certain of the proposals in the draft design framework for revising the Registry Criteria incorporate the BES Definition. Importantly, the new BES Definition and exception process relates to whether a particular Element is BES, and defines the Elements that are not necessary for the reliable BES operation. However, the revised BES Definition does not affect NERC’s ability to decide, on a case-by-case basis, that registration is not warranted in particular cases, or to restrict the applicability of standards to particular entities. It remains within NERC and Regional Entity discretion to determine whether registration of an owner or operator of a particular BES Element is warranted based on all facts and circumstances.15 For example, to date, load-only manufacturing facilities have not been registered as TO/TOPs. While some may have configurations that result in BES classification and make them candidates for registration, NERC and the Regional Entities will examine whether registration is warranted.16

15 In accordance with Appendix 5C of the NERC Rules of Procedure, an entity that becomes a candidate for registration as a result of newly-identified Element(s) as a result of application of the BES Definition will not be registered during the pendency of an exception request with respect to such Element(s). With respect to an entity that already is registered for a function due to ownership or operation of an Element that is subject to a notification of self-determined exclusion, there is no automatic change in registration status as a result of validation of the notification by NERC and the Regional Entity. With respect to an entity that already is registered for a function due to ownership or operation of an Element and such entity submits an Exclusion exception request for that Element, there is no automatic change in registration status as a result of a decision that an Element is, or is not, a BES asset. Changes in registration status are governed by the provisions in Section 500, Appendix 5A and Appendix 5B of the NERC Rules of Procedure. 16 For such load-only manufacturing facilities (i .e., with no BES generation), factors to be considered would include whether the util ity maintains the Element; whether the Element is embedded in a retail customer facility and serves a local distribution function; third-party usage; whether wide area view is relevant; and whether there is participation in SPS (RAS), UVLS or UFLS program for the protection of the BES.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 7

Page 61: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

Synchronize threshold revisions with BES Definition and align with risk Over time, entities have contended that the current thresholds are too low and include a large number of entities that pose little or no risk to reliability. Taking into account the new BES Definition and experience to date, the draft design framework includes proposals to revise the Registry Criteria for DPs, TOs, TOPs, GOs and GOPs to more clearly anchor them in the new BES Definition and align them with risk. The revised thresholds will be subject to a case-by-case process (modeled after the BES exceptions process) to allow for registration of entities that do not meet the Registry Criteria or deactivation of a function for entities that satisfy the Registry Criteria, based on a determination of materiality. Specific threshold criteria in Part III for TOs, TOPs, GOs and GOPs have been removed, due to existing language for TOs and TOPs and modifications to language for GOs and GOPs in Part II that tie directly into the BES Definition. As a result the BES Definition thresholds are the thresholds for TOs, TOPs, GOs and GOPs. With respect to the DP function, there are several proposed revisions to the threshold criteria. First, language is clarified to read that it is the entity’s system that is “directly connected” to the BES. In addition, the threshold is increased to 75 MW (pending studies of the aggregate impact of such change) while retaining or adding other criteria for registration such as owning or operating Protection Systems important for reliability (SPS, UVLS and tPS), responsibility for operating a cranking path, or responsibilities for providing services to a nuclear plant. UFLS-Only DPs would only be responsible for complying with PRC-006-1 and any Regional Reliability Standard(s) whose purpose is to develop or establish a UFLS Program (excluding any then-existing Standard whose purpose is maintaining Protection Systems used for underfrequency load-shedding systems) in effect as of November 1, 2014, as well as any other Reliability Standards that identify UFLS-Only entities in their applicability section, but not the other standards applicable to a DP. The proposed changes include revising references from BPS to BES in specific provisions in the Registry Criteria; however, such changes would not apply when discussing NERC and FERC jurisdiction over the BPS. The greater than 75 MW threshold for the DP function tracks the 75 MW dispersed generation threshold in the BES Definition. RBRAG also took into account the impact of increasing the threshold to 75 MW on the following specific Reliability Standard considerations:

DP <= 75 MW

CIP v5 Already a 300 MW bright-line for automatic load shedding under a common BES Cyber System in the standard

EOP-004 R2 on Disturbance Reporting A 75 MW DP will not reach most of the thresholds in the standard

EOP-005-2: load important to a restoration plan

Add to registry criteria for DP if the TOP’s restoration plan identifies the DP as performing unusual tasks

FAC-002, coordination plans for new facilities Immaterial impact and may be covered in pro forma OATT17

NUC-001: providing Nuclear Plant Interface Requirements Add to the registry criteria

PRC-004, PRC-005 and PRC-023: DP that owns TPS Retain in registry criteria.

17 Because tariff and other agreements are governed by Section 205 of the FPA, technical analyses in accordance with Section 215 of the FPA will be required to identify reliability implications and assess the materiality of associated risk, if any, of the proposed change. This information will be one of many factors considered and will not be the sole determining factor.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 8

Page 62: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

DP <= 75 MW

PRC-006 and PRC-008: UFLS

Retain in registry criteria; but, consider a UFLS-Only DP for those entities <=75 MW who would only need to meet PRC-006-1 and any Regional Reliability Standard(s) whose purpose is to develop or establish a UFLS Program (excluding any then-existing Standard whose purpose is maintaining Protection Systems used for underfrequency load-shedding systems) in effect as of November 1, 2014, as well as any other Reliability Standards that identify UFLS-Only entities in their applicability section, but not the other standards applicable to a DP.

PRC-010, PRC-010, PRC-021, PRC-022: UVLS Retain in registry criteria.

PRC-015, PRC-016, PRC-017: SPS Retain in registry criteria.

TOP-001: follow the directives of the TOP

Immaterial impact equivalent to a <= 75 MW dispersed resource. Also, the pro forma OATT already gives the TSP authority over transmission customers.18 Often, the TSP and TOP are the same entity.

Functional registration category removal if not material to reliability NERC reviewed information from various sources to determine if any of the functional categories could be removed from the NCR as part of the RBR redesign. Three have been identified as commercial functions: 1) PSEs, 2) IAs, and 3) LSEs. Further examination, which is already underway and expected to be available for the November Board meeting, is required before any function can be completely removed. NERC also is evaluating whether the requirements contained in the NERC standards for these functions are either already adequately covered by other contracts or regulations (e.g., pro forma Open Access Transmission Tariff (OATT), North American Energy Standards Board (NAESB) Standards, commercial contracts, market rules) or can be transferred to another entity or process without an adverse impact on reliability.

PSE In considering elimination of the PSE, RBRAG took into account that total interchange (i.e., the sum of the individual transactions), rather than individual transactions, is important for reliability purposes. The BAL standards already require the BA to manage total interchange. RBRAG determined that this function should be removed through the Standards Development Process.

IA The recent changes to the INT standards remove the requirements applicable to the IA. Existing BA function and requirements are being evaluated to determine if reliability will be maintained without transferring the IA requirements to the BA. RBRAG determined that this function should be removed through the Standards Development Process.

LSE

Many standards are applicable to both the DP and LSE where the proper applicability should be the DP only and not the LSE. For example, in the Direct Energy case (Docket RC07-4-003), FERC found that a retail services provider

18 Id.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 9

Page 63: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

did not qualify as the LSE under NERC’s Registry Criteria, but FERC approved NERC’s proposal to require that “the DP to whose system the electric loads in retail choice areas are connected are to be registered as the LSE for all loads connected to its system for the purpose of compliance with NERC’s approved reliability standards applicable to the LSE.” As a result, there is precedent that the currently assigned reliability activities of an LSE can be addressed by other registered entities. Below is a discussion of two primary functions assigned in the standards to the LSE that, under this proposal, would be assigned to another functional entity:

LSE OTHER Load shedding, either manual or automatic

The LSE controls no breakers and can only control Load through smart-meters if those meters are so equipped. The LSE should not be the entity responsible for load shedding

Instead, the DP owns the breakers and can readily install automatic load shedding equipment on those breakers (UFLS, UVLS) and can respond effectively to directives to manually shed load. In the case of an RTO or ISO, the applicable entity may be the TOP.

Load forecasting The LSE is obligated in most cases under the Pro Forma OATT and other agreements to provide both operating horizon load forecasts (IRO-010, TOP-002) and planning horizon load forecasts (MOD-031) to their TSP/BA.19 The load forecasting is top down rather than bottom up.

Operating horizon load forecasts should be developed and provided by the BA or DP, depending on whether there is an RTO or ISO market. Planning horizon load forecasts should be developed and provided by the RP.

Below is a table showing a proposal, which is subject to ongoing technical reviews, as to re-assignment of LSE activities to another functional entity:

Assign to BAL-005-2b, R1 within metered boundaries of the BA BA

EOP-002-3.1 R9: emergency energy alert BA

FAC-002, coordination plans for new facilities

DP – a new connection to the BES will be from a DP instead of and end user. If a large end-user directly connects, there are tariff provisions that cover that and FAC-002 would obligate the TO to coordinate.

IRO-001: follow directives of RC DP (addressed in V3)

IRO-005: operate to the most limiting parameter

DP. In addition, may be covered in NAESB TLR procedures (WEQ-008) which gives the RC the authority to direct curtailments. Also, FERC Order No. 693 describes the LSE responsibility to this requirement as following directives.

19 Id.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 10

Page 64: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

Assign to

IRO-010: data specifications of the RC Current day/next day load forecasts - BA, Remote Terminal Unit (RTU) telemetered load – DP

INT-011 on requesting interchange (new standard)

May be covered by NAESB standards, pro forma OATT and FERC Orders.20

MOD-004: CBM Standard is to be retired, and CBM is in the pro forma OATT.21

MOD-017 through MOD-021 (and new MOD-031) on planning horizon load forecasts and amount of Demand Response

RP

NUC-001: providing Nuclear Plant Interface Requirements DP

PRC-010, , PRC-021, PRC-022: UVLS DP TOP-001: follow the directives of the TOP DP TOP-002: coordinate current day, next day and seasonal plans

Current day/next day load forecasts - BA, RTU telemetered load – DP

VAR-001, R5 Retired effective 1/1/15 For all Reliability Standards that apply to LSEs, this function should be removed through the Standards Development Process. Special Considerations for Load-Only Manufactur ing P lants Because most large manufacturing plants are served by multiple feeds, this configuration may result in BES classification and therefore a candidate for registration based on the bright-line application of the new BES Definition. To date, load-only manufacturing plants have not been registered as TOs/TOPs. Rather, in the case of these retail loads, BES reliability has been assured by the real-time actions of the RC/BA/TOP service providers. Enti ty R isk Assessment Appl icable to Load-Only Manufactur ing P lants Based on a case-by-case review, NERC and the Regional Entities will continue to exercise discretion not to register load manufacturing plants that continue to meet the non-exclusive factors below: No BES behind-the-meter generation at the site.

1. Utility maintains the element (e.g., the interconnecting substation and/or protection equipment under the terms and conditions of the applicable interconnection agreement or tariff).

2. Not an “integrated transmission Element” necessary to provide for the reliable operation of the interconnected transmission grid. Element is embedded in a retail customer’s electrical configuration and serves a local distribution function.

3. No third-party usage of element under terms and conditions of a FERC-jurisdictional OATT.

4. The plant is a retail load.

5. The following additional factors may be used in support of the above criteria, which include that the organization is not required to participate in SPS (or RAS), UVLS or UFLS programs.

20 Id. 21 Id.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 11

Page 65: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

The application of the above criteria would not preclude the ability of the retail customer’s Regional Entity, in consultation with the entity’s RC/BA/TOP service providers, to register the entity if the Regional Entity can establish that the plant is material to the reliability of the BES. Such demonstration of materiality shall include a fact-specific analysis reflecting technical judgment. In the event that such load-only manufacturing plants are determined to be subject to registration as TO/TOP under this analysis, review of the TO/TOP Reliability Standards should be undertaken to determine if a sub-list of applicable requirements is appropriate from a risk-based perspective. Moreover, because tariff and other agreements arise under Section 205 of the FPA, technical analyses in accordance with Section 215 of the FPA will be required to identify any reliability implications so that no material reliability gaps are created. The technical analysis should take into the need for coordinating high voltage protection schemes and recognizing dependency by BAs and RPs on reserves, resource adequacy and ancillary services, which are important fundamental aspects needed to support reliability. This information will be one of many factors considered and will not be the sole determining factor.

ELCON provided RBRAG with an estimated order of magnitude of the number of US manufacturing plants in the lower 48 states that might be interconnected with the BES at voltages in excess of 100 kV. There are over 600,000 manufacturing plants in the continental USA. An unknown but not insignificant number of these plants are at risk of becoming BES classified and subsequently registered entities based on a literal application of the BES bright lines. After a review of only 16 manufacturing sectors (out of a total of 36), ELCON has conservatively estimated that 1,100 plants are potentially interconnected at 100 kV or higher. This number should be considered the lower end of a broad range. The high end could easily be two or three times that number. It is not known if 1%, 5% or 10% of these facilities would fail to meet the criteria for exclusion in BES Exclusions E2 and E3. The best-guess, order of magnitude estimate of the number of plants that are at risk of registration is between 11 and 330.

Special Considerations for Industr ial Cogeneration (i .e., behind-the-meter generation) The following criteria could be applied to behind-the-meter generation where discretionary sales to the BES may exceed the “net” 75 MVA threshold applicable to behind-the-meter generation under Exclusion E2. These criteria are contingent on the development of a higher risk-based threshold “[X] MVA” as determined through further study:

1. Sales in excess of 75 MW are energy only but not to exceed [X] MW, as determined by the BA.

2. Capacity sales in excess of 75 MVA as requested and directed by the BA, TOP or RC.

3. Additional factors in support of the above criteria, include that the entity is not a registered TO or TOP (or not otherwise a TO/TOP by virtue of generator tie lines) and does not otherwise affect SOLs or Interconnection Reliability Operating Limits (IROLs).

The working assumption is that all BES generating resource owners and operators with more than 75 MVA (or other threshold as determined through further study) are providing material amounts of capacity and energy to the BES and that misoperation of such BES resources could have an adverse reliability impact, and should accordingly remain subject to the full set of applicable Reliability Standards. Owners and operators of Blackstart Resources would also remain subject to full compliance responsibilities.

ELCON provided comments to RBRAG stating that it considers any customer-owned cogeneration plant with a nameplate rating in excess of 150 MW to have the potential to control its power sales to the grid to avoid crossing the 75-MVA threshold for entity registration. The aggregate nameplate rating of these plants in both the continental USA and Canada is 48,101 MW. The average nameplate rating of these plants is 362 MW.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 12

Page 66: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

Standards Appl icabi l i ty The core standard requirements that need to apply across the board to small GO/GOP generators include those focused on voltage and reactive control (VAR), protection systems (PRC) and modeling (MOD). Further analysis is required with respect to other Reliability Standards that should remain applicable, including, but not limited to, EOP-004-2, FAC-008-3, IRO-010, and TOP-006-2. Technical analyses in accordance with Section 215 of the FPA will be required to identify any reliability implications so that no material reliability gaps are created. As a result, this initial assessment of risk could be revised based on further analysis. Risk-Based Application of Reliability Standards The redesigned framework includes the ability to apply sub-sets of standards to entities based on risk. One approach is to establish that certain requirements do not apply to classes or groups of registered entities, based on uniform characteristics. Corresponding language changes are set forth in Appendix 5B to the NERC ROP. In the case of a UFLS-Only DP, the proposed design contemplates limited Reliability Standard applicability. RBR calls for sub-sets of applicable Reliability Standards based on individual review of a specific entity, as well as common characteristics of a class of entities, as applicable. From Order No. 693 to date, FERC has long-recognized that NERC and the Regional Entities have the ability to apply sub-sets of Standards to registered functions. Excerpts from some of the orders are provided below for ease of reference:

Order No. 693 98. As stated in the NOPR, NERC has indicated that in the future it may add to a Reliability Standard limitations on applicability based on electric facility characteristics such as generator nameplate ratings.[] While the NOPR explored this approach as a means of addressing concerns over applicability to smaller entities, the Commission believes that, until the ERO submits a Reliability Standard with such a limitation to the Commission, the NERC compliance registry process is the preferred method of determining the applicability of Reliability Standards on an entity-by-entity basis.22 Order No. 773 168. The Commission also rejects NERC’s argument that subjecting the elements associated with this type of radial system to all the Reliability Standards has a limited benefit to the reliability of the interconnected transmission network. In cases of radial tie-lines for bulk electric system generators where the generator owner also owns the tie-line, NERC has exercised discretion, on a case-by-case basis, in determining which entities require registration as transmission owners/operators and identified sub-sets of applicable reliability standard requirements for these entities.151 In other situations, such generator tie-lines may appropriately be considered an extension of the generation facility, which would not subject significant additional compliance obligations on the generator owner and/or operator.23 151 E.g., New Harquahala Generating Company, LLC, 123 FERC ¶ 61,173, order on clarification, 123 FERC ¶ 61,311 (2008).

22 Order No. 693 at P 98 (emphasis added). 23 Revisions to Electric Reliability Organization Definition of Bulk Electric System and Rules of Procedure, Order No. 773 at P 52, 141 FERC ¶ 61,236 (2012), order on reh’g, Order No. 773-A, 143 FERC ¶ 61,053 (2013). See also Order Approving Revised Definition, 146 FERC ¶ 61,199 (2014) (emphasis added).

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 13

Page 67: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

Order No. 773-A24 52. We disagree with APPA that the directive to include 100 kV and above generator interconnection facilities connected to bulk electric system generators will result in making the owners of these qualifying 100 kV and above generator interconnection facilities subject to the full range of transmission planner, transmission owner and transmission operator Reliability Standards and requirements. As we state above, in cases of generator interconnection facilities for bulk electric system generators where the generator owner also owns the generator interconnection facility, NERC has determined on a case-by-case basis which entities require registration as transmission owners/operators and identified sub-sets of applicable Reliability Standard requirements for these entities rather than automatically subjecting such generators to the full scope of standards applicable to transmission owners and operators.78 78 In addition, in Docket No. RM12-16-000, NERC has submitted proposed revisions to certain

Reliability Standards to assure that generator interconnection facilities are adequately covered rather than subjecting them to all of the requirements applicable to transmission owners and operators.

Generator Interface Final Rule 25 52. We also reject TDU Systems’ and other commenters’ request to “clarify” that generator owners and operators will no longer be asked to register as transmission owners or operators under any circumstances. Quite the contrary, as we stated in the NOPR, our proposed approval of the revised Reliability Standards was “based on the understanding that additional Reliability Standards or individual requirements may need to be applied to the generator interconnection facilities . . . based on ‘individual assessments.’”80 We leave open the possibility that in some cases, the interconnection facilities may be so extensive that the entity should not only be registered as a transmission owner or operator, but should be subject to all of the Reliability Standards and requirements applicable to such an entity. In other cases, it may be appropriate to waive a significant portion of the standards or requirements generally applicable to transmission owners and operators, even if the entity is technically registered as a transmission owner or operator. 53. However, consistent with our prior decisions in Harquahala and Cedar Creek, we clarify that for the anticipated small number of generator owners and operators owning facilities deemed to be “complex” and therefore potentially subject to additional Reliability Standards, NERC should evaluate, in consultation with the Regional Entity, which Reliability Standards should apply to the particular entity based on the specific facts and circumstances. We further clarify that the generator owner or operator should only be obligated to comply with those Reliability Standards and requirements necessary to close the identified reliability gap.81 To the extent that disputes remain about the appropriate application of Reliability Standards and requirements, we note that generator owners and operators continue to have the right to bring any such dispute to the Commission.

Tailoring Reliability Standard obligations has been successfully implemented in both the registration appeal context and Project 2010-07: Generator Requirements at the Transmission Interface (the GO/TO project). In addition, historically, some Regional Entities have addressed the challenges of Reliability Standard applicability to entities through their compliance monitoring activities, such as adjusting the scope of audits. These experiences have helped inform RBR efforts.

24 Order No. 773-A at P 52 (emphasis added). 25 Generator Requirements at the Transmission Interface, 144 FERC ¶ 61,221 (2013) (Order No. 785).

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 14

Page 68: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

Consistent with this precedent, and subject to additional technical analysis to be conducted, the draft design framework proposes to restrict the requirements applicable to entities that fall below the revised DP thresholds, but that are necessary participants in a UFLS program. Separate efforts in Phase 2 of RBR will address whether a sub-set list of Reliability Standards for TOs/TOPs and GOs/GOPs should be granted. Clarify terms and improve current procedures Materiality NERC’s existing Registry Criteria allows NERC and the Regional Entities to register an entity that does not meet the criteria or to decline to register an entity that meets the criteria, as warranted, based on whether the entity “is material to the reliability of the bulk power system.” (Registry Criteria at note 1). As part of the RBR, a new “materiality” test is being established that would apply solely in evaluating whether to register an entity that does not meet the criteria or to determine not to register an entity that meets the criteria. In addition, materiality assessments also will be useful in connection with assigning registered entities sub-sets of applicable Reliability Standards. Although the burden is on NERC and its Regional Entities to demonstrate that an entity meets the threshold criteria for registration, the burden in the materiality process is on the entity making the request, i.e., the entity asking to be excluded from the NCR (despite satisfying the threshold criteria) and the Regional Entity seeking to include an entity in the NCR (that does not satisfy the threshold criteria). To ensure consistency, NERC is establishing a centralized, NERC-led review process, described in more detail below, to address questions or issues that arise with respect to threshold application, materiality, or Reliability Standard requirement applicability. This process will include requests for deactivation of, or decisions not to register, an entity that meets Registry Criteria or requests to add an entity that falls below the Registry Criteria, as well as requests for a sub-set list of applicable Reliability Standards. The materiality test may also include a review of individual and aggregate system-wide risks and considerations to reliability of the BPS, as anchored in the new BES Definition. The draft RBR design framework sets forth a consistent approach to assessing materiality by identifying factors that must be evaluated. A common set of factors for consideration is identified below; however, only a sub-set of these factors may be applicable to particular functional registration categories. As these factors are considered in more detail through the RBR development process, function-specific factors may be developed. This approach to materiality parallels the factors for consideration developed as Exhibit C, “Detailed Information to Support an Exception Request” to the BES Definition. Factors for Evaluating Materiality Factors that have been identified by the RBRAG as relevant to assessing an entity’s materiality to BES reliability and making an informed engineering judgment include, but are not limited to other factors that may be relevant in individual cases:

1. Is the entity specifically identified in the emergency operation plans and/or restoration plans of an associated Reliability Coordinator (RC), Balancing Authority (BA), GOP or TOP?

2. Will intentional or inadvertent removal of an Element owned or operated by the entity, or a common mode failure of two Elements as identified in the Reliability Standards (for example, loss of two Elements as a result of a breaker failure), lead to a Reliability Standards issue on another system (such as a neighboring entity’s Element exceeding an applicable rating, or loss of non-consequential load due to a single contingency). Conversely, will such contingencies on a neighboring entity’s system result in Reliability Standards issues on the system of the entity in question?

3. Can the normal operation, Misoperation or malicious use of the entity’s cyber assets cause a detrimental impact (e.g., by limiting the operational alternatives) on the operational reliability of an associated BA, GOP or TOP?

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 15

Page 69: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

4. Can the normal operation, Misoperation or malicious use of the entity’s Protective Systems (including underfrequency load shedding (UFLS), undervoltage load shedding (UVLS), special protection system (SPS) and other Protective Systems protecting BES Facilities) cause a detrimental adverse impact on the operational reliability of any associated BA, GOP or TOP, or the automatic load shedding programs of a PC or TP (UFLS, UVLS)?

Establish a centralized review process To provide a basis for NERC and regional consistency, the RBR framework calls for a NERC-led, centralized review panel, comprised of a NERC lead with Regional Entity participants, to vet deactivation of, or decisions not to register, an entity that meets Registry Criteria or requests to add an entity that falls below the Registry Criteria, as well as requests for a sub-set list of applicable Reliability Standards and disputes regarding application of the Registry Criteria. The entity with the burden of proof in a panel review situation shall submit to NERC in writing the details of the issues and identification of any Regional Entity, RC and TOP that has (or will have upon registration of the entity) the entity within its scope of responsibility26 in the Region, NERC will send a notification to the Regional Entity, the entity whose registration status is at issue, the referenced RC and TOP acknowledging receipt of the request for panel review.27 The panel review process will parallel the timelines in the Appeals process, which are set forth in Appendix 5A (Section V and Figure 3). A parallel process will govern requests for Panel resolution of disputes regarding the application of Registry Criteria thresholds. Once a decision is made, it will be shared throughout the ERO Enterprise. The RBRAG expects this to result in consistency across the ERO Enterprise with respect to threshold, materiality, or applicable Reliability Standard class determinations. In addition, improved procedures, with defined timelines, would be established for registration and deactivation, as well as Reliability Standard applicability class determinations and associated appeals. This provides a foundation for consistent decision-making and application of the criteria and thresholds. This process will be included in Appendix 5A to the NERC ROP. The NERC Board of Trustees Compliance Committee (BOTCC) will resolve appeals of registration disputes in accordance with NERC ROP Section 500 and Appendix 5A Section V, which will be revised as appropriate to accommodate these new procedures.

26 The scope of responsibility is defined as the registered functions of a RC and TOP and the geographical or electric region in which the RC and TOP operates to perform its registered functions, or with respect to a Regional Entity, its Regional Entity Region. 27 Input from Reliabil ity Coordinator, Transmission Operator, and Transmission Planner can be used to understand the aggregate impacts of changes in registration activities for Reliability Standards. The Standard Drafting Team on the Generator Interface Project noted the following in its Technical Justification Document Petition of the North American Electric Reliability Corporation for Approval of Proposed Reliabil ity Standards FAC-001-1, FAC-003-3, PRC-004-2.1a and PRC-005-1.1b in Docket No. RM12-16-000, Exhibit C - Technical Justification Resource Document at 16 (July 30, 2012), which was included in the petition for approval to FERC:

The SDT does, however, acknowledge that some Facil ities used solely to connect generators to the transmission system are more complex and therefore require individual assessment. The SDT has concluded that reliability gaps associated with such Facilities should not be addressed simply through application of all standards applicable to Transmission Owners and Transmission Operators, but instead has concluded that an individualized assessment of the impact of such a Facil ity on neighboring transmission Facilities is warranted. The SDT concluded that this assessment should, at a minimum, be based upon the output of transmission planning and operating studies used by the Reliability Coordinator, Transmission Operator, and Transmission Planner in complying with applicable Reliability Standards (Specifically, IRO, TOP and TPL).

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 16

Page 70: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

BES references The proposed changes include revising references from BPS to BES in specific provisions in the Registry Criteria; however, such changes would not apply when discussing NERC and FERC jurisdiction over the BPS. The NERC Glossary of Terms Used in NERC Reliability Standards (NERC Glossary) includes the definition of BPS that was set forth in the Energy Policy Act of 2005, as well as the newly approved definition of BES. No changes to those definitions are proposed as part of the RBR design framework. Deactivation NERC maintains the NCR, which identifies each registered entity and the applicable functional categories for which it is registered. The term deactivation refers to removal of an entity from the NCR for a specific functional category. As a result of deactivation, the entity is no longer subject to any compliance obligations with respect to Reliability Standards applicable to that functional category. The term deactivation is used rather than deregistration, to avoid confusion over an entity’s status because often an entity is registered for more than one functional category. However, deactivation is deregistration for a specific functional category and such functional category will be removed from the NCR. Therefore, if all functional categories have been deactivated for a given entity, such entity would be deregistered and removed from the NCR. However, the entity’s compliance history will be retained. As part of the transition to the redesigned framework, Regional Entities and registered entities will not need to submit a registration appeal pursuant to the NERC ROP Section 500 or Appendix 5A to deactivate entities that do not meet the new threshold criteria. For functional categories that are removed from the NCR, such as the PSEs, NERC, in concert with the Regional Entities will remove all PSE registrations and send a letter to the former PSEs, without the need for action by the registered entities. For entities that no longer meet the Registry Criteria, the registered entity is obligated to update its information in accordance with Section 501.1.5.3 of the NERC ROP. The Regional Entity will in turn notify NERC of changes in registration status. NERC will issue a letter to the registered entity identifying changes in registration status. NERC and the Regional Entity may request additional information, as needed, to process a change in registration status. This process tracks the self-determined notification process as a result of the new BES Definition. Registered entities that are eligible to deactivate for functional categories are encouraged to discuss this in advance with the Regional Entity. NERC and Regional Entities shall act promptly to process registration status changes. Updates to the NCR are reflected on a monthly basis. Timelines governing deactivation requests and reviews shall be set forth in Appendix 5A. NERC oversight and guidance on registration practices NERC retains responsibility and oversight to ensure that a Regional Entity implements the Registration program in a consistent manner. Towards this end, the RBR redesign ensures that NERC is periodically performing programmatic reviews of the Regional Entities’ registration activities to ensure uniformity in due process and consistency in application. This will include development of controls to ensure consistency. Improvements to the program include, but are not limited to:

• sampling and auditing of Regional Entity application of RBR classes and individual entity application;

• using surveys to reach out to registered entities as a means of identifying that a given entity is registered for the proper functions;

• using ongoing outreach to registered entities on registration issues; and

• mapping entities within each Regional Entity footprint to ensure awareness of entities that may have a material impact on reliability.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 17

Page 71: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

One-time attestations With respect to self-certifications and other compliance monitoring activities, Registered Entities will be permitted to record a one-time attestation of “Not Applicable” to a given Reliability Standard requirement. These attestations are necessary where an existing physical or technical limitation makes a requirement inapplicable, or where the requirement is not applicable for another reason. For example, if the registered entity does not own or operate UFLS or UVLS assets, it should simply use the “Not applicable” designation. The Regional Entity will then carry forward this declaration from year-to-year, without requiring the registered entity to repeat the attestation each year, unless circumstances materially change requiring the need for the registered entity to notify the appropriate Regional Entity. NERC or the Regional Entity would have the ability to audit to verify the recordation is correct, on an as needed basis, but this should be infrequent. In addition, NERC and the Regional Entities should allow multi-Regional registered entities (MRRE) to use a single, one time attestation, updated as needed. In such a case, NERC and the Regional Entities would have the opportunity to audit to verify the single attestation is true and correct. Attestations received in 2015 will inform the separate efforts in Phase 2 regarding consideration of sub-set lists of applicable Reliability Standards for TOs/TOPs and GOs/GOPs. Entity risk assessment in a common registration form The NERC Registration Functional Group is currently collaborating with the Regional Entities to develop a common registration form to ensure consistency during the registration process. The common registration form is pending consideration as part of the ERO Enterprise applications. The RBR provides an opportunity to finalize and implement the common registration form for use by NERC, Regional Entities, and registered entities. The use of a common form will facilitate uniformity in the information being collected from registration candidates regardless of where they are located in North America. The common form and future IT interface is intended, among other things, to capture, without undue complexity, key factors relevant to an assessment of an entity’s inherent risk. Inherent risk is a function of an entity’s various registrations and other relevant factors like its system design, configuration, size, etc. The RBR redesign must necessarily address potential impacts on business processes and tools needed to support RBR both within the ERO Enterprise and in industry. RBR recommends exploring use of a single, web-based design. In the interim, changes to the portals and various electronic forms used by NERC and the Regional Entities will need to be adapted to take into account Reliability Standard applicability classes. This will affect compliance monitoring and enforcement activities and will need to be addressed as part of the implementation plan.28 In addition, entity risk assessments should take into account information from “neighbor” surveys that Regional Entities issue to RCs as part of certification and other activities to ensure coordination with adjacent entities. This survey approach also may increase awareness and tracking by NERC, Regional Entities and RCs of entities within each RC’s footprint and help identify needed revisions to an entity’s registration. Status quo for other functional registration categories As discussed above, recommendations for changes apply to eight of the 15 functional categories, including PSEs, IAs, DPs, LSEs, GOs, GOPs, TOs and TOPs. At this time, there are no proposed recommendations with respect to the following seven functional categories: BAs, PAs/PCs, RCs, TPs, RPs, RSGs and TSPs. NERC will re-evaluate these functional categories in Phase 2. In addition, NERC is not proposing changes to Coordinated Functional Registration (CFR) or Joint Registration Organization (JRO) agreement NERC Rule of Procedure provisions. These are voluntary agreements between two

28 See Appendix B hereto.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 18

Page 72: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Design Framework

or more entities that allow them to allocate compliance responsibility that is then used in compliance monitoring and enforcement activities. Entities are encouraged to discuss interest in a CFR or JRO with their respective Regional Entities. NERC recognizes that some CFRs and JROs may be affected as a result of the proposals in the RBR effort. To the extent that CFRs or JROs are affected by elimination of certain functional categories or revised Registry Criteria, entities are encouraged to work with their respective Regional Entity.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 19

Page 73: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix A – Implementation Plan Purpose This Appendix A reflects future activities pending the Board approval of the design and implementation plan. The RBR implementation plan is an activity-based approach focused on completion of key RBR activities. NERC, with the assistance of the RBRAG, established integrated activity timelines to provide industry with the anticipated implementation dates and milestones in order to prepare internal programs for the new process. This implementation plan follows the structure, objectives and purpose of the RBR end-state vision. The major goals of the NERC RBR Initiative are to:

• Develop and deploy a sustainable Registration Program design that incorporates evaluation of the risks and benefits provided by a given entity to ensure reliability of the BES and identifies a corresponding properly tailored set of NERC Reliability Standard requirements.

• Create an implementation plan that supports a 2016 or sooner launch, along with business practice and IT requirements, with the possibility of early adoption options that can result in high reduction of industry burden, while preserving an adequate level of reliability.

In addition, coordination of this effort will enhance the ability to:

• Develop a common approach to identify and evaluate risks to reliability for use across the ERO Enterprise

• Identify changes to the registration criteria, if any, needed to align RBR with NERC’s Reliability Assurance Initiative; and

• Incorporate recent implications to Registration resulting from changes to the BES Definition.

Benefits of deploying the RBR program include:

• Aligning entity registration and compliance burden to its risks and contributions to BES reliability;

• Reducing the industry burden associated with registration, while sustaining continued BES reliability;

• Improving use of NERC, Regional Entity and registered entity resources;

• Providing feedback to Reliability Standards development to enhance the applicability of currently enforceable and future Reliability Standards; and

• Increasing consistency in registration across the eight Regional Entities by developing a common and repeatable approach, along with improving registration and de-registration procedures.

In addition, coordination of this effort will enhance the ERO’s ability to:

• Evaluate risks to reliability for use across the ERO Enterprise; and

• Align changes to the Registry Criteria with other NERC activities and the BES Definition.

NERC and the Regional Entities will develop and deliver business practices, consolidated IT platforms and a training program for Regional Entity Staff along with necessary registered entity communication touch points such as workshops and informational webinars to support the transition to RBR. Project Method and Incremental Rollout The RBR project method follows 4 individual stages of Phase 1 incremental activity. The implementation plan reflects activities in stages 2 – 4. The purpose of this systematic approach is: 1) set program and implementation project expectations, 2) identify the expected targets and milestones required to complete the objectives identified

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 A-1

Page 74: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix A – Implementation Plan

for the RBR initiative, 3) ensure alignment with sponsors and, 4) establish a culture of communication and address assumptions and team and industry stakeholder concerns. A brief summary of the phases are outlined below:

1. Plan/Analyze: Define the scope of work and requirements (completed Q1-Q2 2014)

2. Design: Design and develop revised approach

3. Feedback: Incorporate feedback into design

4. Train/Deploy: Feedback from testing; train regions inform industry and implement RBR Project Timeline Completion Targets by Stages in Phase 1

Phase Q1-Q2 2014 Q3-Q4 2014 Q1 2015 Q2 2015 Q3 2015 Q4 2015 1. Plan/Analysis 2. Design 3. Feedback 4. Train/Deploy

Phase 1

Plan/Analyze Design Feedback Train/Deploy

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 A-2

Page 75: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix A – Implementation Plan

Key Targets to Implement the Strategy

Implementation Targets for Q3-Q4 2014 Timeframe Actions to be performed Deliverable

By the end of Q3 Design

1. NERC and the RBRAG will finalize a draft RBR design and framework document that includes an implementation plan and roll out strategy to recommend elimination of select functional categories based on risk to reliability, revised thresholds for consideration during the evaluation of entity registration and define classes and properly scoped applicable standards based on risk to reliability.

2. NERC and the RBRAG will present data and information to provide technical justification for the recommended future design and framework. The analysis and input will come from three independent sources: • NERC RBRAG Advisory Group and Task Force

• Regional Entities

• RCs

3. NERC staff will coordinate with the Standards Department to update the Reliability Standards Development Plan (RSDP) to include future RBR-related projects:

• Functional Model revisions/updates

• Glossary updates

• Standards updates, including Enhanced Periodic Review projects

Determine if regional standards/variances need to be incorporated into standards

4. NERC staff will coordinate with Standards and NAESB to move necessary requirement to NAESB.

5. NERC staff will coordinate with CCC on revisions to Appendix 5A so it can be updated simultaneously with Appendix 5B of the ROP.

Draft Design documents posted for MRC Policy input and Industry Comment

By the end of Q4 Design

1. NERC Legal will draft initial ROP revisions (section 500) to support the new design and framework, this includes revisions to Appendices 5A and 5B, as needed and prepare for FERC filing. Pre-filing meetings with FERC will be conducted as necessary.

2. NERC staff will submit Standards Authorization Requests (SARs) and seek any other necessary Standards Committee approvals (e.g., solicitation for drafting teams) to start the related projects.

RBR framework and implementation to the NERC Board for approval

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 A-3

Page 76: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix A – Implementation Plan

3. Identify and notify entities that will need to modify CFR/JRO due to functional removal.

By the end of Q4 Design Feedback Train Deploy

1. Finalize development of the Regional training and rollout program. Training and rollout program consist of:

• Training materials to help facilitate auditor workshops

• A staged rollout plan

• A strategy for managing the cultural change that will result from RBR’s rollout

• Develop and rollout one time attestation

Comprehensive Training and Deployment Plan -expected completion target Q1-Q4 2015

Implementation Targets for 2015

Timeframe Actions to be performed Deliverable By the end of Q1 Train/Deploy

Deploy regional training and rollout program which includes training the trainers at the regional level. NERC and regional entities will update ERO processes and procedures. Revise CRATS for sub-tiers.

Updated training, CRATs, ERO processes and procedures.

By the end of Q2 Feedback/Deploy

NERC, the Regional Entities and the RBRAG will identify all PSE, IA, and LSE functions for deactivation:

• Identify and map necessary reliability activities to new owner,

• Notify entities of pending rule changes and possible impacts on them,

Establish sub-sets of Reliability Standards for eligible entities,

Establish the centralized review panel

Centralized NERC-led ERO Enterprise Panel selected and trained to implement the RBR design

By the end of Q3 Train/Deploy

NERC will a conduct a comprehensive communications and industry outreach program (see Communications Plan) to address assumptions and industry stakeholder concerns. Key delivery venues include:

• RTO/ISO council

• Regional Workshops

• Standing Committee Meeting (OC, PC, CCC, Standards, CIPC)

• Compliance Workshop

• NAGF/NATF

• Industry Trades

Consolidated outreach calendar Webinars/workshops FAQ documents

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 A-4

Page 77: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix A – Implementation Plan

Implementation Targets for 2015 Timeframe Actions to be performed Deliverable

By the end of Q4 Deploy

Assign projects for other departments. If needed, NERC and the Regional Entities will design and deploy necessary business practices and ERO IT platform requirements that includes a common registration interface.

Common ERO IT Platform Common ERO Business Practices

By the end of Q4 Deploy Full deployment of approved design and RBR framework.

RBR program fully deployed

Communication Approach The following Communication plan matrix establishes the mechanism, type, audience and frequency of desired communications. This plan is supplemented by a comprehensive calendar of events on the NERC web page and can be found at the following link.

Communications Plan Mechanism Type Audience Method / Source Frequency Responsible

RBRAG Team and Advisory Panel Meeting

Executive Sponsor, Project Sponsor, RBRAG

Face-to-Face & Conference

Bridge 2014 Monthly (As-Needed)

Project Sponsor

PM

MRC Policy Input Feedback MRC Policy input letter 2014 Quarterly Executive Sponsor

Industry Webinars Informational Industry

Stakeholders Webinar 2014-2015 Quarterly PM

Regional Workshops Informational Industry

Stakeholders Workshop Scheduled PM

NERC Newsletters Bulletins Informational Industry

Stakeholders Email Scheduled PM

State of Standards Informational Industry

Stakeholders Webinar Semi-Annual PM

Phase 2 As a result of comments during the June 2014 posting of the design framework materials, NERC determined that certain items would more appropriately be addressed in a defined Phase 2. Of particular note is that separate efforts regarding sub-set lists of applicable Reliability Standards for TOs/TOPs and GOs/GOPs will be addressed in Phase 2. Functional registration categories that are not changing as part of Phase 1 of RBR also will be re-evaluated. Information from one-time attestations will inform future efforts to grant sub-set lists of Reliability Standards. Further information on Phase 2 will be provided at the November Board meeting.

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 A-5

Page 78: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – RBRAG and Task Force Rosters Risk-Based Registration Advisory Group

Affiliation Participant Entity Contact Member Jim Albright

Vice President Texas Reliability Entity, Inc.

512-583-4962 [email protected]

Member John A. Anderson President and CEO

Electricity Consumers Resource Council 1101 K Street NW Suite 700 Washington, D.C. 20005

(202) 682-1390 (202) 289-6370 Fax [email protected]

Member Terry L. Baker Manager of Power System Operations

Platte River Power Authority 2000 E. Horsetooth Road Fort Collins, Colorado 80525

(970) 229-5341 (970) 229-5219 Fax [email protected]

Member Cynthia S. Bogorad

Spiegel & McDiarmid 1333 New Hampshire Ave, N.W. Washington, D.C. 20036

(202) 879-4000 (202) 393-2866 Fax [email protected]

Member Tom Bowe Executive Director of Reliability and Compliance

PJM Interconnection, LLC 955 Jefferson Avenue Valley Forge Corporate Center Norristown, Pennsylvania 19403-2497

(610) 666-4287 Fax [email protected]

Member Patrick Brown Director, U.S. Affairs

Canadian Electricity Association 275 Slater Street Suite 1500 Ottawa, Ontario K1P 5H9

(613) 627-4124 [email protected]

Member James D. Burley Vice President of Compliance, Mitigation and Standards

Midwest Reliability Organization 380 St. Peter Street Suite 800 St. Paul, Minnesota 55102

(651) 855-1748 (651) 786-9890 Fax [email protected]

Member Jack Cashin Directory of Regulatory Affairs

Electric Power Supply Association

202-349-0155 202-628-8260 Fax [email protected]

Member Carter B. Edge

Regional Entity Management Group 2815 Coliseum Centre Drive Suite 500 Charlotte, North Carolina 28217

(704) 940-8221 (704) 357-7914 Fax [email protected]

Member Jennifer Flandermeyer Senior Manager Compliance Programs

Kansas City Power & Light Co. P.O. Box 418679 Kansas City, Missouri 64141-9679

816-701-7851 816-654-1189 Fax [email protected]

Member William J. Gallagher Special Projects Chief

Vermont Public Power Supply Authority 104 Hampton Meadows Hampton, New Hampshire 03842

(802) 839-0562 (802) 244-6889 Fax [email protected]

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 B-1

Page 79: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – RBRAG and Task Force Rosters

Affiliation Participant Entity Contact Member Timothy R. Gallagher

President and CEO ReliabilityFirst 3 Summit Park Drive Suite 600 Cleveland, Ohio 44131

(216) 503-0680 (330) 456-5390 Fax [email protected]

Member Mark S. Gray Manager, Transmission Operations

Edison Electric Institute 701 Pennsylvania Ave. NW Washington, D.C. 20004

(202) 508-5122 202-508-5445 Fax [email protected]

Member John Hughes Vice President, Technical Affairs

Electricity Consumers Resource Council 1101 K Street NW Suite 700 Washington, D.C. 20005

202-682-1390 202-289-6370 Fax [email protected]

Member Stanley E. Kopman Assistant Vice President of Compliance Registration and Enforcement

Northeast Power Coordinating Council 1040 Avenue of the Americas New York, New York 10018-3703

(212) 840-1070 [email protected]

Member Barry R. Lawson Associate Director, Power Delivery and Reliability

National Rural Electric Cooperative Association 4301 Wilson Boulevard Mailcode GR11-253 Arlington, Virginia 22203

(703) 907-5781 (703) 907-5517 Fax [email protected]

Member Michael G. Lowman Senior Engineer

Duke Energy (EC02B) P.O. Box 1006 Charlotte, North Carolina 28201-1006

(980) 373-5195 [email protected]

Member Allen Mosher Vice President, Policy Analysis and Reliability Standards

American Public Power Association 1875 Connecticut Ave NW Suite 1200 Washington, D.C. 20009-5715

202-467-2944 301-767-6652 Fax [email protected]

Member Brian Murphy Manager, NERC Reliability Standards

NextEra Energy 4200 W Flagler Street Miami, Florida 31334

305-442-5132 [email protected]

Member Allen D. Schriver

NextEra Energy

(561) 691-2344 (561) 691- 2606 Fax [email protected]

Member S.A. "Tony" Shiekhi Manager, Registration and Certification

Texas Reliability Entity, Inc. 805 Las Cimas Parkway Suite 200 Austin, Texas 78746

(512) 583-4991 [email protected]

FERC Staff Susan Morris

Federal Energy Regulatory Commission

(202) 502-6803 [email protected]

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 B-2

Page 80: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – RBRAG and Task Force Rosters

Affiliation Participant Entity Contact FERC Staff Olutayo Oyelade

Federal Energy Regulatory Commission

(202) 502-6094 [email protected]

NERC Staff Thomas Burgess Vice President and Director of Reliability Assessment Performance Analysis

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Gerry W. Cauley President and Chief Executive Officer

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Howard L. Gugel Director, Performance Analysis

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Jerry Hedrick Director of Regional Entity Assurance and Oversight

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Soo J. Kim Standards Developer

North American Electric Reliability Corporation 3353 Peachtree Road, NE Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Mark G. Lauby Senior Vice President and Chief Reliability Officer

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Rebecca Michael Senior Director, Reliability

North American Electric Reliability Corporation 1325 G Street, N.W. Suite 600 Washington, D.C. 20005-3801

(202) 400-3000 (202) 644-8099 Fax [email protected]

NERC Staff Michael Moon Senior Director of Regional Entity Coordination

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC Staff Earl W Shockley Senior Director of Compliance Analysis and Certification

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fax [email protected]

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 B-3

Page 81: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – RBRAG and Task Force Rosters

Risk-Based Registration Task Force

Affiliation Participant Entity Contact Member Linda Campbell

Vice President and Executive Director, Standards and Compliance

Florida Reliability Coordinating Council 1408 N. Westshore Boulevard Suite 1002 Tampa, Florida 33607

(813) 289-5644 (813) 289-5646 Fx [email protected]

Member Carol Chinn

Florida Municipal Power Agency 8553 Commodity Circle Orlando, Florida 32819-9002

(321) 239-1065 [email protected]

Member Michael W. Dalebout Manager of Compliance Program Administration

Western Electricity Coordinating Council

(801) 819-7632 [email protected]

Member Frank Gaffney Assistant General Manager and Officer of Regulatory Compliance

Florida Municipal Power Agency 8553 Commodity Circle Orlando, Florida 32819

(321) 239-1026 [email protected]

Member Mark J. Kuras Senior Lead Engineer

PJM Interconnection, L.L.C. 2750 Monroe Blvd. Audubon, Pennsylvania 19403

(610) 666-8924 (610) 666-4779 Fx [email protected]

Member Kenneth P. McIntyre Manager Operation and Planning Standards Compliance

Electric Reliability Council of Texas, Inc. 2705 West Lake Drive Taylor, Texas 76574

(512) 248-3969 (512) 248-3969 Fx [email protected]

Member Patricia E. Metro Manager, Transmission and Reliability Standards

National Rural Electric Cooperative Association 4301 Wilson Blvd. Mail Code EP11-253 Arlington, Virginia 22203

703) 907-5817 (703) 907-5518 Fx [email protected]

Member Scott Miller Manager Regulatory Policy

MEAG Power

[email protected]

Member David P. Penney Senior Reliability Engineer

Texas Reliability Entity, Inc.

(512) 583-4958 [email protected]

Member Fred J. Rains, Jr. Registration and Certification Engineer

SERC Reliability Corporation 2815 Coliseum Centre Drive Suite 500 Charlotte, North Carolina 28217

(704)-414-5225 [email protected]

Member Hector Sanchez Director

NextEra Energy

305-442-5062 (305) 442-5790 Fx [email protected]

Member John Seelke NERC Standards Development & Advocacy Manager

Public Service Enterprise Group 80 Park Place T2B Newark, New Jersey 07102-4194

(973) 430-5360 (973) 621-7584 Fx [email protected]

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 B-4

Page 82: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix B – RBRAG and Task Force Rosters

Affiliation Participant Entity Contact Member James A. Uhrin

Compliance Support Manager

ReliabilityFirst 3 Summit Park Drive Suite 600 Cleveland, Ohio 44131

(216) 503-0692 (330) 456-5408 Fx [email protected]

NERC Staff Terrance Brinker Manager, Registration Services

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower

Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fx [email protected]

NERC Staff Soo Jin Kim Standards Developer

North American Electric Reliability Corporation 3353 Peachtree Road, NE Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fx [email protected]

NERC Staff Mark G. Lauby Senior Vice President and Chief Reliability Officer

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fx [email protected]

NERC Staff Ryan Mauldin Senior Engineer of Registration and Certification

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fx [email protected]

NERC Staff

Rebecca Michael Senior Director, Reliability

North American Electric Reliability Corporation 1325 G Street, N.W. Suite 600 Washington, D.C. 20005-3801

(202) 400-3000 (202) 644-8099 Fx [email protected]

NERC Staff Earl W. Shockley Senior Director of Compliance Analysis & Certification

North American Electric Reliability Corporation 3353 Peachtree Road, N.E. Suite 600, North Tower Atlanta, Georgia 30326

(404) 446-2560 (404) 446-2595 Fx [email protected]

NERC | Risk-Based Registration Phase 1 - Enhanced Draft Design Framework and Implementation Plan | July 2014 B-5

Page 83: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Appendix 5B

Statement of Compliance Registry Criteria

Revision 5.21

Effective: DATEJuly 1, 2014

iwanechkok
Typewritten Text
Attachment C
Page 84: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Statement of Compliance Registry Criteria (Revision 5.21) Summary Since becoming the Electric Reliability Organization (ERO), NERC has initiated a program to identify candidate organizations for its Compliance Registry. The program, conducted by NERC and the Regional Entities1, will also confirm the functions and information now on file for currently-registered organizations. This document describes how NERC will identify organizations that may be candidates for Registration and assign them to the Compliance Registry. NERC and the Regional Entities2 have the obligation to identify and register all entities that meet the criteria for inclusion in the Compliance Registry, as further explained in the balance of this document. This document describes how NERC will identify organizations that may be candidates for Registration and assign them to the Compliance Registry. Organizations will be responsible to register and to comply with approved Reliability Standards to the extent that they are owners, operators, and users of the Bulk Power System (BPS), perform a function listed in the functional types identified in Section II of this document, and are material to the Reliable Operation of the interconnected Bulk Power SystemBPS as defined by the criteria and notes set forth in this document. NERC will apply the following principles to the Compliance Registry:

• In order to carry out its responsibilities related to enforcement of Reliability Standards, NERC must identify the owners, operators, and users of the Bulk Power SystemBPS who have a material impact3 on the Bulk Power SystemBPS through a Compliance Registry. NERC and the Regional Entities will make their best efforts to identify all owners, users and operators who have a material reliability impact on the Bulk Power SystemBPS in order to develop a complete and current Compliance Registry list. The Compliance Registry will be updated as required and maintained on an on-going basis.

• Organizations listed in the Compliance Registry are responsible and will be monitored for compliance with applicable mandatory Reliability Standards. They will be subject to NERC's and the Regional Entities' Compliance Monitoring and Enforcement Programs.

• NERC and Regional Entities will not monitor nor hold those not in the Compliance Registry responsible for compliance with the Reliability Standards. An entity which is not initially placed on the Compliance Registry, but which is identified subsequently as having a material reliability impact, will be added to the Compliance Registry. Such entity will not be subject to a sanction or Penalty by NERC or the Regional Entity for actions or inactions prior to being placed on the Compliance Registry, but may be required to comply with a Remedial Action Directive or

1 The term “Regional Entities” includes Cross-Border Regional Entities. 2 The term “Regional Entities” includes Cross-Border Regional Entities. 3 The criteria for determining whether an entity will be placed on the Compliance Registry are set forth in the balance of this document. At any time a person may recommend in writing, with supporting reasons, to the Director of Compliance that an organization be added to or removed from the Compliance Registry, pursuant to NERC ROP 501.1.3.5.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 1

Page 85: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Mitigation Plan in order to become compliant with applicable Reliability Standards. After such entity has been placed on the Compliance Registry, it shall be responsible for complying with Reliability Standards and may be subject to sanctions or Penalties as well as any Remedial Action Directives and Mitigation Plans required by the Regional Entities or NERC for future violations, including any failure to follow a Remedial Action Directive or Mitigation Plan to become compliant with Reliability Standards.

• Required compliance by a given organization with the Reliability Standards will begin the later of (i) inclusion of that organization in the Compliance Registry and (ii) approval by the Applicable Governmental Authority of mandatory Reliability Standards applicable to the rRegistered eEntity.

Entities responsible for funding NERC and the Regional Entities have been identified in the budget documents filed with FERC. Presence on or absence from the Compliance Registry has no bearing on an entity’s independent responsibility for funding NERC and the Regional Entities. Background In 2005, NERC and the Regional Entities conducted a voluntary organization registration program limited to Balancing Authorities, Planning Authorities, regional reliability organizations, Reliability Coordinators, Transmission Operators, and Transmission Planners. The list of the entities that were registered constitutes what NERC considered at that time as its Compliance Registry. NERC has recently initiated a broader program to identify additional organizations potentially eligible to be included in the Compliance Registry and to confirm the information of organizations currently on file, taking into account the following considerations. NERC believes this is a prudent activity at this time because:

• As of July 20, 2006, NERC was certified as the electric reliability organization (ERO) created for the U.S. by the Energy Policy Act of 2005 (EPAct) and FERC Order No. 672. NERC has received similar recognition byhas also filed with Canadian authorities for similar recognition in their respective jurisdictions.

• FERC’s Order No. 672 directs that owners, operators and users of the Bulk Power SystemBPS in the U.S. shall be registered with the ERO and the appropriate Regional Entities.

• As the ERO, NERC has filed its current Reliability Standards with FERC and with Canadian authorities. A s accepted and approved by FERC and appropriate Canadian authorities, the Reliability Standards are no longer voluntary, and organizations that do not fully comply with them may face Penalties or other sanctions, in accordance with applicable laws, regulations and orders of Applicable Governmental Authorities. determined and levied by NERC or the Regional Entities.

• NERC’s Reliability Standards include compliance Requirements for additional reliability function types beyond the six types registered by earlier registration programs.

• Based on selection as the ERO, the extension and expansion of NERC’s current Organization Registration program45 is the means by which NERC and the Regional Entities will plan, manage

4 See: NERC ERO Application; Exhibit C; Section 500 – Organization Registration and Certification. 5 See: NERC ERO Application; Exhibit C; Section 500 – Organization Registration and Certification.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 2

Page 86: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

and execute Reliability Standard compliance oversight of owners, operators, and users of the Bulk Power SystemBPS.

• Organizations listed in the Compliance Registry are subject to NERC’s and the Regional Entities’ Compliance Monitoring and Enforcement Programs.

Statement of Issue As the ERO, NERC intends to comprehensively and thoroughly protect the reliability of the grid. To support this goal NERC will include in its Compliance Registry each entity that NERC concludes can materially impact the reliability of the Bulk Power SystemBPS. However, the potential costs and effort of ensuring that every organization potentially within the scope of “owner, operator, and user of the Bulk Power System” becomes registered while ignoring their impact upon reliability, would be disproportionate to the improvement in reliability that would reasonably be anticipated from doing so. NERC wishes to identify as many organizations as possible those entities that may need to be listed in its Compliance Registry. Identifying these organizations is necessary and prudent at this time for the purpose of determining resource needs, both at the NERC and Regional Entity level, and forto begin the process of communicatingion with these entities regarding their potential responsibilities and obligations. NERC and the Regional Entities believe that primary candidate entities can be identified at any time at this time, while other entities can be identified later, as and when needed. Selection principles and criteria for the identification of these initial entities are required. This list will become the “Initial Non-binding Organization Registration List”. With FERC having made the approved Reliability Standards enforceable, this list becomes the NERC Compliance RegistryThe Compliance Registry is available on NERC’s website. Resolution The potential costs and effort of ensuring that every organization potentially within the scope of “owner, operator, and user of the BPS” becomes registered while ignoring their impact upon reliability, would be disproportionate to the improvement in reliability that would reasonably be anticipated from doing so. NERC and the Regional Entities have identified two principles they believe are key to the entity selection process. These are:

1. There needs to be consistency between Regions and across the continent with respect to which entities are registered, and;

2. Any entity reasonably deemed material to the reliability of the BPS will be registered, irrespective of other considerations.

To address the second principle the Regional Entities, working with NERC, will identify and register any entity they deem material to the reliability of the Bulk ElectricPower System (BES). In order to promote consistency, NERC and the Regional Entities intend to use the following criteria as the basis for determining whether particular entities should be identified as candidates for Registration. All organizations meeting or exceeding the criteria will be identified as candidates.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 3

Page 87: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

The following four groups of criteria (Sections I-IV) plus the statements in Section V will provide guidance regarding an entity’s Registration status:

• Section I determines if the entity is an owner, operator, or user of the Bulk Power SystemBPS and, hence, a candidate for organization Registration.

• Section II uses NERC’s current functional type definitions to provide an initial determination of the functional types for which the entities identified in Section I should be considered for Registration.

• Section III lists the criteria regarding smaller entities; these criteria can be used to forego the Registration of entities that were selected to be considered for Registration pursuant to Sections I and II and, if circumstances change, for later removing entities from the Compliance RegistryRegistration list that no longer meet the relevant criteria.

• Section IV — additional criteria for joint Registration. Joint Registration criteria may be used by joint action agencies, generation and transmission cooperatives and other entities which agree upon a clear division of compliance responsibility for Reliability Standards by written agreement. Pursuant to FERC’s directive in paragraph 107 of Order No. 693, Rrules pertaining to joint Registration and Joint Registration Organizations, as well as Coordinated Functional Registrations, will are now be found in Sections 501, and 507 and 508 of the NERC Rules of Procedure.

• I. Entities that use, own or operate Elements of the BES as established by NERC’s approved definition of

BES below are (i) owners, operators, and users of the Bulk Power SystemBPS and (ii) candidates for Registration:

“Bulk Electric System” or “BES” means unless modified by the lists shown below, all Transmission Elements operated at 100 kV or higher and Real Power and Reactive Power resources connected at 100 kV or higher. This does not include facilities used in the local distribution of electric energy.

Inclusions:

• I1 - Transformers with the primary terminal and at least one secondary terminal operated at 100 kV or higher unless excluded by application of Exclusion E1 or E3.

• I2 - Generating resource(s) including the generator terminals through the high-side of the step-up transformer(s) connected at a voltage of 100 kV or above with:

a) Gross individual nameplate rating greater than 20 MVA. Or,

b) Gross plant/facility aggregate nameplate rating greater than 75 MVA.

• I3 - Blackstart Resources identified in the Transmission Operator’s restoration plan.

• I4 - Dispersed power producing resources that aggregate to a total capacity greater than 75 MVA (gross nameplate rating), and that are connected through a system designed primarily for delivering such capacity to a common point of connection at a voltage of 100 kV or above. Thus, the facilities designated as BES are:

a) The individual resources, and

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 4

Page 88: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

b) The system designed primarily for delivering capacity from the point where those resources aggregate to a greater than 75 MVA to a common point of connection at a voltage of 100 kV or above.

• I5 - Static or dynamic devices (excluding generators) dedicated to supplying or absorbing Reactive Power that are connected at 100 kV or higher, or through a dedicated transformer with a high-side voltage of 100 kV or higher, or through a transformer that is designated in Inclusion I1 unless excluded by application of Exclusion E4.

Exclusions:

• E1 - Radial systems: A group of contiguous transmission Elements that emanates from a single point of connection of 100 kV or higher and:

a) Only serves Load. Or,

b) Only includes generation resources, not identified in Inclusions I2, I3, or I4, with an aggregate capacity less than or equal to 75 MVA (gross nameplate rating). Or,

c) Where the radial system serves Load and includes generation resources, not identified in Inclusions I2, I3 or I4, with an aggregate capacity of non-retail generation less than or equal to 75 MVA (gross nameplate rating).

Note 1 – A normally open switching device between radial systems, as depicted on prints or one-line diagrams for example, does not affect this exclusion.

Note 2 – The presence of a contiguous loop operated at a voltage level of 50 kV or less, between configurations being considered as radial systems, does not affect this exclusion.

• E2 - A generating unit or multiple generating units on the customer’s side of the retail meter that serve all or part of the retail Load with electric energy if: (i) the net capacity provided to the BES does not exceed 75 MVA, and (ii) standby, back-up, and maintenance power services are provided to the generating unit or multiple generating units or to the retail Load by a Balancing Authority, or provided pursuant to a binding obligation with a Generator Owner or Generator Operator, or under terms approved by the applicable regulatory authority.

• E3 - Local networks (LN): A group of contiguous transmission Elements operated at less than 300 kV that distribute power to Load rather than transfer bulk power across the interconnected system. LN’s emanate from multiple points of connection at 100 kV or higher to improve the level of service to retail customers and not to accommodate bulk power transfer across the interconnected system. The LN is characterized by all of the following:

a) Limits on connected generation: The LN and its underlying Elements do not include generation resources identified in Inclusions I2, I3, or I4 and do not have an aggregate capacity of non-retail generation greater than 75 MVA (gross nameplate rating);

b) Real Power flows only into the LN and the LN does not transfer energy originating outside the LN for delivery through the LN; and

c) Not part of a Flowgate or transfer path: The LN does not contain any part of a permanent Flowgate in the Eastern Interconnection, a major transfer path within the Western

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 5

Page 89: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Interconnection, or a comparable monitored Facility in the ERCOT or Quebec Interconnections, and is not a monitored Facility included in an Interconnection Reliability Operating Limit (IROL).

• E4 - Reactive Power devices installed for the sole benefit of a retail customer(s).

Note - Elements may be included or excluded on a case-by-case basis through the Rules of Procedure exception process.

II. Entities identified in Part I above will be categorized as Registration candidates who may be subject to Registration under one or more appropriate Functional Entity types based on a comparison of the functions the entity normally performs against the following function type definitions:

II.

Function Type Acronym Definition/Discussion

Balancing Authority BA The responsible entity that integrates resource plans ahead of time, maintains Load-interchange-generation balance within a Balancing Authority Area, and supports Interconnection frequency in real-time.

Distribution Provider

DP Provides and operates the “wires” between the transmission system and the end-use customer. For those end-use customers who are served at transmission voltages, the Transmission Owner also serves as the Distribution Provider. Thus, the Distribution Provider is not defined by a specific voltage, but rather as performing the distribution function at any voltage.

Note: As provided in Section III.b.1 and Note 5 below, a Distribution Provider entity shall be a UFLS-Only Distribution Provider if it is the responsible entity that owns, controls or operates UFLS Protection System(s) needed to implement a required UFLS program designed for the protection of the BES, but does not meet any of the other registration criteria for a Distribution Provider.

Generator Operator

GOP The entity that operates generating unit(s)Facility(ies) and performs the functions of supplying energy and Interconnected Operations Services.

Generator Owner GO Entity that owns and maintains generating unitsFacility(ies).

Interchange Authority

IA The responsible entity that authorizes implementation of valid and balanced Interchange Schedules between Balancing Authority Areas, and ensures communication of Interchange information for reliability assessment purposes.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 6

Page 90: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Function Type Acronym Definition/Discussion

Load-Serving Entity LSE Secures energy and Transmission Service (and related Interconnected Operations Services) to serve the electrical demand and energy requirements of its end-use customers.

Planning Authority/

Planning Coordinator

PA/PC The responsible entity that coordinates and integrates transmission Facilities and service plans, resource plans, and Protection Systems.

Purchasing-Selling Entity

PSE The entity that purchases, or sells, and takes title to, energy, capacity, and Interconnected Operations Services. PSE may be affiliated or unaffiliated merchants and may or may not own generating Facilities.

Reliability Coordinator

RC The entity that is the highest level of authority who is responsible for the Reliable Operation of the Bulk Electric System, has the Wide Area view of the Bulk Electric System, and has the operating tools, processes and procedures, including the authority to prevent or mitigate emergency operating situations in both next-day analysis and real-time operations. The Reliability Coordinator has the purview that is broad enough to enable the calculation of Interconnection Reliability Operating Limits, which may be based on the operating parameters of transmission systems beyond any Transmission Operator’s vision.

Reserve Sharing Group

RSG A group whose members consist of two or more Balancing Authorities that collectively maintain, allocate, and supply operating reserves required for each Balancing Authority’s use in recovering from contingencies within the group. Scheduling energy from an Adjacent Balancing Authority to aid recovery need not constitute reserve sharing provided the transaction is ramped in over a period the supplying party could reasonably be expected to load generation in (e.g., ten minutes). If the transaction is ramped in quicker, (e.g., between zero and ten minutes), then, for the purposes of disturbance control performance, the areas become a Reserve Sharing Group.

Resource Planner RP The entity that develops a long-term (generally one year and beyond) plan for the resource adequacy of specific Loads (customer demand and energy requirements) within a Planning Authority area.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 7

Page 91: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Function Type Acronym Definition/Discussion

Transmission Owner

TO The entity that owns and maintains transmission Facilities.

Transmission Operator

TOP The entity responsible for the reliability of its local transmission system and operates or directs the operations of the transmission Facilities.

Transmission Planner

TP The entity that develops a long-term (generally one year and beyond) plan for the reliability (adequacy) of the interconnected bulk electric transmission systems within its portion of the Planning Authority area.

Transmission Service Provider

TSP The entity that administers the transmission tariff and provides Transmission Service to Transmission Customers under applicable Transmission Service agreements.

III. Entities identified in Part II above as being subject to Registration as an LSE, DP, GO, GOP, TO, or TOP should be included excluded from in the Compliance Registry for these functions if they do not meet any of the criteria listed below:

III (a) Load-Serving Entity:

III.a.1 Load-Serving Entity peak Load is > 25 MW and is directly connected to the Bulk Power (>100 kV) System, or;

III.a.2 Load-Serving Entity is designated as the responsible entity for Facilities that are part of a required underfrequency Load shedding (UFLS) program designed, installed, and operated for the protection of the Bulk Power System, or;

III.a.3 Load-Serving Entity is designated as the responsible entity for Facilities that are part of a required undervoltage Load shedding (UVLS) program designed, installed, and operated for the protection of the Bulk Power System.

[Exclusion: A Load-Serving Entity will not be registered based on these criteria if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate function for the transferred responsibilities, such as a Load-Serving Entity, Balancing Authority, Transmission Operator, generation and transmission cooperative or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.]

III.a.4 Distribution Providers registered under the criteria in III.b.1 or III.b.2 will be registered as a Load Serving Entity (LSE) for all Load directly connected to their distribution facilities.

[Exclusion: A Distribution Provider will not be registered based on this criterion if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 8

Page 92: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

function for the transferred responsibilities, such as a Load-Serving Entity, Balancing Authority, Transmission Operator, generation and transmission cooperative, or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.]

III(b)III(a) Distribution Provider:

III.b.1III.a.1 Distribution Provider system serving >2575 MW of peak Load that is directly connected to the Bulk ElectricPower System;6 or

[Exclusion: A Distribution Provider will not be registered based on this criterion if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate function for the transferred responsibilities, such as a Load-Serving Entity, Balancing Authority, Transmission Operator, generation and transmission cooperative, or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.] or;

III.b.2III.a.2 Distribution Provider is the responsible entity that owns, controls, or operates Facilities that are part of any of the following Protection Systems or programs designed, installed, and operated for the protection of the BES:7

• a required UFLS program.

• a required UVLS programUnder-Voltage Load Shedding (UVLS) program and/or.

• a required Special Protection System and/or.

• a required transmission Protection System; or.

III.a.3 Distribution Provider that is responsible for providing services related to Nuclear Plant Interface Requirements (NPIRs) pursuant to an executed agreement; or

III.a.4 Distribution Provider with field switching personnel identified as performing unique tasks associated with the Transmission Operator’s restoration plan that are outside of their normal tasks.

[Exclusion: A Distribution Provider will not be registered based on these criteria if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate function for the transferred responsibilities, such as a Balancing Authority, Transmission Operator, generation and transmission cooperative, or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.];

III(b) Distribution Provider with UFLS-Only assets (referred to as “UFLS-Only Distribution Provider”)

6 Ownership, control or operation of Under-Frequency Load Shedding (UFLS) Protection System(s) needed to implement a required UFLS Program designed for the protection of the BES does not affect an entity’s eligibility for registration pursuant to III.a.1. 7 As used in Section III.a.2, “protection of the Bulk Electric System” means protection to prevent instability, Cascading, or uncontrolled separation of the BES and not for local voltage issues (UVLS) or local line loading management (SPS) that are demonstrated to be contained within a local area.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 9

Page 93: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

III.b.1 UFLS-Only Distribution Provider does not meet any of the other registration criteria for a Distribution Provider; and

III.b.2 UFLS-Only Distribution Provider is the responsible entity that owns, controls, or operates UFLS Protection System(s) needed to implement a required UFLS Program designed for the protection of the BES. A UFLS-Only Distribution Provider shall be listed in the Compliance Registry as responsible for complying with PRC-006-1 and any Regional Reliability Standard(s) whose purpose is to develop or establish a UFLS Program (excluding any then-existing Standard whose purpose is maintaining Protection Systems used for underfrequency load-shedding systems) in effect as of November 1, 2014, as well as any other Reliability Standards that identify UFLS-Only entities in their applicability section, but not the other standards applicable to a DP.

III(c) Generator Owner/Operator:

III.c.1 Individual generating unit > 20 MVA (gross nameplate rating) and is directly connected to the Bulk Power System, or;

III.c.2 Generating plant/facility > 75 MVA (gross aggregate nameplate rating) or when the entity has responsibility for any facility consisting of one or more units that are connected to the Bulk Power System at a common bus with total generation above 75 MVA gross nameplate rating, or;

III.c.3 Any generator, regardless of size, that is a Blackstart Resource material to and designated as part of a Transmission Operator entity’s restoration plan, or;

III.c.4 Any generator, regardless of size, that is material to the reliability of the Bulk Power System.

[Exclusions:

A Generator Owner/Operator will not be registered based on these criteria if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate function for the transferred responsibilities, such as a Load-Serving Entity, generation and transmission cooperative or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.

As a general matter, a customer-owned or operated generator/generation that serves all or part of retail Load with electric energy on the customer’s side of the retail meter may be excluded as a candidate for Registration based on these criteria if (i) the net capacity provided to the Bulk Power System does not exceed the criteria above or the Regional Entity otherwise determines the generator is not material to the Bulk Power System and (ii) standby, back-up and maintenance power services are provided to the generator or to the retail Load pursuant to a binding obligation with another Generator Owner/Operator or under terms approved by the local regulatory authority or the Federal Energy Regulatory Commission, as applicable.]

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 10

Page 94: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

III(d) Transmission Owner/Operator:

III.d.1 An entity that owns/operates an integrated transmission Element associated with the Bulk Power System 100 kV and above, or lower voltage as defined by the Regional Entity necessary to provide for the Reliable Operation of the interconnected transmission grid; or

III.d.2 An entity that owns/operates a transmission Element below 100 kV associated with a Facility that is included on a critical Facilities list that is defined by the Regional Entity.

[Exclusion: A Transmission Owner/Operator will not be registered based on these criteria if responsibilities for compliance with approved NERC Reliability Standards or associated Requirements including reporting have been transferred by written agreement to another entity that has registered for the appropriate function for the transferred responsibilities, such as a Load-Serving Entity, generation and transmission cooperative or joint action agency as described in Sections 501 and 507 of the NERC Rules of Procedure.

IV. Joint Registration Organization, Coordinated Functional Registration and applicable Member Registration.

Pursuant to FERC’s directive in paragraph 107 of Order No. 693, NERC’s rules pertaining to joint Registrations and Joint Registration Organizations, as well as Coordinated Functional Registrations, are now found in Section 501, and 507 and 508 of the NERC Rules of Procedure.

V. If NERC or a Regional Entity encounters an organization that is not listed in the Compliance Registry, but which should be subject to the Reliability Standards, NERC or the Regional Entity is obligated and will initiate actions to add that organization to the Compliance Registry, subject to that organization’s right to challenge as provided in Section 500 of NERC’s Rules of Procedure and as described in Note 3 below.

Notes to the above Criteria

1. The above are general criteria only. The Regional Entity considering Registration of an organization not meeting (e.g., smaller in size than) the criteria may propose Registration of that organization if the Regional Entity believes and can reasonably demonstrate8 that the organization is a Bulk Power SystemBES owner, or operates, or uses Bulk Power SystemBES assets, and is material to the reliability of the Bulk Power SystemBESBES. Similarly, the Regional Entity may exclude an organization that meets the criteria described above as a candidate for Registration if it believes and can reasonably demonstrate to NERC that the Bulk Power SystemBES owner, operator, or user does not have a material impact on the reliability of the Bulk Power SystemBES. Such decisions must be made in accordance with Section V of Appendix 5A to the NERC Rules of Procedure. In order to ensure a consistent approach to assessing materiality, a non-exclusive set of factors (“materiality

8 The reasonableness of any such demonstration will be subject to review and remand by NERC itself, or by any Applicable Governmental Authority, as applicable.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 11

Page 95: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

test”) for consideration is identified below; however, only a sub-set of these factors may be applicable to particular functional registration categories:

a. Is the entity specifically identified in the emergency operation plans and/or restoration plans of an associated Reliability Coordinator (RC), Balancing Authority (BA), GOP or TOP?

b. Will intentional or inadvertent removal of an Element owned or operated by the entity, or a common mode failure of two Elements as identified in the Reliability Standards (for example, loss of two Elements as a result of a breaker failure), lead to a Reliability Standards issue on another system (such as a neighboring entity’s Element exceeding an applicable rating, or loss of non-consequential load due to a single contingency). Conversely, will such contingencies on a neighboring entity’s system result in Reliability Standards issues on the system of the entity in question?

c. Can the normal operation, Misoperation or malicious use of the entity’s cyber assets cause a detrimental impact (e.g., by limiting the operational alternatives) on the operational reliability of an associated BA, GOP or TOP?

d. Can the normal operation, Misoperation or malicious use of the entity’s Protective Systems (including underfrequency load shedding (UFLS), undervoltage load shedding (UVLS), special protection system (SPS) and other Protective Systems protecting BES Facilities) cause a detrimental adverse impact on the operational reliability of any associated BA, GOP or TOP, or the automatic load shedding programs of a PC or TP (UFLS, UVLS)?

2. An organization not identified using the criteria, but wishing to be registered, may request that it be registered. For further information refer to: NERC Rules of Procedure, Section 500 – Organization Registration and Certification; Part 1.3.

3. An organization may challenge its Registration within the Compliance Registry. NERC or the Regional Entity will provide the organization with all information necessary to timely challenge that determination including notice of the deadline for contesting the determination and the relevant procedures to be followed as described in the NERC Rules of Procedure; Section 500 – Organization Registration and Certification.

4. If an entity is part of a class of entities excluded based on the criteria above as individually being unlikely to have a material impact on the reliability of the Bulk Power SystemBES, but that in aggregate have been demonstrated to have such an impact it may be registered for applicable Reliability Standards and Requirements irrespective of other considerations, in accordance with laws, regulations and orders of an Applicable Governmental Authority.

5. NERC may limit the compliance obligations of a given entity registered for a particular function or similarly situated class of entities, as warranted based on the particular facts and circumstances, to a sub-set list of Reliability Standards.

Document TitleAppendix 5B – Statement of Compliance Registry Criteria (Revision 5.2) 12

Page 96: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 5 MRC Meeting August 13, 2014

Additional Policy Discussion from Board Committee Meetings

Action Discussion of specific items presented at the Board Committee meetings. Staff presentations made at the Board Committee meetings will not be duplicated at the MRC meeting. Status On August 13, 2014, the MRC can expect to continue its increased participation and dialogue during the Board committee meetings in Vancouver. The MRC will have additional time for policy discussion, as part of its own agenda, to respond to the information that is presented during the committee meetings. The August 13, 2014 Board committee agendas and associated background materials are posted on the following webpages: Corporate Governance and Human Resources Committee Meeting Agenda Finance and Audit Committee Meeting Agenda (agenda to be posted approximately one week prior to the meeting) Compliance Committee Meeting Agenda Standards Oversight and Technology Committee Meeting Agenda

Page 97: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 6 MRC Meeting August 13, 2014

Proposed EPA CO2 Section 111(d) Regulations Overview

Action This overview and background describes the proposed regulation and the current NERC perspective. At the August 13, 2014 meeting, MRC members can expect to have a high-level discussion about NERC’s reliability assessment role. Background Summary Overview of Section 111(d) Regulations In 2009, the U.S. Environmental Protection Agency (EPA) determined that greenhouse gas pollution threatens Americans' health and welfare by leading to long lasting changes in our climate that can have a range of negative effects on human health and the environment. On June 2, 2014, under President Obama’s Climate Action Plan, the EPA proposed draft regulations that would, for the first time, propose to reduce carbon CO2 pollution from existing power plants. These proposed regulations are intended to maintain an affordable, reliable energy system, while decreasing pollution and protecting health and the environment now and for future generations. These regulations follow on the previous release of regulations governing CO2 emissions for new sources of generation. Power plants reportedly account for roughly one-third of all domestic greenhouse gas emissions in the United States, and these regulations would represent further efforts to adopt requirements that extend beyond the limits in place for the levels of arsenic, mercury, sulfur dioxide, nitrogen oxides, and particle pollution that power plants can emit. The proposed EPA regulations would require by 2030, that existing generation resources:

• Cut carbon emission from the power sector by 30 percent below 2005 levels; and

• As a co-benefit, reduce particle pollution, nitrogen oxides, and sulfur dioxide by more than 25 percent.

EPA estimates up to $93 billion in climate and public health benefits and that electricity bills will shrink roughly 8 percent through energy efficiency and reduced demand. The EPA regulations propose implementation through a state-federal partnership under which states identify plans to meet the emission reduction goals. Guidelines are provided to support state implementation plans (SIP) development to meet state-specific carbon reduction goals and enable the flexibility to design requirements suited to their unique situation. These plans may include generation mix changes using diverse fuels, energy efficiency and demand-side management, and allow states to work alone or together to develop multi-state plans. There is a flexible timeline for states to follow for submitting plans to the EPA due in June 2016, with further time permitted as needed or if multi-state approaches are proposed.

Page 98: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

These EPA proposed Section 111(d) regulations were posted for a 120-day comment period followed by four public hearings the week of July 28, 2014. Based on the resulting input, the EPA is expected to finalize standards in June, 2015. Proposed Regulations Reactions Some evaluations suggest that the forthcoming proposed regulations to reduce greenhouse gas emissions from existing power plants pose no threat to the reliability of the nation's Bulk Power System. The primary basis is that the forthcoming rule on existing plants will be inherently more flexible than some of the more recent environmental rules that have been challenged as potentially affecting reliability. Other reviews indicate that the EPA's continued promulgation of environmental regulations is a threat to continued reliable operation of the nation's grid. The view is that the already proposed rules to control carbon dioxide emissions from new power plants coupled with these proposed existing plant rules released in June will trigger the closing of thousands of megawatts of coal-fired generating capacity. Some point to the winter's polar vortex, when coal-fired generation was needed to support reliability, noting that some of the plants that were needed in service then would potentially retire under these EPA's rules and will not be available in the future event of extreme weather conditions. The EPA has conducted outreach sessions across the United States with many audiences prior to the release of the proposed rule, and anticipates extensive comments which may exceed the nearly 1 million comments filed with the new source CO2 regulation proposal. There has been a strong sentiment among the industry that the EPA should further engage in a robust process where it extensively consults with the reliability experts, including FERC, the Department of Energy Office of Reliability and NERC as these rules continue to be developed. NERC Perspective As an initial approach to responding to the EPA’s proposed CO2 regulations, NERC considered a range of factors and concluded with the following key considerations:

• The Green House Gas rule for existing units is very extensive, nearly 1,000 pages of materials reflecting a very complex set of provisions.

• NERC has not at this time drawn any reliability conclusions about the potential impacts.

• NERC maintains a reliability-centered focus on potential implications of environmental rules and other shifts in the composition of the bulk system.

• This focus resulted in a wide ranging series of technical reliability reports which inform decision makers and help position the industry.

• As the rules and their implementation impacts become more clearly known, NERC will continue to monitor the reliability consequences.

Page 99: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

This approach is designed to carefully assess the development of the final regulations, recognizing that the EPA expects some substantive changes to be involved, before undertaking a reliability impacts assessment. Such an assessment would be a potential supplement to the earlier Reliability Impacts of Climate Change Initiatives completed in July 2010, and which focused primarily on the emergence of extensive state Renewable Portfolio Standards programs. Further, this approach does not prematurely assert adverse reliability impacts without the certainty of the rules in place and the opportunity to evaluate the range of state and federal implementation plans, as well as anticipated industry decisions. Any such technical reliability assessment would recognize the range of industry strategies and approaches to dealing with environmental regulations such as Section 111(d), and ascertain whether adequate time is available to ensure that effective transitions can take place without degrading reliability. While state flexibility is desirable, the changing dispatch and transmission needs may reveal certain reliability issues that need to be evaluated. Particularly the timing available to address these rules, the anticipated significant shifts in resources (fuel, geographically, and network relative to load centers), and consequent changes in the network ability to manage reliable operation (much larger transfers and power swings) are significant aspects of these regulations that potentially impact reliability. Accordingly the focus of any technical reliability assessment would likely not focus on the amount of affected generation (MWs), rather the system and regional aspects of the resource mix changes as a whole, the potential for essential reliability services being strained (voltage support, ramping, frequency response), and further concentration of the fuel mix on natural gas/variable resources/distributed resources/Demand-Side Management.

Page 100: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 7 MRC Meeting August 13, 2014

Polar Vortex Report Update

Action Information Summary In early January of 2014, the Midwest, South Central and East Coast regions of the United States experienced a weather condition known as a Polar Vortex where frigid artic conditions dipped down to much lower latitudes than normal, resulting in extreme cold weather. These weather conditions resulted in many areas experiencing temperatures 20 to 30 degrees below the average high and low temperatures normally experienced, with some areas experiencing more than 35 degrees below their average low. This resulted in record high winter electrical peak demand for these areas on January 6, 2014 and again on January 7, 2014. During the polar vortex, cold weather and fuel issues had a significant impact on the amount of generation available to Balancing Authorities and Load Serving Entities. From January 6, 2014 through January 8, 2014, there was significant generation capacity reduction either through the unavailability of the unit to start-up, stay online, or reduced capacity. NERC, in conjunction with the Regional Entities, will continue to analyze these capacity reductions to determine if they were the direct or indirect result of the extreme cold weather. During these challenges, Balancing Authorities and Load Serving Entities in both the Texas and Eastern interconnections were mostly able to maintain their reserve margins and continue to serve their load. Through the use of voltage reduction, interruptible and demand side management techniques, and the NERC EEA process, only one Balancing Authority shed load, which was less than 300 MW of Firm Load and represented less than 0.1 percent of the total load experienced by the impacted areas on that day. NERC has gathered information and data on what happened during the Polar Vortex and many registered entities have provided an initial analysis of the challenges they faced. NERC has continued its assessment and analysis using the data gathered from the generating availability data system (GADS). In September, NERC will release a full report on the system impacts from the Polar Vortex. The report will contain a historical assessment of how this event compared to previous cold weather events and normal winters, a detailed analysis of forced generation outages, a review of the Operating Committee Reliability Guidelines, an assessment of demand response effectiveness, and recommendations.

Page 101: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 8 MRC Meeting August 13, 2014

Assessing the ERO’s Effectiveness

Action Information Background This project is being organized by NERC to gain stakeholder perceptions of the Electric Regulatory Organization (ERO) and address sub-metric K of NERC’s 2014 metrics. The purpose is to set a baseline in 2014 for stakeholder perceptions, and, in future years, measure gains in positive perceptions as NERC addresses any concerns. The survey will be designed in the context of the program areas. Furthermore, the survey follows the ERO Strategic Plan for 2014-2017 by promoting effective collaboration, cooperation, and communication about important risks to reliability. The core values and guiding principles that serve as guidelines for the conduct and behavior of all involved in the ERO enterprise will be used in developing and analyzing the survey content. As part of this effort, consolidation of existing surveys from NERC business units and Committees will be completed to increase the efficiencies and consistency in how information is gathered and measured by NERC and the eight Regional Entities. For example, currently there are different surveys in which the ERO Enterprise gathers information about its performance potentially causing an administrative burden for Registered Entities to compile the information. Additionally, these surveys are not consistent and cannot be used to develop a baseline and framework for identification and improvement of stakeholder perceptions. The goal is to develop and deploy one survey to gather the information across NERC’s business units and the ERO Enterprise on a periodic and consistent basis. This will enable the ERO Enterprise to take the recommendations from the survey and outline a process to enhance perceptions and continued assurance of the reliability and security of the Bulk Power System. An advisory group comprised of a few members of the Compliance and Certification Committee, Reliability Issues Steering Committee, MRC, and Regional Entity staff is being established with the goal of finalizing the survey by mid-September 2014 and sending the survey to industry for a 30-day comment period in October 2014.

Page 102: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

Agenda Item 9 MRC Meeting August 13, 2014

Update on Regulatory Matters

(As of July 11, 2014) Action Information Regulatory Matters in Canada

1. The second agreement among the North American Electric Reliability Corporation (NERC), the Régie de l’Energie Québec (Régie), and the Northeast Power Coordinating Council (NPCC) regarding implementation of mandatory Reliability Standards in Québec is being developed for consideration by the Québec provincial government. On October 30, 2012, the Régie issued a decision adopting 35 Reliability Standards for Québec. On March 20, 2014, the Régie issued another decision in the same proceeding adopting an additional 7 Reliability Standards for Québec, which brings the total number of adopted standards in Québec to 42. It is expected that the Régie will issue a decision concerning additional Reliability Standards within the same proceeding. Hydro-Québec TransÉnergie, the Québec Reliability Coordinator, has initiated a consultation process on 18 NERC Reliability Standards that will be filed with the Régie once its decision on the pending standards is issued. This filing is expected before the end of 2014. The review of the Sanction Guide proposed by Hydro-Québec TransÉnergie and the determination of Reliability Standards enforcement dates remain pending.

2. The Province of Manitoba (Manitoba) enacted the following in order to establish a new statutory framework for compliance with Reliability Standards in Manitoba: (i) amendments to The Manitoba Hydro Act; (ii) amendments to The Public Utilities Board Act; and (iii) a Reliability Standards Regulation. The Reliability Standards Regulation adopts, by way of a schedule, the NERC / Midwest Reliability Organization (MRO) Reliability Standards applicable to Manitoba registered entities and outlines the Compliance Monitoring and Enforcement Process (CMEP) in Manitoba. In 2013, the Manitoba completed consultations regarding amendment of the Reliability Standards Regulation to adopt new standards developed or revised by NERC since April 1, 2012 and to revise the CMEP to allow a fast-track method of enforcement for minor violations, including the “Find, Fix and Track Process.” These CMEP amendments are effective March 25, 2014, and the new standards are effective March 31, 2014.

3. British Columbia has vested the British Columbia Utilities Commission (BCUC) with authority to levy monetary penalties for violations. In October 2012, the BCUC established an inquiry into potential adjustments to the BC Mandatory Reliability Standards (MRS) program to consider, amongst other things, processes for assessing severity and risk for violations. This inquiry also addressed the adoption of the revised NERC Bulk Electric System definition. In April 2014, the BCUC made recommendations to the Minister of Energy and Mines to amend the MRS Regulation (BC Reg. 32/2009, Ministerial Order M039) to include amendments considered necessary to facilitate the adoption of the new NERC Bulk Electric System (BES) definition in British Columbia. On

Page 103: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

May 1, 2014, BC Hydro and Power Authority filed its annual report, MRS Assessment Report No. 7, which covers the assessment of 25 revised NERC Reliability Standards and 35 new and revised definitions in the NERC Glossary of Terms.

4. NERC has filed petitions of several Reliability Standards in Alberta, British Columbia, Manitoba, National Energy Board (NEB), Nova Scotia, Ontario, Québec, New Brunswick, and Saskatchewan.

5. New Brunswick’s legislation that amends how Reliability Standards are approved, monitored, and enforced received Royal Assent in New Brunswick and was proclaimed on October 2013. The Act led to the amalgamation of the New Brunswick System Operator (NBSO) with the NB Power Group of Companies. The system operation functions performed by the NBSO are now performed within a vertically integrated NB Power. NBSO’s role in the adoption, monitoring, and enforcement of North American reliability standards has been transferred to the New Brunswick Energy and Utilities Board (NBEUB). On December 23, 2013, NBEUB issued version 00 of its Reliability Standards, Compliance and Enforcement Program 2014 Annual Implementation Plan. In accordance with the new legislative requirements, NB Power is required to make an application to the NBEUB within 60 days of FERC’s approval of NERC Reliability Standards. Since October 2013, NB Power has filed several applications with the NBEUB for approval of NERC Reliability Standards.

6. The NEB issued an order on December 6, 2012 imposing mandatory Reliability Standards on international power lines (IPL) under the NEB’s jurisdiction. The NEB is developing an approach on Administrative Monetary Penalties that might be applicable, as appropriate for violation of Reliability Standards.

7. On May 20, 2014, NERC filed its First Quarter 2014 application for approval of Reliability Standards in Nova Scotia, which included approval of the revised definition of the BES. Nova Scotia Power has undertaken to provide the Nova Scotia Utility and Review Board with information related to the BES definition application by September 30, 2014. The Fourth Quarter 2013 application for approval of thirteen Reliability Standards, retirement of thirty-four Requirements (within nineteen Reliability Standards), and updated NERC Glossary of Terms in Nova Scotia remains before the Nova Scotia Utility and Review Board. This application included approval of CIP Reliability Standards CIP-002-5 through CIP-011-1.

8. Effective January 1, 2014, the Alberta Electric System Operator (AESO) assumed all responsibilities related to the functions of a Reliability Coordinator. Alberta Reliability Standards related to a Reliability Coordinator will be adopted and this work is underway. The AESO remains an active member and supporter of the WECC and looks forward to a strong working relationship with the adjacent Reliability Coordinators, Peak Reliability and SaskPower. On June 26, 2014, the AESO posted an updated Alberta Reliability Standards Project Plan that tracks the adoption of Alberta Reliability Standards. In particular, NERC Reliability Standards CIP-002 through CIP-011 have been reviewed and

Page 104: Agenda Member Representatives Committee Highlights... · The nominating committee received a number of candidates and looked for abalance among executive level expertise, experience

are targeted for filing with the Alberta Utilities Commission in July 2014, with a forecasted effective date of the Third Quarter 2016.

FERC Orders Issued Since the Last Update

Please find the FERC orders at the following website: http://www.nerc.com/FilingsOrders/us/Pages/2014fercordersrules.aspx NERC Filings Since the Last Update

Please find the NERC filings to FERC at the following website: http://www.nerc.com/FilingsOrders/us/Pages/nercfilings2014.aspx Canadian Filings and Orders

Please find the NERC filings to Canadian applicable governmental authorities at the following website: http://www.nerc.com/FilingsOrders/ca/Pages/default.aspx Anticipated NERC Filings

1. July 21, 2014 – NERC must submit the Five-Year ERO Performance Assessment Report in accordance with the requirements of the Commission’s regulations at 18 C.F.R. §39.3(c).

2. August 14, 2014 – Within forty-five days of the end of each quarter, beginning with the quarter ending March 31, 2013, NERC will file with the Commission the unaudited report of the NERC budget-to-actual spending variances during the preceding quarter. This report will include information regarding sources and uses of operating and working capital reserves and will match or exceed the level of detail of the quarterly budget-to-actual variance report of NERC expenditures attached to the agenda of NERC Board of Trustees Finance and Audit Committee’s October 2012 meeting. Docket No. FA11-21-000

3. August 29, 2014 – NERC must submit the 2015 annual business plan and budget filing for NERC and the Regional Entities.

4. August 29, 2014 – NERC must submit a quarterly filing in Nova Scotia of FERC-approved Reliability Standards.

5. September 29, 2014 – NERC must submit the 2014 annual report on wide-area analysis of Technical Feasibility Exceptions (TFEs) in compliance with Paragraphs 220 and 221 of FERC Order No. 706, ROP Appendix 4D, and the September 3, 2013 order approving revisions. Docket No. RR10-1-001

6. October 1, 2014 – NERC must submit a quarterly status report informational filing in response to FERC's January 14, 2014 order related to the motion to defer action on revisions to the Transmission Operations (TOP) and Interconnection Reliability Operations and Coordination (IRO) Reliability Standards. Docket Nos. RM13-12-000, RM13-14-000, and RM13-15-000