agenda compliance and certification committee highlights and...agenda – compliance certification...

RELIABILITY | RESILIENCE | SECURITY

Agenda Compliance and Certification Committee November 19, 2019 | 1:00 p.m. – 4:00 p.m. Central November 20, 2019 | 9:00 a.m. – 11:00 a.m. Central Texas RE Offices 805 Las Cimas Parkway Suite 200 Austin, Texas 78746 Introduction and Chair’s Remarks Welcome- Lane Lanford, President and CEO, Texas RE NERC Antitrust Compliance Guidelines and Public Announcement Agenda Items

1. Administrative – Secretary and Chair

2. Committee Business

a. Consent Agenda – (Review) – Jennifer Flandermeyer

i. Meeting Agenda Review – (Approve)

ii. CCC September 2019 Meeting Minutes – (Approve)

3. CCC Action Items and Work Plan Status* – (Discuss) – Scott Tomashefsky

4. 2020 Work Plan* – (Approve) – Scott Tomashefsky

5. CCC Charter Revisions* – (Discuss) – Jennifer Flandermeyer

6. Subcommittee Updates

a. Nominating Subcommittee – (Update) – John Allen

i. Onboarding Package Project

ii. Nominating Subcommittee Procedure

iii. Subcommittee Appointments

iv. CCC/CCC Subcommittee Listserv

b. ORCS – (Update) – Keith Comeaux

i. ROP Revisions

c. EROMS – Lisa Milanes

Agenda – Compliance Certification Committee Meeting – November 2019 2

i. Retire CCCPP-002 Monitoring Program for Reliability Standards Applicable to NERC – (Approve)

ii. CCCPP-008 Program for Monitoring Stakeholder’s Perceptions – (Update)

iii. ERO Enterprise Effectiveness Survey Focus Group – (Update)

d. Alignment Working Group – (Update) – Martha Henson

7. NERC Reports and Updates

a. 2020 CMEP Implementation Plan* – Steven Noess and Ed Kichline

b. Internal Controls and Streamlining* – Steven Noess and Ed Kichline

c. Align and CORES* – Steven Noess and Ryan Stewart

d. Internal Audit Report* – Matt Gibbons

i. Summary Report Regarding 2019 Compliance Monitoring and Enforcement Program, Standards Processes Manual Self-Certification Responses – (Update)

8. Lessons Learned Joint Meeting SC/CCC – (Discuss) – CCC Members

9. NERC Board of Trustees and Members Representative Committee (MRC) November 2019 Meetings* – (Update) – Scott Tomashefsky

10. NERC Board Enterprise-wide Risk Committee – (Update) – Jennifer Flandermeyer

11. RISC Reliability Risk Report* – (Discuss) – Patti Metro

12. Standing Committee Coordination Group (SCCG) – (Update) – Jennifer Flandermeyer

13. Review of Action Items – (Review) – Scott Tomashefsky

14. Future Meeting Dates – (Inform)

a. Confirmed 2020 Dates

i. March 10-11, 2020: Austin, TX (Texas RE)

ii. June 9-10, 2020: Cleveland, OH (ReliabilityFirst)

iii. September 23-24, 2020: Salt Lake City, UT (WECC Offices)** Combined with Standards Committee

iv. November 17-18, 2020: Jupiter, FL (NextEra Offices)

*Background materials included.

Antitrust Compliance Guidelines I. General It is NERC’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or that might appear to violate, the antitrust laws. Among other things, the antitrust laws forbid any agreement between or among competitors regarding prices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that unreasonably restrains competition. It is the responsibility of every NERC participant and employee who may in any way affect NERC’s compliance with the antitrust laws to carry out this commitment. Antitrust laws are complex and subject to court interpretation that can vary over time and from one court to another. The purpose of these guidelines is to alert NERC participants and employees to potential antitrust problems and to set forth policies to be followed with respect to activities that may involve antitrust considerations. In some instances, the NERC policy contained in these guidelines is stricter than the applicable antitrust laws. Any NERC participant or employee who is uncertain about the legal ramifications of a particular course of conduct or who has doubts or concerns about whether NERC’s antitrust compliance policy is implicated in any situation should consult NERC’s General Counsel immediately. I. Prohibited Activities Participants in NERC activities (including those of its committees and subgroups) should refrain from the following when acting in their capacity as participants in NERC activities (e.g., at NERC meetings, conference calls and in informal discussions):

• Discussions involving pricing information, especially margin (profit) and internal cost information and participants’ expectations as to their future prices or internal costs.

• Discussions of a participant’s marketing strategies.

• Discussions regarding how customers and geographical areas are to be divided among competitors.

• Discussions concerning the exclusion of competitors from markets.

• Discussions concerning boycotting or group refusals to deal with competitors, vendors or suppliers.

• Any other matters that do not clearly fall within these guidelines should be reviewed with NERC’s General Counsel before being discussed.

I. Activities That Are Permitted From time to time decisions or actions of NERC (including those of its committees and subgroups) may have a negative impact on particular entities and thus in that sense adversely impact competition.

Antitrust Compliance Guidelines 2

Decisions and actions by NERC (including its committees and subgroups) should only be undertaken for the purpose of promoting and maintaining the reliability and adequacy of the bulk power system. If you do not have a legitimate purpose consistent with this objective for discussing a matter, please refrain from discussing the matter during NERC meetings and in other NERC-related communications. You should also ensure that NERC procedures, including those set forth in NERC’s Certificate of Incorporation, Bylaws, and Rules of Procedure are followed in conducting NERC business. In addition, all discussions in NERC meetings and other NERC-related communications should be within the scope of the mandate for or assignment to the particular NERC committee or subgroup, as well as within the scope of the published agenda for the meeting. No decisions should be made nor any actions taken in NERC activities for the purpose of giving an industry participant or group of participants a competitive advantage over other participants. In particular, decisions with respect to setting, revising, or assessing compliance with NERC reliability standards should not be influenced by anti-competitive motivations. Subject to the foregoing restrictions, participants in NERC activities may discuss:

• Reliability matters relating to the bulk power system, including operation and planning matters such as establishing or revising reliability standards, special operating procedures, operating transfer capabilities, and plans for new facilities.

• Matters relating to the impact of reliability standards for the bulk power system on electricity markets, and the impact of electricity market operations on the reliability of the bulk power system.

• Proposed filings or other communications with state or federal regulatory authorities or other governmental entities.

Matters relating to the internal governance, management and operation of NERC, such as nominations for vacant committee positions, budgeting and assessments, and employment matters; and procedural matters such as planning and scheduling meetings.

Public Announcement Face-to-face meeting version: Participants are reminded that this meeting is public. Notice of the meeting was posted on the NERC website and widely distributed. Participants should keep in mind that the audience may include members of the press and representatives of various governmental authorities, in addition to the expected participation by industry stakeholders. August 10, 2010

Internal Use Only

NERC Compliance and Certification Committee 2020 Work Plan

NERC Board Approval: February 7, 2020

11/04/19 DRAFT FOR CCC REVIEW NERC | Report Title | Report Date I

NERC | Compliance and Certification Committee 2020 Work Plan | Board Approval: February 7, 2020 ii

Internal Use Only

Table of Contents

Table of Contents .................................................................................................................................................................. 2

Preface .................................................................................................................................................................................. 3

Executive Summary ............................................................................................................................................................... 4

Introduction .......................................................................................................................................................................... 5

Revision History .................................................................................................................................................................. 5

Chapter 1: 2020 CCC Work Plan – Strategic Planning Efforts ................................................................................................. 1

Chapter 2: 2020 CCC Work Plan – Ongoing Responsibilities .................................................................................................. 2

Chapter 3: Ongoing Responsibilities - Details ................................................................................................................................ 5

Project 1 ― Review and Update of CMEP, CCC Programs and Procedures ........................................................................ 5

Project 2 – Program Support Efforts .................................................................................................................................. 5

Project 3 – Assist with Review of ORCP Information Cycle ................................................................................................. 5

Project 4 ― NERC Self-Certifications .................................................................................................................................. 5

Project 5 ― NERC Audits .................................................................................................................................................... 6

Project 6 ― Regional Entity Compliance Program Audits .................................................................................................. 6

Project 7 ― Enterprise-Wide Risk Committee Collaboration ............................................................................................. 6

Project 8 ― NERC Reliability Issues Steering Committee Collaboration ............................................................................. 6

Project 9 – ERO Program Alignment ................................................................................................................................... 6

Project 10 ― ERO Enterprise Stakeholder Survey .............................................................................................................. 7

Project 11 ― Stakeholder Collaboration ............................................................................................................................ 7

Chapter 4: 2020 CCC Work Plan - Deliverables ...................................................................................................................... 8

Chapter 5: Logistics and NERC Budget Requirements for CCC Activities ................................................................. 10

CCC Quarterly Meetings (Cost to be determined by NERC and industry) ......................................................................... 10

CCC Program Audits/Review ............................................................................................................................................ 10

WebEx/Conference Calls (Cost to be determined by NERC)............................................................................................. 10

Stakeholder Perception Survey (Cost to be determined by NERC) ................................................................................... 10

Training (Cost to be determined by NERC) ....................................................................................................................... 10

NERC | Compliance and Certification Committee 2020 Work Plan | Board Approval: February xx, 2020 iii

Internal Use Only

Preface

The vision for the Electric Reliability Organization (ERO) Enterprise, which is comprised of the North American Electric Reliability Corporation (NERC) and the six Regional Entities (REs), is a highly reliable and secure North American bulk power system (BPS). Our mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid.

The North American BPS is divided into six RE boundaries as shown in the map and corresponding table below. The multicolored area denotes overlap as some load-serving entities participate in one Region while associated Transmission Owners/Operators participate in another.

NEED UPDATED MAP OF NORTH AMERICA

MRO Midwest Reliability Organization

NPCC Northeast Power Coordinating Council RF ReliabilityFirst

SERC SERC Reliability Corporation

Texas RE Texas Reliability Entity

WECC Western Electricity Coordinating Council

NERC | Compliance and Certification Committee 2020 Work Plan | Board Approval: February 7, 2020 4

Internal Use Only

Executive Summary

The purpose of this Work Plan is to identify the anticipated activities and deliverables of the NERC Compliance and Certification Committee (CCC) for 2020. The plan is based on the responsibilities assigned to the CCC by the NERC Board of Trustees (Board) for programs across the ERO Enterprise and tasks identified by the CCC that are required to fulfill these responsibilities. Additionally, the CCC identified projects and deliverables that will further support the goals of the ERO Enterprise Operating Plan and the ERO Enterprise Long-term Strategy.

There are several ERO focus areas where CCC activities will support:

1. Objective and Risk-informed Compliance Monitoring, Enforcement, and Organization Registration and Certification: As a committee providing support and guidance but otherwise independent of the execution of NERC’s Compliance Monitoring and Enforcement Program (CMEP) and the Organization Registration and Certification Programs (ORCP), the CCC will develop criteria to assess NERC’s adherence to the Rules of Procedure (ROP) for these programs on an ongoing basis. As a committee independent of Reliability Standards development, the CCC is responsible for establishing and implementing a program as specified in Section 405 of NERC’s ROP to monitor NERC’s adherence to its Standard Processes Manual (Appendix 3A), with the exception of appeals of substantive or procedural action or inaction associated with a Reliability Standard or the standards process as defined in the Appeals section of the Standard Processes Manual. In 2020, the CCC will continue to work with NERC staff and stakeholders to continue to refine the maturing and ongoing role for the CCC with respect to the ERO’s adherence to its processes, procedures, and statutory obligations.

2. Effective and Efficient ERO Enterprise Operations: Provide continued and ongoing input and support into the design of ERO Program development and revision efforts. The CCC will assist in identifying modifications for improvements and associated changes to the NERC ROP and associated documents or processes.

3. Identification and Mitigation of Significant Risks to Reliability: In 2020, the CCC will continue its work with NERC staff and stakeholders to identify areas where collaboration with stakeholder committees will assist with the further development and maturation of successful risk mitigation and program administration to support the success of the ERO Enterprise.

4. Identification of Emerging Risks to Reliability: The CCC will participate in discussions on the continued development of risk metrics to further evaluate potential emerging issues or threats and trends to facilitate reliability of the bulk power system. The CCC will also identify necessary actions as inputs to NERC management.

The CCC has subcommittees and working groups performing certain assigned tasks on behalf of and under the supervision of the CCC. In collaboration with NERC and Regional Entity staff, the CCC delegated responsibilities to the following subcommittees and working groups for projects and activities:

• Organization Registration and Certification Subcommittee (ORCS)

• ERO Monitoring Subcommittee (EROMS)

• CCC Nominating Subcommittee

• CCC ERO Alignment Working Group

The following pages represent an outline of the work plan deliverables and detailed project information.

Internal Use Only

Introduction

The CCC is a Board-appointed stakeholder committee serving and reporting directly to the Board. In that capacity under a NERC Board-approved charter,1 and as approved by FERC2 and set forth in NERC’s ROP, the CCC will engage with, support, and advise the Board, the NERC Board of Trustees Compliance Committee (BOTCC), and the NERC Board of Trustees Enterprise-wide Risk Committee (EWRC) regarding all facets of the NERC CMEP, Organization Registration program, and Organization Certification program.

The CCC partners with NERC leadership on a variety of key NERC initiatives and criteria for evaluation and assessment of the effectiveness of NERC programs. To support this endeavor, the CCC has developed this work plan to identify the activities that the CCC intends to perform in 2020 to fulfill the responsibilities the Board has established for the CCC.

The CCC provides for balanced discussion, commentary, and recommendations on compliance issues by bringing together a diversity of opinions and perspectives from NERC member sectors. Members are appointed to the CCC by the Board and serve on the committee at the pleasure of the Board.

Individuals deemed qualified to serve on the committee will generally include senior-level industry experts who have familiarity, knowledge, and experience in the areas of compliance, compliance enforcement, compliance administration and management, organization responsibilities and registration, organization certification, and NERC and Regional standards. These individuals are normally involved with internal compliance programs within their respective organizations. Committee members are expected to support the interests of the sector they represent, to the best of their ability and judgment.

Revision History

Date Version Number Comments 10/30/2019 1 Draft #1 for CCC Executive Committee Review

11/4/2019 2 Draft #2 for CCC Review

1 http://www.nerc.com/comm/CCC/Documents/CCC%20Charter%20Approved%20RR15-11-000.pdf 2 http://www.nerc.com/files/Order_on_Comp_Filing_06.07.2007_CCC_VSL_Order.pdf

Internal Use Only

Chapter 1: 2020 CCC Work Plan – Strategic Planning Efforts

This projects included in this category are intended to address succession planning within the CCC as well as clarify the CCC’s role in the broader scope of the maturation of the risk-based approach. Further details on these projects are shown in the following table below.

Project # Project Name Activities Resource(s)

1 Succession Planning • Ensure the CCC is strategically positioned to be able to fulfill the responsibilities and long-term expectations of the NERC Board of Trustees.

CCC, CCC Subcommittees, NERC Management

Industry Collaboration

• Participate in Standards Efficiency Review process

• Continue in leadership role on Standards Efficiency Review Advisory Group

• Maintain direct involvement in the Standing Committees Coordination Group

• Enhance communications and participation with industry groups with a focused plan for coordination

CCC, CCC Subcommittees

Enhancing CCC Program Efficiencies

• Continue evaluation of various activities and functions of subcommittees/working groups to determine ways to improve the effectiveness and efficiency of the CCC

• Explore opportunities to “cross train” across various CCC subcommittees

• Collaborate with NERC Internal Audit team for r i s k a n d c o n t r o l m a t u r i t y opportunities

• Hold half-day of CCC hearing training for CCC members

Communications

• Develop materials for onboarding individuals as members join the CCC and to provide to industry stakeholders looking for background information about the CCC

• Finalize CCC membership procedures including charter revisions to the NERC BOT

CCC, NERC Management

Internal Use Only

Chapter 2: 2020 CCC Work Plan – Ongoing Responsibilities

The tables below summarize the list of ongoing responsibilities assigned to the CCC. In general, responsibilities area divided into two primary categories: 1) activities that respond to the CCC Charter and the NERC Rules of Procedure, and 2) activities that support the NERC mission. Further details on the deliverables and projects are discussed in the next section by project number identified below.

Project # Project Name Activities Resource(s)

Review and Update of CMEP and CCC Programs and Procedures

• Review and monitor changes to the CMEP and other NERC initiatives that could require updates or changes to CCC programs and procedures

• Evaluate and review of CCC Charter, including functions and responsibilities

• Evaluate and review of potential ROP changes associated with CCC activities

• Explore opportunities to “cross-train” among subcommittees

Program Support Efforts (CMEP, Standards Development)

• Identify and participate in risk-based compliance assurance outreach and feedback discussions

• Support outreach on internal controls

• Identify outreach needs and conduct activities focused on registered entities that are small or pose lower risk to the bulk power system.

• Support rollout of key activities or program revisions as requested

• Partner with ERO Enterprise to provide feedback on RSAW development

• Review stakeholder requests to become a qualified entity to submit compliance implementation guidance

• Evaluate programs and associated ROP sections for necessary revisions as program maturation occurs

• Actively participate in Phase 2 of NERC’s Standards Efficiency Review

CCC, EROMS, NERC Management

Assistance with Review of Information Production, Capture and Response for ORCP

• Evaluate programs and associated ROP sections for necessary revisions as program maturation occurs

CCC, ORCS

Internal Use Only

NERC Self-Certifications

• Support self-certification of CMEP, ORCP, and Standards Development and associated reporting

• Coordinate with NERC Internal Audit on criteria development, process, and assessment of adherence to NERC ROP as a maturity project for effective ways to conduct the reviews

CCC, EROMS, NERC Internal Audit

NERC Audits • In accordance with NERC Internal Audit,

Sections 405/406/506 of the NERC ROP, oversee audits of NERC in the areas of CMEP, ORCP, and reliability standards development

CCC, EROMS, NERC Internal Audit

ERO Regional Entity CMEP Audits

• In accordance with CCCPP-012, support Regional Entity CMEP audits executed by NERC’s Internal Audit and Corporate Risk Management function, consistent with Appendix 4A of the ROP. Note that no specific audits are scheduled for 2020

CCC, NERC Internal Audit

Enterprise-wide Risk Committee (EWRC) Collaboration

• Provide input to EWRC as requested

• Fulfill advisory role to NERC Internal Audits as requested

• Participate and support in EWRC activities and discussions

• Participate in the annual ERO risk discussions with NERC Management as requested

CCC Leadership, EWRC and ERO Enterprise Management, NERC Director of Internal Audits

NERC Reliability Issues Steering Committee Collaboration

• Provide input to existing risks, mitigation strategies, and emerging risk identification

• Participate and support in RISC activities and discussions

CCC Leadership, NERC Management

ERO Enterprise Program Alignment

• Address potential ERO program alignment issues to support success of CMEP and ORCP

• Assist NERC with screening of information, support further review of reported items, and provide suggested resolutions if warranted

CCC, Alignment Working Group, NERC Management

Internal Use Only

ERO Effectiveness Survey

• Participate on the ERO Effectiveness Survey Advisory Group

• Support development efforts for current and future surveys

• Develop survey questions that are more focused in driving substantive content from industry versus historical statistical reporting on ERO Survey questions as requested by the BOT.

• Develop survey questions specific to the ERO Enterprise Coordinated Oversight Program for Multi-Regional Registered Entities

• Evaluate results to provide reporting and recommend improvements

CCC, EROMS, TalentQuest, NERC Management

Stakeholder Collaboration

• Identify industry stakeholder groups where CCC collaboration will strengthen ERO process and approach

• Participate in industry outreach as requested with ERO personnel on designated ERO topics

CCC, Stakeholder Committees

Internal Use Only

Chapter 3: Ongoing Responsibilities - Details

Project 1 ― Review and Update of CMEP, CCC Programs and Procedures • Review CCC programs and procedures in collaboration with NERC management to identify necessary

changes and procedural review or approval requirements.

• Development of new procedure that will memorialize CCC Nominating Subcommittee procedures.

• Update criteria for assessing effectiveness of Regional Entity CMEP activities, considering ERO input, to appropriately reflect program modification, improvements, and prior years’ evaluations.

• Continue to assess how CMEP practices change related to risk-based CMEP implementation in regard to: (a) monitoring practices (as embodied in CCCPP-010 and also including assisting CPPS in the annual RE evaluation criteria work); (b) enforcement; and (c) Reliability Standards development. Assist NERC with annual evaluation of goals, tools, and procedures of each Regional Entity CMEP to determine effectiveness of each Regional Entity CMEP, using criteria developed by the CCC.

• Per the terms of CCCPP-011, conduct annual review of the criteria for approval to become an organization seeking to be pre-qualified to provide Implementation Guidance to the ERO Enterprise.

• Review the Compliance Guidance Policy and take associated actions to support.

• Consider ROP changes to Section 500 and associated appendices due to changes with the Functional Model.

Project 2 – Program Support Efforts

• Support program efforts related to CMEP and Standards Development areas in support of ERO Enterprise goals.

• Partner with ERO Enterprise related to review of Reliability Standard Audit Worksheets (RSAWs).

CCC comments on RSAWs, as requested.

• Monitor and respond to any requests from stakeholders to become pre-qualified organizations that can submit proposed Implementation Guidance.

• Hold “focus group” discussions that are intended to identify opportunities for the ERO Enterprise to drive specific improvements and information sharing across the ERO Enterprise.

• Participate with ERO Enterprise Staff in evaluation of ROP changes and recommend changes as program maturation continues.

• Monitor rollout of CORES and Align tools related to program monitoring responsibilities.

Project 3 – Assist with Review of ORCP Information Cycle

• Provide additional guidance, as needed, to NERC Staff regarding the entity registration tool: Centralized Organization Registration Entity System (CORES).

• Review and provide suggestions for improvement to the 2020 Organization Certification Program activities. Project 4 ― NERC Self-Certifications

• In years where audits are not conducted, develop and update self-certification forms and request NERC self-certify adherence to the ROP for the following items:

Internal Use Only

Compliance Monitoring and Enforcement Program (CMEP), and

Organization Registration and Certification Program (ORCP)

Standards Development Program

• Coordinate with NERC to prepare a summary report of the results of NERC’s assessment to the EWRC.

Project 5 ― NERC Audits • In accordance with applicable CCC monitoring program documents, Sections 405/406/506 of the NERC

ROP, work with NERC Internal Audit to execute audits of the following items:

Compliance Monitoring and Enforcement Program (CMEP), and

Organization Registration and Certification Program (ORCP)

Standards Development Program

• Coordinate with NERC Internal Audit for CCC participation as audit observers.

• Review the final audit report and provide it to the EWRC. Project 6 ― Regional Entity Compliance Program Audits

• Work with NERC management (Internal Audit and Compliance Assurance) to develop criteria for future audits of Regional Entity Compliance Programs.

• At the discretion of the CCC, participate as an observer in Regional Entity Compliance Program audits executed by NERC’s Internal Audit and Corporate Risk Management function, consistent with Appendix 4A of the ROP.

Project 7 ― Enterprise-Wide Risk Committee Collaboration

• Provide input into NERC’s annual risk assessment, as requested.

• Work with NERC to provide input on the annual EWRC Audit Plan.

• Provide an update of CCC activities at each quarterly EWRC meeting.

Project 8 ― NERC Reliability Issues Steering Committee Collaboration

• Perform outreach efforts with stakeholders to gather input for emerging risks.

• Participate in and support Reliability Issues Steering Committee (RISC) updates.

• Participate in evaluation and revisions to the ERO Risk Elements supporting development of the ERO Enterprise Operating Plan and the ERO Enterprise Long-term Strategy.

• Participate and support Reliability Leadership Summit as opportunity occurs.

Project 9 – ERO Program Alignment

• CCC Alignment Working Group (AWG) will execute the CCC role within the process to address potential reported concerns related to CMEP and ORCP activities. Gather information regarding potential alignment issues. Evaluate nature and extent of the alignment issue.

Develop suggested resolution of the issue.

Internal Use Only

Present suggested resolution to the CCC for review and endorsement.

Communicate suggested resolutions of alignment issue to the CCC to communicate to NERC.

Provide stakeholder expertise to support the development of Align and CORES.

Project 10 ― ERO Enterprise Stakeholder Survey • Participate on the ERO’s Effectiveness Survey Advisory Group.

• Support development efforts of the ERO Effectiveness Survey by contributing input on survey objectives, content, and delivery in preparation for current and future surveys.

Project 11 ― Stakeholder Collaboration • Identify opportunities where the CCC can provide compliance expertise in collaboration with other industry

stakeholder committees.

• Participate in industry outreach as requested by NERC management on designated topics with ERO personnel.

• Strengthen committee collaboration and create joint work products, as necessary.

Internal Use Only

Chapter 4: 2020 CCC Work Plan - Deliverables

The tables below summarize the list of CCC work plan deliverables for projects in 2020. Further details on the deliverables and projects are discussed in the next section by project number identified below.

Project Name Deliverable Schedule

ERO Program Alignment • Periodic reports regarding the

effectiveness of the ERO Program Alignment Initiative and Reporting Tool (with NERC management)

Q2 and Q4 2020 (AWG)

ERO Effectiveness Survey

• Develop and refine package of CCC-related questions to be included in the 2020 ERO Effectiveness Survey

Q2 2020 (EROMS)

NERC Self-Certifications

• 2020 CMEP and ORCP Self-Certification Form to NERC, via direct communication from CCC Chair

Q2 2020 (EROMS)

• Update CCC Charter, reflecting: 1) any

changes to the ERO Enterprise and/or adjustment to the CCC scope of work, 2) update vision statement

Complete by Q1 2020

BOT approval by Q3 2020

• Revise remaining CCCPP documents that were not reviewed and/or updated in 2019.

Complete by end of 2020.

Subcommittees will develop review schedule.

• Complete new procedure (CCCPP-013) which will outline CCC Nominating Subcommittee procedures.

Q2 2020

• Develop ROP changes associated with Section 500 and associated appendices due to changes to the Functional Model.

Q2 2020

Internal Use Only

Standards Efficiency Review Project

• Continue to identify projects from

Phase II work to be assigned to CCC for further consideration.

Schedule based on timing of feedback from Phase II SER Team

6 NERC SPM Independent Audit

• Work with NERC Internal Audit to support an independent audit to determine whether the Standards Development Process adheres to the ROP, the SPM, and other governing documents

Q2 2020

Internal Use Only

Chapter 5: Logistics and NERC Budget Requirements for CCC Activities

CCC Quarterly Meetings (Cost to be determined by NERC and industry) Assumptions: Four CCC meetings per year

• NERC staff attendance

• NERC travel expenses

• Hotel (Conference rooms if applicable – normally hosted at stakeholder locations or NERC offices)

• Food

CCC Program Audits/Review Assumptions: Audit/Review using an Independent Contractor.

• Audit frequency changes dependent on NERC internal monitoring capability as it continues to mature based upon recommendations of independent reviewer.

WebEx/Conference Calls (Cost to be determined by NERC) Assumptions: Three CCC/Subcommittees NERC WebEx or conference calls quarterly.

Stakeholder Perception Survey (Cost to be determined by NERC) Assumptions: At the request of the NERC Board, the CCC stakeholder survey is combined with the ERO effectiveness survey.

Training (Cost to be determined by NERC) Assumptions: Half-day of hearing training appended to regular CCC meeting every even year. CCC members should have the capability to assist with observation and creation of audit criteria to fulfill responsibilities under the CCC charter to conduct audits of NERC’s adherence to the ROP. Training is provided, to those new member participants, ahead of the audit activities. This training will be conducted as needed.

Agenda Item 3 NERC CCC Meeting

November 19-20, 2019

CCC Charter Revisions Action Review Background The Compliance Certification Committee (CCC) will review changes to the CCC Charter and discuss substantive revisions. Intent is presenting the revisions to the Committee for consideration with a timeline to request action via email. Charter revisions, if approved, will be submitted for NERC Board of Trustees approval in February 2020.

NERC | Compliance and Certification Committee Charter | February XXX 20182019 Approved by the NERC Board of Trustees February 8XXX XX, 20182019

I Restricted – Confidential

Compliance and Certification Committee Charter

Approved byFiled with FERC on June 28XXX XX, 20189, in Docket No. RR198-4XX-000.

February 8XXX XX, 20182019

i Restricted – Confidential

Table of Contents

Mission .......................................................................................................................................................................1

Compliance and Certification Committee Functions .................................................................................................2

Membership ...............................................................................................................................................................4

Goals .......................................................................................................................................................................4

Appointment and Terms of Service ........................................................................................................................4

Qualifications ..........................................................................................................................................................4

Expectations ............................................................................................................................................................4

Representation .......................................................................................................................................................5

Regional Entities ..................................................................................................................................................5

Canadian Representation ....................................................................................................................................6

NERC Membership ..............................................................................................................................................6

Selection .................................................................................................................................................................6

Nominating Subcommittee .................................................................................................................................6

Interim Approval .................................................................................................................................................7

Expertise ..............................................................................................................................................................7

Regional Entity Members ....................................................................................................................................7

Canadian Members .............................................................................................................................................7

Industry Sector Members .......................................................................................................................................7

General Nominations and Appointment Process ...................................................................................................7

Requesting Nominations .....................................................................................................................................7

Board Approval ...................................................................................................................................................8

Vacancies and Non-participation ........................................................................................................................8

Addressed on an Ongoing Basis ..........................................................................................................................8

Role of the Nominating Subcommittee ..............................................................................................................8

Resignations ............................................................................................................................................................8

By the Member ...................................................................................................................................................9

Requested by the Chair .......................................................................................................................................9

Referral to the Nominating Subcommittee.........................................................................................................9

By the Board ........................................................................................................................................................9

Interim Approval .................................................................................................................................................9

Proxies .................................................................................................................................................................9

Notification ..........................................................................................................................................................9

Serving as Proxy ............................................................................................................................................... 10

Table of Contents

NERC | Compliance and Certification Committee Charter | February XXX 20198 Approved by the NERC Board of Trustees February XXX 8XX, 20189

ii Restricted – Confidential

Exclusions ............................................................................................................................................................. 10

Regional Entity Staff ......................................................................................................................................... 10

Organizations ................................................................................................................................................... 10

NERC Staff ........................................................................................................................................................ 10

Changes in Member Affiliation ............................................................................................................................ 10

Conflict of Interest ............................................................................................................................................... 10

Meetings .................................................................................................................................................................. 11

Quorum ................................................................................................................................................................ 11

Two-thirds Requirement .................................................................................................................................. 11

Interim Basis ..................................................................................................................................................... 11

Lack of Quorum ................................................................................................................................................ 11

Voting ................................................................................................................................................................... 11

Antitrust Guidelines ............................................................................................................................................. 11

Open Meetings .................................................................................................................................................... 11

Confidential Sessions ........................................................................................................................................... 11

Types of Meetings ................................................................................................................................................ 11

Majority and Minority Views ............................................................................................................................... 11

Action Without a Meeting ................................................................................................................................... 12

Two-thirds Majority ......................................................................................................................................... 12

Procedure ......................................................................................................................................................... 12

Officers and Staff ..................................................................................................................................................... 13

General................................................................................................................................................................. 13

Number of Positions ......................................................................................................................................... 13

Officers ............................................................................................................................................................. 13

Executive .......................................................................................................................................................... 13

Secretary .......................................................................................................................................................... 13

Voting of Officers ............................................................................................................................................. 13

Officers Nominated by the Nominating Subcommittee .................................................................................. 14

Officers as Sector Representatives .................................................................................................................. 14

Chair ................................................................................................................................................................. 14

Vice Chair ......................................................................................................................................................... 14

Staff Coordinator .............................................................................................................................................. 14

Nominating Subcommittee ..................................................................................................................................... 15

Appointment ........................................................................................................................................................ 15

Five Members ................................................................................................................................................... 15

Table of Contents

iii Restricted – Confidential

Appointed Annually .......................................................................................................................................... 15

Length of term .................................................................................................................................................. 15

Duties ............................................................................................................................................................... 15

Subordinate Groups ................................................................................................................................................ 16

Committee Organization...................................................................................................................................... 16

Subgroups ............................................................................................................................................................ 16

Subcommittees ................................................................................................................................................ 16

Working Groups ............................................................................................................................................... 16

Task Forces ....................................................................................................................................................... 16

Membership and Representation ........................................................................................................................ 16

Procedures ........................................................................................................................................................... 17

Hearings ................................................................................................................................................................... 18

General................................................................................................................................................................. 18

Hearing Procedure ............................................................................................................................................... 18

Hearing Panel ....................................................................................................................................................... 18

Attachment A .......................................................................................................................................................... 19

CCC Membership Structure ................................................................................................................................. 19

1 Restricted – Confidential

Mission In the capacity ofAs a North American Electric Reliability Corporation (NERC) Board of Trustees (Board)-appointed stakeholder committee serving and reporting directly to the NERC Board, the Compliance and Certification Committee (CCC) will engage with, support, and advise the NERC Board and NERC regarding all facets of the NERC Compliance Monitoring and Enforcement Program (Compliance and Enforcement program), Organization Registration program (Registration program), and Organization Certification program (Certification program). As a committee providing support and advice but otherwise independent of the execution of these programs, tThe CCC will monitors NERC’s adherence to the Rules of Procedure (ROP) for these programs. Also, and in a similar manner, as a committee independent of the Reliability Standards development process, the CCC will be the body responsible for monitoringThe CCC also monitors NERC’s adherence to the (ROP) regarding the Reliability Standards development process with the exception ofexcept for appeals of substantive or procedural action or inaction associated with a Reliability Standard or the Reliability Standards development process as defined in the appeals section of the Standard Processes Manual. When applicable, Tthe CCC is also responsible for establishing and implementing a program to monitor NERC’s compliance with the Reliability Standards that apply to NERC.

Compliance and Certification Committee Functions To fulfill its mission, the CCC performs the following functions:

1. Organizes and conducts committee meetings directly with NERC staff regarding all facets of the Compliance and Enforcement, Registration, and Certification programs;1

2. Provides comments and recommendations to the NERC Board and NERC staff on the following:;

3.a. Provides comments to NERC with respect to stakeholders’ perception of the policies, practices, and effectiveness of the Compliance and Enforcement program, Registration program, and Certification program;

4.b. Recommends revisions of the electric reliability organization (ERO) ROP related to the Compliance and Enforcement program, Registration program, and Certification program to the NERC Board;

5.3. Establishes and implements programs to monitoMonitors NERC’s adherence to the following:r:2

a. NERC’s adherence to Section 405 of the ROP for Compliance Monitoring and Enforcement, including but not limited to the uniform CMEP (Appendix 4C) and the Sanction Guidelines (Appendix 4B).

b. NERC’s adherence to Section 506 of the ROP for Organization Registration and Certification, including but not limited to the Organization Registration and Certification Manual (Appendix 5A).

c. NERC’s adherence to Section 300 of the ROP regarding the Reliability Standards development process with the exception ofexcept for appeals of substantive or procedural action or inaction associated with a Reliability Standard or the Reliability Standards process as defined in the appeals section of the Reliability Standards Development Procedure. Committee members who have participated in the development process for a particular ReliabilityReliability Standard shall not participate in the committee's monitoring of that process.

. NERC’s compliance with the Reliability Standards that apply to NERC.

7.4. Serves as the hearing body for any contest regarding findings of or penalties or sanctions for violation(s) of Reliability Standard(s) where NERC is directly monitoring the entity for compliance with those standards (registered entity by agreement with a Regional Entity or absent a delegation agreement; the Region itself where approved standards are applicable to the Region) the Compliance Enforcement Authority as described in Section 408 of the NERC ROP;

8.5. As directed by the NERC Board, serves as the mediator for any disagreements between NERC and the Regional Entities concerning NERC performance audits of Regional Entities’ compliance programs. When directed by the NERC Board to serve as mediator, the committee chair will appoint three disinterested members of the committee to meet with representatives of NERC and the Regional Entity to attempt to resolve the matter. The appointed members shall be disinterested parties, registered in the Regional Entity associated with the disagreement or otherwise have any conflicts allowing the member to serve the role.

9.6. At the discretion of the CCC, participates as an observer in Regional Entity Compliance Program audits executed by NERC’s Internal Audit and Corporate Risk Management function, consistent withconducted pursuant to Appendix 4A of the ROP.

1 Meetings are conducted under Section 4 of this Charter. 2 Monitoring by the CCC is ongoing and does not preclude, interfere with or replace, in whole or in part, the NERC Board’s responsibility to conduct and provide such reviews of these programs as required by Federal Energy Regulatory Commission (the Commission) regulations, 18 C.F.R. § 39.3.c: “The Electric Reliability Organization shall submit an assessment of its performance three years from the date of certification by the Commission, and every five years thereafter.”

Formatted: List Numbering 2

Commented [NJ1]: Section 408 will need to be amended as no Regional Entities are subject to Reliability Standards anymore.

Commented [NJ2]: Should we define this as committee members who are not registered in the Region Entity in the disagreement or who does not otherwise have a conflict?

Compliance and Certification Committee Functions

10.7. Actively sSupports the Standards Committee in the development of new and revised Reliability sStandards by providing a pool of qualified compliance oriented personnel for participation in the compliance administration element phase of the standards development process; and,

11.8. Provides advisory assistance to the ERO Enterprise regarding NERC and the Regional Entities to implement the Compliance and Enforcement, Registration, and Certification programs; and

12.9. Undertakes assignments from the NERC Board or the NERC Board’s Compliance Committee related to Ccompliance and Eenforcement, Oorganization Rregistration and , organization cCertification, and Reliability sStandards Ddevelopment.

Formatted: Centered

Formatted: Tab stops: Not at 4.63"

Formatted: Tab stops: 5.34", Left

Formatted: Tab stops: Not at 5.34"

Formatted: Tab stops: 5.39", Left + Not at 4.63"

Membership Goals The CCC provides for balanced discussion, commentary, and recommendations on compliance issues by bringing together a wide diversity of opinions and perspectives from NERC member sector experts who have particular familiarityfamiliarity, knowledge, and experience in the area of compliance and NERC Reliability Standards and Regional Standards. Qualifications Individuals deemed qualified to serve on the committee will generally include senior-level industry experts who have particular familiarity, knowledge, and experience in the area of compliance, compliance enforcement, compliance administration and management, organization responsibilities and registration, organization certification, and NERC Standards and Regional Standards. These individuals should be involved with internal compliance programs within their respective organizations. Appointment and Terms of Service Members are The Nominating Subcommittee of the CCC recommends members appointed to the committee by to the NERC Board for appointment. Self-nominations are permitted. and Members appointed to the committee by the NERC Board serve on the committee at the pleasure of the Board. Member terms are the lesser of three years from Board appointmentor interim approval (Section 5.b), replacement, or removal by the Board. Members may be reappointed at the conclusion of a term. There is no limitation on the number of times a member may be reappointed. A member may be recommended to the Board for reappointment by the Nominating Subcommittee by self- nomination. To the extent practicable, member terms will be staggered such that approximately one-third of the committee is subject to reappointment or replacement each year. Qualifications All individuals deemed qualified to serve on the committee will generally include senior-level industry experts who have familiarity, knowledge, and experience with compliance, compliance enforcement, compliance administration and management, risk management, organization registration and certification responsibilities, or NERC Reliability Standards within their respective organizations. Member Expectations Committee members are expected to represent the interests of their sector or a broad industry viewthey represent to the best of their ability and judgment. In addition to the duties, rights, and privileges described elsewhere in this charter, committee members will:

1. Act consistently during meetings with the procedures in this manual Charter and Robert’s Rules of Order;

1.2. Adhere to NERC Anti-Trust Guidelines and Participant Conduct Policy

2.3. Demonstrate and provide knowledge and expertise in support of committee activities;

3.4. Adjudicate in a fair and unbiased manner that meets applicable legal and due process requirements when participating in hearing procedures conducted under the NERC ROP Section 408;

4.5. Solicit comments and opinions from constituents and groups of constituents or trade organizations represented by the member and convey them to the committee;

5.6. Respond promptly to all committee requests, including requests for reviews, comments, and votes on issues before the committee;

6.7. Arrange for a proxy to attend and vote at committee meetings in the member’s absence; and

Commented [YL3]: change to approval

Commented [NJ4]: We need to rethink the concept of “interim approval.”

Commented [NJ5]: Is there any interest in referencing the Participant Policy and creating barriers to participation if that policy (and similar policies) is violated?

Membership

Page NERC | Compliance and Certification Committee Charter | February XXX 20189 Approved by the NERC Board of Trustees February XXX 8XX, 20189

7.8. Respond promptly to all requests to register for committee meetings. Representation The membership structure of the CCC will be modeled upon the membership structure of the NERC Member Representatives Committee (MRC) as described in NERC’s Bylaws (the Bylaws) Article VIII Section 2 [see Attachment A]. This should produce a committee that has an appropriate balance of entities subject to compliance with the NERC Reliability Standards and NERC’s Compliance and Enforcement program, and others affected by the Standards and the Compliance and Enforcement program.with sector, size, and asset (i.e., transmission, distribution, load, generation, etc.) diversity as well as subject matter diversity with expertise in areas pertinent to the Committee business. Industry Sector Members The Nominating Subcommittee will assess the qualifications of nominees and select individuals to recommend to the NERC Board for appointment to the committee. The subcommittee may give preference to candidates nominated by organizations generally considered by the industry as representative of a broad cross-section of the industry sector in question, such as an industry trade association. Membership will be a hybrid model composed of Sector Representatives and At Large Representatives. Membership excludes Regional Entity personnel. Each member shall elect to be assigned to one of the following membership sectors: (1) Investor-owned utility, (2) State/municipal utility, (3) Cooperative utility, (4) federal or provisional utility/power marketing administration (5) Transmission-dependent utility (6) Merchant electricity generator, (7) Electricity Marketer, (8) Large end use electricity customer, (9) Small end use electricity customer, (10) ISO/RTO, (12) Government Representatives. A member may elect to be assigned to any sector so long as membership in the sector is consistent with the member’s business or other activities. A NERC Member sectors or formative organizations or bodies may may elect to identify sector representatives for nomination to the Nominating Subcommittee through a Committee process approved by the NERC Board. Regional EntitiesAt Large Members At-large is a designation for members of industry who are appointed to ensure that final configuration of the Committee best reflects the perspectives of the whole membership of the industry. At large membership is intended to balance the needs of the committee to ensure performance of its responsibilities under the ROP. Those responsibilities require diverse perspectives representing interconnections, regional views, country specific views and expertise. At large positions will be proposed to the NERC BOT after consideration of the appropriate balance of these criteria. To the extent practicable, At Large Representatives will come from entities that collectively meet the following criteria for balanced representation: (i) geographic diversity from all interconnections and ERO Enterprise Regional Entities, (ii) high-level understanding and perspective on reliability risks based on experience at an organization in the electricity sector, (iii) experience and expertise from an organization in the electricity sector relevant to the Committee purview, and, (iv) experience in an executive-level position or similar position at an organization in the electricity sector.Each Regional Entity, or the applicable regional organization if no Regional Entity exists, for the geographic area, may nominate one member to the committee. In aggregate, the sector will have voting strength equivalent to two members. The voting weight of each Regional member’s vote will be set such that the sum of the weight of all available Regional members’ votes is two votes.

Formatted: Heading 3,Subheading 1

Formatted: Font: +Body (Calibri), Not Bold

Commented [NJ6]: The bylaws provide the following for the MRC: “A member may elect to be assigned to any sector so long as membership in the sector is consistent with the member’s business or other activities.”

Formatted: Font: +Body (Calibri), Not Bold

Formatted: Highlight

Membership

Canadian Representation The committee structure will include representation by Canadians as laid out in Article VIII Section 4 of the Bylaws.The Nominating Subcommittee, described below, will endeavor to attract and engage Canadians with suitable qualifications and expertise in adequate numbers to satisfy Article VIII Section 4 of the Bylaws. To the extent practicable, recognized Canadian organizations such as the Canadian Electricity Association and Canada’s Energy and Utility Regulators will be consulted and solicited for assistance in recruiting Canadians to serve on the committee. NERC Membership Users, owners, and operators of the bulk power system are subject to the Compliance, Registration, and Certification programs regardless of whether they are NERC members. It is expected that committee members will generally be from organizations who are NERC members; however, Uany users, owners, and oor operators of the bulk power system are subject to the Compliance, Registration, and Certification programs regardless of whether they are NERC members. committee members may be non-members of NERC who are subject to theand who satisfies the qualifications identified herein may be a member of the CCC. and meeting requirements laid out in the Bylaws for non-NERC-member participation in the MRC. Member Selection The CCC will conduct open nominations processes to receive nominations to fill any membership vacancies. Prospective members of the committee may be identified to the CCC via any means the committee finds acceptable, including:

1. solicited or unsolicited nomination by a recognized industry group or association, 2. general open solicitation by the committee for nomination(s), individuals’ 3. self-nomination, 4. directed solicitation by the committee to an individual or individuals, or, 5. referral by the Board or other NERC body or committee.

Nominating Subcommittee The CCCCommittee chair will annually appoint a Nominating Subcommittee to identify, qualify, and recommend individuals to fill sector representative vacancies on the committee. The subcommittee will consist of five members nominated by the committee chair and approved by the committee. The chair of the subcommittee will be selected by the CCC chair from among the five subcommittee members annually. Members of the subcommittee will serve in conjunction with the term of the CCC chair that selects the subcommittee members. or, when required, to serve as the chair or vice chair of the committee. The Ssubcommittee will identify the individuals they are recommendrecommend identified members for appointmenting to the full CCC for review. Individuals recommended by the Ssubcommittee for appointment to the ccommittee must be approved by the NERC Board. The Subcommittee may give preference to candidates nominated by organizations generally considered by the industry as representative of a broad cross-section of the industry sector in question, such as an industry trade association. In addition, the Nominating Subcommittee will manage, when required, the process to elect the chair and / or vice chair of the committee.

Formatted: List Paragraph, Numbered + Level: 1 +Numbering Style: 1, 2, 3, … + Start at: 1 + Alignment: Left+ Aligned at: 0.25" + Indent at: 0.5"

Commented [NJ7]: How is this different than referral by the committee?

Commented [YL8]: Is there a reason the entire committee doesn't decide on who holds these positions?

Commented [YL9]: are we referring to the chair of the CCC?

Membership

Duties In addition to the duties, rights, and privileges described elsewhere in this charter, members of the Nominating Subcommittee will: 1. Prepare a slate of committee officer candidates for submission to the NERC Board for approval, and 2. Prepare a slate of recommended individuals to fill designated committee vacancies as required Interim Approval Upon approval of the committee, individuals identified and selected by the Nominating Subcommittee for membership on the committee may serve as members on an interim basis pending their approval and appointment by the NERC Board. Expertise When selecting individuals to recommend for committee membership, the Nominating Subcommittee will seek to engage individuals who, in aggregate, provide the committee with a level and breadth of expertise sufficient to achieve its goals and fulfill its scope and responsibilities while respecting other important factors such as industry sector, Region, interconnection, and country. Regional Entity Members Each Regional Entity, or the applicable regional organization if no Regional Entity exists for the geographic area, may nominate an individual to serve as a member representing their organization. The Nominating Subcommittee will defer to these nominations. The nomination is non-binding upon the Board. Vacancies on the committee will exist where the Regional Reliability Organization or Regional Entity has not provided a nomination. Canadian Members The Nominating Subcommittee will endeavor to attract and engage Canadians with suitable qualifications and expertise in adequate numbers to satisfy Article VIII Section 4 of the Bylaws. Recognized Canadian organizations such as the Canadian Electricity Association and Canada’s Energy and Utility Regulators will be consulted and solicited for assistance in recruiting Canadians to serve on the committee. All members considered to be serving as Canadians on the committee will be expected to have an endorsement, as appropriate, of such an organization. Canadian representatives should be capable of representing Canadian viewpoints in committee activities, in addition to the sector that they otherwise represent. Consistent with practice regarding the MRC, the Board may appoint additional Canadian individuals to the committee towards satisfying Article VIII Section 4 of the Bylaws. Industry Sector Members The Nominating Subcommittee will assess the qualifications of nominees and select individuals to recommend to the NERC Board for appointment to the committee. The subcommittee may give preference to candidates nominated by organizations generally considered by the industry as representative of a broad cross-section of the industry sector in question, such as an industry trade association. A NERC Member sector may elect to identify sector representatives for nomination to the Nominating Subcommittee through a process approved by the NERC Board. General Nominations and Appointment Process The committee’s secretary administers the general nominations process. Requesting Nominations The NERC staff will request nominations and will forward all nominations received to the Nominating Subcommittee. The Nominating Subcommittee will then prepare its recommended slate of members. The recommended slate will be reviewed by the whole committee for information purposes before it is submitted to

Formatted: Heading 3,Subheading 1

Commented [YL10]: Is there a reason the full CCC isn't required to approve?

Commented [NJ11]: Should we get rid of this concept? It is hard to administer and implement.

Commented [ST12]: I didn’t make the change, but query whether we should make a wholesale change throughout the document, using the term “CCC” instead of “Committee.” Would be helpful for clarity, especially when certain statements refer to committees and subcommittees in the same sentence.

Commented [YL13]: duplicative of qualifications. Recommend deleting.

Commented [JF14]: Repeat language but this is more informative. Keep this section?

Membership

the Board. The committee may approve the slate to serve as members on an interim basis, pending appointment by the Board at the Board’s earliest convenience, but will not otherwise act on the slate. Board Approval The Nominating Subcommittee will present the recommended committee membership slate to the Board for approval. If the Board approves the recommended committee slate, each member on the slate is appointed. The Board may also appoint members individually as needed to meet membership balance and fill vacancies. Vacancies and Non-participation The committee’s secretary will administer the nominations process for vacancies on the committee. Addressed on an Ongoing Basis Vacancies on the committee willcan be addressed bi-annuallyon an ongoing basis through receipt and consideration of both solicited and unsolicited nominations for the vacant positions. Role of the Nominating Subcommittee Nominations received for vacancies will be vetted by the Nominating Subcommittee in the same manner as general nominations. The subcommittee may subsequently and individually recommend nominees they deem qualified to the NERC Board for consideration for appointment to the committee. Existing committee members may also approve such individuals to serve as members on an interim basis pending full appointment by the Board. Exclusions Member Exclusions Regional Entity Staff Regional Entity personnelstaff members who administer any portion of the Compliance and Enforcement program, Registration program, or Certification program for that Regional Entity, or for any other Regional Entity, may not serve as a member of the CCC. NERC shall have an Executive Committee Sponsor and The Director of Compliance Assurance shall not be a member of the committee or vote on committee business. The Executive Committee SponsorDirector of Compliance Assurance and the secretary shall be recused from participating in any committee activity that involves monitoring of NERC’s adherence to ROP or activity that the Executive Committee Sponsor oversees. If the secretary has been recused from participating in a Committee activity, the chair shall appoint another member of the committee as acting secretary for any meetings or other activities from which the secretary is recused. Affiliate Organizations No two individuals from the same organization, or affiliated organizations, may serve concurrently on the committee. Any committee member who has a membership conflict of this nature is obligated to notify the committee secretary within ten (10) business days of the change or to request additional time for consideration if necessary. The committee secretary will in turn report the change to the CCC chair. The committee secretary will ensure that such changes are incorporated into the CCC membership roster. , who shall inform the committee chair. Members impacted by such a conflict, such as through a merger of organizations, may confer between themselves to determine which member should resign from the committee and notify the committee secretary and chair; however, if both members are within the same industry sector and cannot reach an amicable solution by determining the member to remain, the Nominating Subcommittee will review the qualifications of each member and propose the member to remain to the full committee who will determine which member shall continue to serve, subject to Board approval. If the conflict is not resolved in a timely manner by the impacted members, the committee chair shall notify all members of the affected industry sectors recommending actions to resolve the

Commented [YL15]: Nina, why did we remove this from the Charter? Is the intent to move to the NS procedure?

Formatted: Normal

Commented [JF16]: What staff does this leave that have the expertise to serve on the committee? This type of membership isn’t adequately explained in the Membership section.

Formatted: Default Paragraph Font, Font:

Commented [YL17]: are we ok with this

Commented [JF18]: Can we broaden this to describe the role versus title? Who is this now? Need clarity.

Commented [YL19]: is this defined?

Formatted: Highlight

Commented [JF20]: I like this. Likely long enough but in circumstance of a leadership role – this may not be enough time (M&A) or if term (company responsibility) or personal choice (ok with proposed). Thoughts?

Membership

conflict. If the membership conflict is still unresolved, the committee chair shall take the conflict to the NERC Board for resolution. NERC Staff The Director of Compliance Assurance shall not be a member of the committee or vote on committee business. The Director of Compliance Assurance and the secretary shall be recused from participating in any committee activity that involves monitoring of NERC’s adherence to ROP or activity that the Director of Compliance Assurance oversees. If the NERC staff coordinator has been recused from participating in a Committee activity, the chair shall appoint another member of the committee as acting secretary for any meetings or other activities from which the NERC staff coordinator is recused. Member Resignations By the Member In the event a member can no longer serve on the committee, that member will submit a written resignation to the committee chair or the secretary. Requested by the Chair The chair may request any committee member who ceases to participate in the committee or fulfill the membership duties described in the Membership Expectations section of this document, as indicated by not attending or sending a proxy for two consecutive meetings, to submit a resignation or to request continuation of membership with an explanation of extenuating circumstances. If a written response is not received within 30 days of the chair’s request, the lack of response will be considered a resignation. Referral to the Nominating Subcommittee The committee chair will refer the vacancy resulting from a resignation to the Nominating Subcommittee of the committee. If a recent list of nominations is available to the Nominating Subcommittee that it deems to be valid, the subcommittee will recommend a replacement nominee; otherwise, the subcommittee will request NERC staff prepare a new solicitation for nominations to fill that position. The Nominating Subcommittee will follow the previously stated criteria in recommending a replacement. By the Board Committee members serve at the pleasure of the NERC Board who may request resignation from, remove, or replace a member from the committee, as the NERC Board deems appropriate. Interim Approval The committee chair may seek a vote of the committee to allow the proposed replacement member to be seated, pending appointment of the replacement at the Board’s next scheduled meeting. Proxies Proxies can only be a person who is a member, or an officer, executive-level employee, agent or representative of a member, registered in the same sector. A substitute representative, or proxy, may attend and vote during all or a portion of a committee meeting in lieu of a voting member provided the absent member notifies the committee chair, vice chair, or secretary of the proxy. Notification Such notification will be in writing (electronic medium is acceptable). The proxy representatives and their affiliation will be named in the correspondence.

Commented [NJ21]: Allow for more fleivility

Membership

Serving as Proxy A voting member of a committee may not serve as a proxy for another voting member on the same committee (i.e. a member may not cast more than their own vote). Exclusions Regional Entity Staff Regional Entity staff members who administer any portion of the Compliance and Enforcement program, Registration program, or Certification program for that Regional Entity, or for any other Regional Entity, may not serve as a member of the CCC. Organizations No two individuals from the same organization, or affiliated organizations, may serve concurrently on the committee. Any committee member who has a membership conflict of this nature is obligated to notify the committee secretary, who shall inform the committee chair. Members impacted by such a conflict, such as through a merger of organizations, may confer between themselves to determine which member should resign from the committee and notify the committee secretary and chair; however, if both members are within the same industry sector and cannot reach an amicable solution by determining the member to remain, the Nominating Subcommittee will review the qualifications of each member and propose the member to remain to the full committee who will determine which member shall continue to serve, subject to Board approval. If the conflict is not resolved in a timely manner by the impacted members, the committee chair shall notify all members of the affected industry sectors recommending actions to resolve the conflict. If the membership conflict is still unresolved, the committee chair shall take the conflict to the NERC Board for resolution. NERC Staff The Director of Compliance Assurance shall not be a member of the committee or vote on committee business. The Director of Compliance Assurance and the secretary shall be recused from participating in any committee activity that involves monitoring of NERC’s adherence to ROP or activity that the Director of Compliance Assurance oversees. If the NERC staff coordinator has been recused from participating in a Committee activity, the chair shall appoint another member of the committee as acting secretary for any meetings or other activities from which the NERC staff coordinator is recused. Changes in Member Affiliation A committee member whose affiliation has changed may retain the membership position under these circumstances:

1. The new organization is in the same industry sector, and

2. The member meets all other membership requirements. Conflict of Interest No committee member may have a conflict of interest that would impair his or her ability to fulfill obligations under this charter. Any committee member who knows of any form of membership conflict, such as working for an entity affiliated with that of another committee member, will is obligated to notify the committee chair within ten (10) business days of obtaining that knowledge.

Meetings In the absence of specific provisions in this manual, all committee meetings will follow Roberts Rules of Order. Quorum Two-thirds Requirement The quorum necessary for transacting business at meetings of the committee is two-thirds of the voting members currently on the committee’s roster. Interim Basis Voting members approved by the committee on an interim basis, pending appointment by the Board, will be counted in the determination of a quorum. Lack of Quorum If a quorum is not present at the beginning of the meeting, the committee may not take any actions requiring a vote by the committee; however, the chair may, with the consent of the majority of members present, elect to allow discussion of the agenda items. Voting Actions by members of the committee will be approved upon receipt of the affirmative vote of two-thirds of the votes present (including proportional votes by Regional Representatives) at any meeting at which a quorum is present. Antitrust Guidelines All persons attending or otherwise participating in a NERC committee meeting will act in accordance with NERC’s Antitrust Compliance Guidelines at all times during the meeting. Open Meetings NERC committee meetings will be open to the public, except as noted below under Confidential Information. Confidential Sessions At the discretion of the CCC chair, a meeting or portion of a meeting may have attendance limited based on confidentiality of the information to be disclosed at the meeting. Such limitations should be applied sparingly and on a non-discriminatory basis as needed to protect information that is sensitive information or confidential information to one or more parties. All hearings of compliance matters will be confidential sessions. Confidential information will only be disclosed as provided by Section 1500 of the NERC ROP 1500. Confidentiality agreements may also be applied, as necessary, to protect sensitive information or confidential information. Types of Meetings Meetings may beare conducted in person, by conference call, or by other means. The procedures contained in this manual will apply to all meetings regardless of how they are conducted. Majority and Minority Views All members of a committee will be given the opportunity to provide alternative views on an issue. The results of committee actions, including recorded minutes, will reflect the majority as well as any minority views of the committee members. The chair will communicate both the majority and any minority views in presenting results to the NERC Board.

Commented [JF22]: All members? Does this need to be clarified?

Commented [NJ23]: Already covered above.

Commented [YL24]: This is not covered in the Charter. Reinstate language?

Meetings

Action Without a Meeting Two-thirds Majority Any action required or permitted at a meeting of the committee may be taken without a meeting if two-thirds of the total votes available to the members of the CCC (including the proportional votes available to Regional Representatives) approve taking the action outside of a meeting. Procedure Such action without a meeting will be performed by mail or electronic ballot (e.g., telephone, fax, email, or Internet) and will be recorded in the minutes as a roll call ballot. The secretary will announce the action required at least 10 days before the date on which the action is to be voted. As time permits, members should be allowed a window of 10 business days to vote. The secretary will provide the results of such an action within 10 business days of the close of the voting period.

Officers and Staff General Number of Positions The committee will have one secretary and two officers – one chair and one vice-chairand one secretary. Secretary A member of the NERC staff will serve as the secretary of the committee. The secretary is not a committee member and does not have a vote. The secretary will do the following:

1. Manage the day-to-day operations and business of the committee;

2. Facilitate effective administration of committee procedures;

3. Prepare and distribute the notices of the committee meetings, prepare the meeting agenda, and prepare and distribute the minutes of the committee meetings; and,

4. Act as the committee’s parliamentarian. Officers The committee officers will be one chair and one vice chair. Officers Nominated by the Nominating SubcommitteeOfficer Selection The CCC Nominating Subcommittee will recommend a chair and a vice chair from among the voting members annually for committee endorsement. The chair and vice chair who are then appointed by the NERC Board for a two-year term. The term of the chair and the vice chair, except for the first year, will begin on July 1 and end on June 30. Officers as Sector Representatives The chair and vice chair shall not have been representatives of the same sector. As the chair and vice chair shall continue to act as representative of the sectors upon appointment by the NERC Board, the administrative roles and responsibilities of the chair and vice-chair must be performed independently of the sectors they represent. The chair and vice chair are selected from the membership of the committee and, in addition to their chair or vice chair responsibilities, will continue to serve as a member for the sector for which they were appointed to the committee. Voting of Officers The committee chair and vice chair are voting members of the committee. Executive The committee shall retain an Executive Committee consisting of the committee officers, subcommittee chairs, secretary, and the NERC Executive Committee SponsorDirector of Compliance Assurance. Secretary The NERC staff coordinator will serve as the committee’s secretary. Voting of Officers The committee chair and vice chair are voting members of the committee.

Formatted: Font: 14 pt

Formatted: Font: (Default) Calibri, 11 pt, Not Bold, Fontcolor: Auto

Formatted: List Numbering, Numbered + Level: 1 +Numbering Style: 1, 2, 3, … + Start at: 1 + Alignment: Left+ Aligned at: 0.25" + Indent at: 0.5"

Formatted: Font: (Default) Calibri, 11 pt, Not Bold, Fontcolor: Auto

Commented [YL25]: delete voting?

Commented [JF26]: The Committee has been taking a vote. This is not reflected here. Do we need to revise to state that the Nominating Subcommittee manages the process but the Committee makes the recommendation by vote to the Board for approval? Or do we revise practice?

Officers and Staff

Officers Nominated by the Nominating Subcommittee The CCC Nominating Subcommittee will recommend a chair and a vice chair who are then appointed by the NERC Board for a two-year term. The term of the chair and the vice chair, except for the first year, will begin on July 1 and end on June 30. Officers as Sector Representatives The chair and vice chair are selected from the membership of the committee and, in addition to their chair or vice chair responsibilities, will continue to serve as a member for the sector for which they were appointed to the committee. Chair The chair will direct and provide general supervision of committee activities, including the following:

1. Coordinate the schedule of all committee meetings, including approval of meeting duration and location;

2. Develop committee agendas and rule on any deviation, addition, or deletion from a published agenda;

3. Preside at and manage committee meetings, including the nature and length of discussion, recognition of speakers and proxies, motions, and voting;

4. Will lead or direct the conduct of any hearings and the preparation of any adjudicatory documents by the committee under Section 408 of the NERC ROP;

5. Will ensure actions and undertakings by the committee under the NERC ROP Section 408 meet all applicable legal and due process requirements;

6. Will act as spokesperson for the committee at forums inside and outside of NERC; and

7. May attend meetings of the NERC Board when necessary to report to the Board on committee activities. Vice Chair The vice chair will assume the responsibilities of the chair under the following conditions:

1. At the discretion of the chair (for brief periods of time);

2. When the chair is absent or temporarily unable to perform the chair’s duties; or

3. When the chair is permanently unavailable or unable to perform the chair’s duties. In the case of a permanent change, the vice chair will continue to serve until a new chair is nominated and selected appointed by the NERC Board.

Staff Coordinator A member of the NERC staff will be selected by NERC’s Director of Compliance Assurance to serve as the staff coordinator and secretary of the committee. The staff coordinator is not a committee member and does not have a vote. Under the direction of the committee executive and applicable NERC bylaws, guidelines, and ROP, the staff coordinator will do the following:

1. Manage the day-to-day operation and business of the committee;

2. Prepare and distribute the notices of the committee meetings, prepare the meeting agenda, and prepare and distribute the minutes of the committee meetings; and

3. Act as the committee’s parliamentarian.

Formatted: Numbered + Level: 1 + Numbering Style: 1, 2,3, … + Start at: 1 + Alignment: Left + Aligned at: 0.25" +Indent at: 0.5"

Commented [JF28]: Appointed or approved?

Commented [ST29]: See JF8 Comment

Nominating Subcommittee Appointment The CCC Chair will annually appoint a Nominating Subcommittee. The Nominating Subcommittee membership will be offered to the full Committee before the Subcommittee appointment. Five Members The subcommittee will consist of five members nominated by the committee chair and approved by the committee. The chair of the subcommittee will be selected by the CCC chair from among the five subcommittee members. Appointed Annually The chair will appoint the subcommittee members at the first regular meeting of the committee of the calendar year. Length of term The subcommittee members will serve for up to 14 months or until a new Nominating Subcommittee is authorized, whichever is earlier. Duties In addition to the duties, rights, and privileges described elsewhere in this manual, members of the Nominating Subcommittee will:

1. Prepare a slate of committee officer candidates for submission to the NERC Board for approval, and

2. Prepare a slate of recommended individuals to fill designated committee vacancies as required.

Commented [JF30]: The Charter discusses this multiple times. Can we revise and truncate the discussion to one section with better detail about the practices? How does this compare with MRC?

Commented [JF31]: This does not represent past practice.

Subordinate Groups Committee Organization The CCC organizational structure will be arranged as allowed in the NERC Bylaws to support a superior-subordinate hierarchy that is ordered as follows: a committee, a subcommittee, a working group, and a task force, with a committee being primary and a task force being quaternary. Subgroups The committee may establish subcommittees, working groups, and task forces as necessary. The committee chair may also form any of these subordinate groups on behalf of the committee. The committee will be the responsible sponsor of all subordinate subcommittees, working groups, or task forces it may create, or that its subordinate subcommittees and working groups may create. The committee will keep the Board informed of all groups subordinate to the committee. Subcommittees The committee may establish subcommittees to which the committee may delegate some of the committee’s broadly defined continuing functions. The committee will approve the scope of each subcommittee it forms. The committee chair will appoint the subcommittee officers (typically a chair and a vice chair) for a specific term (generally two years). The subcommittee officers may be reappointed for up to two additional terms. The subcommittee will work within its assigned scope and be accountable for the responsibilities assigned to it by the committee. The formation of a subcommittee, due to the permanency of the subcommittee, will be approved by the Board. Working Groups The committee or any of its subcommittees may delegate specific continuing functions to a working group. The sponsoring committee or subcommittee will approve the scope of each working group it forms. The chair of the sponsoring committee or subcommittee will appoint the working group officers (typically a chair and a vice chair) for a specific term (generally two years). The working group officers may be reappointed for up to two additional terms. The sponsoring committee or subcommittee will conduct a “sunset” review of each working group every two years. The working group will be accountable for the responsibilities assigned to it by the committee or subcommittee and will, at all times, work within its assigned scope. Task Forces The committee, subcommittee, or working group may assign specific work of a finite duration to a task force. The sponsoring committee, subcommittee, or working group will approve the scope of each task force it forms. The chair of the sponsoring committee, subcommittee, or working group will appoint the task force officers (typically a chair and a vice chair). Each task force will have a finite duration, normally less than one year. The sponsoring group will review the task force scope at the end of the expected duration and at each subsequent meeting of the sponsoring group after that until the task force is retired. Action of the task force sponsoring group is required to continue the task force past its defined duration. The sponsoring group should consider promoting to a working group any task force that is required to work longer than one year. Membership and Representation The membership of each subcommittee, working group, and task force should be established to address the need for expertise and balance of interests. Each group’s membership requirements will be defined within the group’s approved scope. As a general guide, the broader the group’s scope, the more emphasis there should be on balancing of interests. Therefore, subcommittees would be expected to have the broadest representation of appropriate industry

Subordinate Groups

sectors, while a task force may be more focused on simply having the necessary expertise, and a working group may be somewhere between. Each member of a subordinate group, and its officers, will be appointed by the chair of the sponsoring committee or group. To the extent subgroup membership is of a representative nature, recommendations for staffing of the group should be provided in a manner consistent with the principles outlined in the staffing of a committee, including the use of an open nominations process. Regional Entity representatives should be recommended by the Regional Entity and Canadian representatives by the Canadian Electricity Association. Preference may also be given to representatives recommended by broadly-based industry associations. To the extent that subgroup membership is based on providing requisite expertise, the chair of the sponsoring committee or group may appoint members based on the relevant technical qualifications. Procedures Subcommittees, working groups, and taskforces will conduct business in a manner consistent with all applicable sections of this manual and Robert’s Rules of Order. CCC documents relating to the topics in the NERC Rules of Procedure will require Board of Trustee Approval.

Hearings General The CCC will conduct hearings, as necessary, to fulfill its function of serving as the hearing body for any contest between NERC and a Regional Entity regarding NERC findings, penalties, or sanctions for violation(s) of Reliability Standard(s) by the Regional Entity as described in Section 408 of the NERC ROP. Hearing Procedure Unless specifically identified otherwise elsewhere in this charter, the CCC’s hearing procedure shall follow the hearing procedure mandated and approved by jurisdictional authorities for use by NERC and the Regional Entities in the Compliance and Enforcement program. Hearing Panel The committee shall not have a standing hearing panel. When a hearing is to be conducted, the CCC shall select five members to serve as the adjudicatory panel for that hearing. Members to serve on the panel shall be selected by vote of a valid quorum of the committee. Voting members of the committee at arm’s length from parties to the hearing may be nominated or volunteer to stand for selection to the hearing panel. One or more alternates may also be selected, as the committee deems appropriate for the circumstances. A member may serve on more than one panel concurrently. A panel is disbanded upon conclusion of the hearing proceedings for which it was formed.

Attachment A CCC Membership Structure

Primary Sector Sub-Sector Number of Members Full Voting Proportional

Voting Non-Voting

Investor-Owned Utility 2 X State/Municipal Utility 2 X Cooperative Utility 2 X Federal or Provincial Utility/Federal Power Marketing Administration

Transmission Dependent Utility 2 X

Merchant Electricity Generator 2 X

Electricity Marketer 2 X Large End-use Electricity Customer 2 X

Small End-use Electricity Customer 2 X

Independent System Operator/Regional Transmission Organization

Regional Entity FRCC 1 X RFC 1 X

ERCOT 1 X MRO 1 X NPCC 1 X SERC 1 X SPP 1 X

WECC 1 X Government U.S. State 2 X

U.S. Federal 2 X Canadian Provincial 1 X

Canadian Federal 1 X At Large Position 6 X

Total 324

Formatted: Font: +Body (Calibri)

NERC | Compliance and Certification Committee Charter | XXX 2019 Approved by the NERC Board of Trustees XXX XX, 2019

I Restricted – Confidential

Compliance and Certification Committee Charter

Filed with FERC on XXX XX, 2019, in Docket No. RR19-XX-000.

XXX XX, 2019

i Restricted – Confidential

Table of Contents

Mission .......................................................................................................................................................................1

Compliance and Certification Committee Functions .................................................................................................2

Membership ...............................................................................................................................................................4

Goals .......................................................................................................................................................................4

Appointment and Terms of Service ........................................................................................................................4

Qualifications ..........................................................................................................................................................4

Expectations ............................................................................................................................................................4

Representation .......................................................................................................................................................4

Regional Entities ..................................................................................................................................................5

Canadian Representation ....................................................................................................................................5

NERC Membership ..............................................................................................................................................5

Selection .................................................................................................................................................................5

Nominating Subcommittee .................................................................................................................................6

Interim Approval .................................................................................................. Error! Bookmark not defined.

Expertise ..............................................................................................................................................................6

Regional Entity Members ..................................................................................... Error! Bookmark not defined.

Canadian Members .............................................................................................. Error! Bookmark not defined.

Industry Sector Members ........................................................................................ Error! Bookmark not defined.

General Nominations and Appointment Process .................................................... Error! Bookmark not defined.

Requesting Nominations ...................................................................................... Error! Bookmark not defined.

Board Approval ...................................................................................................................................................6

Vacancies and Non-participation ........................................................................................................................6

Addressed on an Ongoing Basis ........................................................................... Error! Bookmark not defined.

Role of the Nominating Subcommittee ............................................................... Error! Bookmark not defined.

Resignations ............................................................................................................................................................6

By the Member ...................................................................................................................................................7

Requested by the Chair .......................................................................................................................................7

Referral to the Nominating Subcommittee.........................................................................................................7

By the Board ........................................................................................................................................................7

Interim Approval .................................................................................................. Error! Bookmark not defined.

Proxies .................................................................................................................................................................8

Notification ........................................................................................................... Error! Bookmark not defined.

Serving as Proxy ................................................................................................... Error! Bookmark not defined.

Table of Contents

ii Restricted – Confidential

Exclusions ................................................................................................................. Error! Bookmark not defined.

Regional Entity Staff ............................................................................................. Error! Bookmark not defined.

Organizations ....................................................................................................... Error! Bookmark not defined.

NERC Staff ............................................................................................................ Error! Bookmark not defined.

Changes in Member Affiliation ................................................................................ Error! Bookmark not defined.

Conflict of Interest ..................................................................................................................................................8

Meetings .....................................................................................................................................................................9

Quorum ...................................................................................................................................................................9

Two-thirds Requirement .....................................................................................................................................9

Interim Basis ......................................................................................................... Error! Bookmark not defined.

Lack of Quorum ...................................................................................................................................................9

Voting ......................................................................................................................................................................9

Antitrust Guidelines ................................................................................................. Error! Bookmark not defined.

Open Meetings .......................................................................................................................................................9

Confidential Sessions ..............................................................................................................................................9

Types of Meetings ...................................................................................................................................................9

Majority and Minority Views ..................................................................................................................................9

Action Without a Meeting ......................................................................................................................................9

Two-thirds Majority ............................................................................................. Error! Bookmark not defined.

Procedure ............................................................................................................................................................9

Officers and Staff ..................................................................................................................................................... 11

General..................................................................................................................... Error! Bookmark not defined.

Number of Positions ......................................................................................................................................... 11

Officers ............................................................................................................................................................. 11

Executive .......................................................................................................................................................... 11

Secretary .............................................................................................................. Error! Bookmark not defined.

Voting of Officers ................................................................................................. Error! Bookmark not defined.

Officers Nominated by the Nominating Subcommittee ...................................... Error! Bookmark not defined.

Officers as Sector Representatives ...................................................................... Error! Bookmark not defined.

Chair ................................................................................................................................................................. 11

Vice Chair ......................................................................................................................................................... 12

Staff Coordinator .................................................................................................. Error! Bookmark not defined.

Nominating Subcommittee ......................................................................................... Error! Bookmark not defined.

Appointment ............................................................................................................ Error! Bookmark not defined.

Five Members ....................................................................................................... Error! Bookmark not defined.

Table of Contents

iii Restricted – Confidential

Appointed Annually .............................................................................................. Error! Bookmark not defined.

Length of term ...................................................................................................... Error! Bookmark not defined.

Duties ................................................................................................................... Error! Bookmark not defined.

Subordinate Groups ................................................................................................................................................ 13

Committee Organization...................................................................................................................................... 13

Subgroups ............................................................................................................................................................ 13

Subcommittees ................................................................................................................................................ 13

Working Groups ............................................................................................................................................... 13

Task Forces ....................................................................................................................................................... 13

Membership and Representation ........................................................................................................................ 13

Procedures ........................................................................................................................................................... 14

Hearings ................................................................................................................................................................... 15

General................................................................................................................................................................. 15

Hearing Procedure ............................................................................................................................................... 15

Hearing Panel ....................................................................................................................................................... 15

Attachment A .......................................................................................................................................................... 16

CCC Membership Structure ................................................................................................................................. 16

Mission As a North American Electric Reliability Corporation (NERC) Board of Trustees (Board)-appointed stakeholder committee serving and reporting directly to the NERC Board, the Compliance and Certification Committee (CCC) will engage with, support, and advise the NERC Board and NERC regarding the NERC Compliance Monitoring and Enforcement Program (Compliance and Enforcement program), Organization Registration program (Registration program), and Organization Certification program (Certification program). The CCC monitors NERC’s adherence to the Rules of Procedure (ROP) for these programs. The CCC also monitors NERC’s adherence to the (ROP) regarding the Reliability Standards development process except for appeals of substantive or procedural action or inaction associated with a Reliability Standard or the Reliability Standards development process as defined in the appeals section of the Standard Processes Manual.

Compliance and Certification Committee Functions To fulfill its mission, the CCC performs the following functions:

1. Organizes and conducts committee meetings with NERC staff regarding all facets of the Compliance and Enforcement, Registration, and Certification programs;1

2. Provides comments and recommendations to the NERC Board and NERC staff on the following:

a. stakeholders’ perception of the policies, practices, and effectiveness of the Compliance and Enforcement program, Registration program, and Certification program;

b. the electric reliability organization (ERO) ROP related to the Compliance and Enforcement program, Registration program, and Certification program to the NERC Board;

3. Monitors NERC’s adherence to the following::2

a. Section 405 of the ROP for Compliance Monitoring and Enforcement, including but not limited to the uniform CMEP (Appendix 4C) and the Sanction Guidelines (Appendix 4B).

b. Section 506 of the ROP for Organization Registration and Certification, including but not limited to the Organization Registration and Certification Manual (Appendix 5A).

c. Section 300 of the ROP regarding the Reliability Standards development process except for appeals of substantive or procedural action or inaction associated with a Reliability Standard or the Reliability Standards process as defined in the appeals section of the Reliability Standards Development Procedure. Committee members who have participated in the development process for a Reliability Standard shall not participate in the committee's monitoring of that process.

4. Serves as the hearing body for any contest regarding findings of or penalties or sanctions for violation(s) of Reliability Standard(s) where NERC is the Compliance Enforcement Authority as described in Section 408 of the NERC ROP;

5. As directed by the NERC Board, serves as the mediator for any disagreements between NERC and the Regional Entities concerning NERC performance audits of Regional Entities’ compliance programs. When directed by the NERC Board to serve as mediator, the committee chair will appoint three members of the committee to meet with representatives of NERC and the Regional Entity to attempt to resolve the matter. The appointed members shall be disinterested parties, registered in the Regional Entity associated with the disagreement or otherwise have any conflicts allowing the member to serve the role.

6. At the discretion of the CCC, participates as an observer in Regional Entity audits conducted pursuant to Appendix 4A of the ROP.

7. Supports the Standards Committee in the development of new and revised Reliability Standards by providing a pool of qualified compliance oriented personnel for participation in the compliance administration element phase of the standards development process; and,

8. Provides advisory assistance to the ERO Enterprise regarding the Compliance and Enforcement, Registration, and Certification programs; and

1 Meetings are conducted under Section 4 of this Charter. 2 Monitoring by the CCC is ongoing and does not preclude, interfere with or replace, in whole or in part, the NERC Board’s responsibility to conduct and provide such reviews of these programs as required by Federal Energy Regulatory Commission (the Commission) regulations, 18 C.F.R. § 39.3.c: “The Electric Reliability Organization shall submit an assessment of its performance three years from the date of certification by the Commission, and every five years thereafter.”

Commented [NJ1]: Section 408 will need to be amended as no Regional Entities are subject to Reliability Standards anymore.

Commented [NJ2]: Should we define this as committee members who are not registered in the Region Entity in the disagreement or who does not otherwise have a conflict?

Compliance and Certification Committee Functions

9. Undertakes assignments from the NERC Board or the NERC Board’s Compliance Committee related to Compliance and Enforcement, Organization Registration and Certification, and Reliability Standards Development.

Membership Goals The CCC provides for balanced discussion, commentary, and recommendations on compliance issues by bringing together a wide diversity of perspectives from NERC member sector experts who have familiarity, knowledge, and experience in the area of compliance and NERC Reliability Standards. Appointment and Terms The Nominating Subcommittee of the CCC recommends members to the NERC Board for appointment. Self-nominations are permitted. Members appointed to the committee by the NERC Board serve on the committee at the pleasure of the Board. Member terms are three years from Board . There is no limitation on the number of times a member may be reappointed. To the extent practicable, member terms will be staggered such that approximately one-third of the committee is subject to reappointment or replacement each year. Qualifications All individuals deemed qualified to serve on the committee will generally include senior-level industry experts who have familiarity, knowledge, and experience with compliance, compliance enforcement, compliance administration and management, risk management, organization registration and certification responsibilities, or NERC Reliability Standards within their respective organizations. Member Expectations Committee members are expected to represent the interests of their sector or a broad industry view to the best of their ability and judgment. In addition to the duties, rights, and privileges described elsewhere in this charter, committee members will:

1. Act consistently during meetings with the procedures in this Charter and Robert’s Rules of Order;

2. Adhere to NERC Anti-Trust Guidelines and Participant Conduct Policy

3. Demonstrate and provide knowledge and expertise in support of committee activities;

4. Adjudicate in a fair and unbiased manner that meets applicable legal and due process requirements when participating in hearing procedures conducted under the NERC ROP Section 408;

5. Solicit comments and opinions from constituents and groups of constituents or trade organizations represented by the member and convey them to the committee;

6. Respond promptly to all committee requests, including requests for reviews, comments, and votes on issues before the committee;

7. Arrange for a proxy to attend and vote at committee meetings in the member’s absence; and

8. Respond promptly to all requests to register for committee meetings. Representation The membership structure of the CCC will be modeled upon the membership structure of the NERC Member Representatives Committee (MRC) as described in NERC’s Bylaws (the Bylaws) Article VIII Section 2 [see Attachment A]. This should produce a committee that has an appropriate balance of entities with sector, size, and asset (i.e., transmission, distribution, load, generation, etc.) diversity as well as subject matter diversity with expertise in areas pertinent to the Committee business.

Commented [YL3]: change to approval

Commented [NJ4]: Is there any interest in referencing the Participant Policy and creating barriers to participation if that policy (and similar policies) is violated?

Membership

Page NERC | Compliance and Certification Committee Charter | XXX 2019 Approved by the NERC Board of Trustees XXX XX, 2019

Industry Sector Members Membership will be a hybrid model composed of Sector Representatives and At Large Representatives. Membership excludes Regional Entity personnel. Each member shall elect to be assigned to one of the following membership sectors: (1) Investor-owned utility, (2) State/municipal utility, (3) Cooperative utility, (4) federal or provisional utility/power marketing administration (5) Transmission-dependent utility (6) Merchant electricity generator, (7) Electricity Marketer, (8) Large end use electricity customer, (9) Small end use electricity customer, (10) ISO/RTO, (12) Government Representatives. A member may elect to be assigned to any sector so long as membership in the sector is consistent with the member’s business or other activities. NERC Member sectors or formative organizations or bodies may identify sector representatives for nomination to the Nominating Subcommittee through a Committee process approved by the NERC Board. At Large Members At-large is a designation for members of industry who are appointed to ensure that final configuration of the Committee best reflects the perspectives of the whole membership of the industry. At large membership is intended to balance the needs of the committee to ensure performance of its responsibilities under the ROP. Those responsibilities require diverse perspectives representing interconnections, regional views, country specific views and expertise. At large positions will be proposed to the NERC BOT after consideration of the appropriate balance of these criteria. To the extent practicable, At Large Representatives will come from entities that collectively meet the following criteria for balanced representation: (i) geographic diversity from all interconnections and ERO Enterprise Regional Entities, (ii) high-level understanding and perspective on reliability risks based on experience at an organization in the electricity sector, (iii) experience and expertise from an organization in the electricity sector relevant to the Committee purview, and, (iv) experience in an executive-level position or similar position at an organization in the electricity sector. Canadian Representation The Nominating Subcommittee, described below, will endeavor to attract and engage Canadians with suitable qualifications and expertise in adequate numbers to satisfy Article VIII Section 4 of the Bylaws. To the extent practicable, recognized Canadian organizations such as the Canadian Electricity Association and Canada’s Energy and Utility Regulators will be consulted and solicited for assistance in recruiting Canadians to serve on the committee. NERC Membership It is expected that committee members will generally be from organizations who are NERC members; however, any users, owner, or operators of the bulk power system subject to the Compliance, Registration, and Certification programs and who satisfies the qualifications identified herein may be a member of the CCC. Member Selection The CCC will conduct open nominations processes to receive nominations to fill any membership vacancies. Prospective members of the committee may be identified to the CCC via any means the committee finds acceptable, including:

Commented [NJ5]: The bylaws provide the following for the MRC: “A member may elect to be assigned to any sector so long as membership in the sector is consistent with the member’s business or other activities.”

Membership

1. solicited or unsolicited nomination by a recognized industry group or association, 2. general open solicitation by the committee for nomination(s), 3. self-nomination, 4. directed solicitation by the committee to an individual or individuals, or, 5. referral by the Board or other NERC body or committee.

Nominating Subcommittee The Committee chair will annually appoint a Nominating Subcommittee to recommend individuals to fill sector representative vacancies on the committee. The subcommittee will consist of five members nominated by the committee chair and approved by the committee. The chair of the subcommittee will be selected by the CCC chair from among the five subcommittee members annually. Members of the subcommittee will serve in conjunction with the term of the CCC chair that selects the subcommittee members. The Subcommittee recommend identified members for appointment to the full CCC for review. Individuals recommended by the Subcommittee for appointment to the committee must be approved by the NERC Board. The Subcommittee may give preference to candidates nominated by organizations generally considered by the industry as representative of a broad cross-section of the industry sector in question, such as an industry trade association. In addition, the Nominating Subcommittee will manage, when required, the process to elect the chair and / or vice chair of the committee. Duties In addition to the duties, rights, and privileges described elsewhere in this charter, members of the Nominating Subcommittee will: 1. Prepare a slate of committee officer candidates for submission to the NERC Board for approval, and 2. Prepare a slate of recommended individuals to fill designated committee vacancies as required Expertise When selecting individuals to recommend for committee membership, the Nominating Subcommittee will seek to engage individuals who, in aggregate, provide the committee with a level and breadth of expertise sufficient to achieve its goals and fulfill its scope and responsibilities while respecting other important factors such as industry sector, Region, interconnection, and country. Board Approval The Nominating Subcommittee will present the recommended committee membership slate to the Board for approval. If the Board approves the recommended committee slate, each member on the slate is appointed. The Board may also appoint members individually as needed to meet membership balance and fill vacancies. Vacancies and Non-participation The committee’s secretary will administer the nominations process for vacancies on the committee. Vacancies on the committee will be addressed bi-annually through receipt and consideration of both solicited and unsolicited nominations for the vacant positions.Member Exclusions Regional Entity personnel may not serve as a member of the CCC.

Commented [NJ6]: How is this different than referral by the committee?

Commented [YL7]: Is there a reason the entire committee doesn't decide on who holds these positions?

Commented [YL8]: are we referring to the chair of the CCC?

Commented [YL9]: Is there a reason the full CCC isn't required to approve?

Commented [YL10]: duplicative of qualifications. Recommend deleting.

Commented [YL11]: Nina, why did we remove this from the Charter? Is the intent to move to the NS procedure?

Membership

NERC shall have an Executive Committee Sponsor and shall not be a member of the committee or vote on committee business. The Executive Committee Sponsor and the secretary shall be recused from participating in any committee activity that involves monitoring of NERC’s adherence to ROP or activity that the Executive Committee Sponsor oversees. If the secretary has been recused from participating in a Committee activity, the chair shall appoint another member of the committee as acting secretary for any meetings or other activities from which the secretary is recused. Affiliate Organizations No two individuals from the same organization, or affiliated organizations, may serve concurrently on the committee. Any committee member who has a membership conflict of this nature is obligated to notify the committee secretary within ten (10) business days of the change or to request additional time for consideration if necessary. The committee secretary will in turn report the change to the CCC chair. The committee secretary will ensure that such changes are incorporated into the CCC membership roster. Members impacted by such a conflict, such as through a merger of organizations, may confer between themselves to determine which member should resign from the committee and notify the committee secretary and chair; however, if both members are within the same industry sector and cannot reach an amicable solution by determining the member to remain, the Nominating Subcommittee will review the qualifications of each member and propose the member to remain to the full committee who will determine which member shall continue to serve, subject to Board approval. If the conflict is not resolved in a timely manner by the impacted members, the committee chair shall notify all members of the affected industry sectors recommending actions to resolve the conflict. If the membership conflict is still unresolved, the committee chair shall take the conflict to the NERC Board for resolution. Member Resignations By the Member In the event a member can no longer serve on the committee, that member will submit a written resignation to the committee chair or the secretary. Requested by the Chair The chair may request any committee member who ceases to participate in the committee or fulfill the membership duties described in the Membership Expectations section of this document submit a resignation or to request continuation of membership with an explanation of extenuating circumstances. If a written response is not received within 30 days of the chair’s request, the lack of response will be considered a resignation. Referral to the Nominating Subcommittee The committee chair will refer the vacancy resulting from a resignation to the Nominating Subcommittee of the committee. If a recent list of nominations is available to the Nominating Subcommittee that it deems to be valid, the subcommittee will recommend a replacement nominee; otherwise, the subcommittee will request NERC staff prepare a new solicitation for nominations to fill that position. The Nominating Subcommittee will follow the previously stated criteria in recommending a replacement. By the Board Committee members serve at the pleasure of the NERC Board who may request resignation from, remove, or replace a member from the committee, as the NERC Board deems appropriate.

Commented [YL12]: are we ok with this

Commented [YL13]: is this defined?

Commented [JF14]: I like this. Likely long enough but in circumstance of a leadership role – this may not be enough time (M&A) or if term (company responsibility) or personal choice (ok with proposed). Thoughts?

Commented [NJ15]: Allow for more fleivility

Membership

Proxies Proxies can only be a person who is a member, or an officer, executive-level employee, agent or representative of a member, registered in the same sector. Such notification will be in writing (electronic medium is acceptable). The proxy representatives and their affiliation will be named in the correspondence. Conflict of Interest No committee member may have a conflict of interest that would impair his or her ability to fulfill obligations under this charter. Any committee member who knows of any form of membership conflict, such as working for an entity affiliated with that of another committee member, is obligated to notify the committee chair within ten (10) business days of obtaining that knowledge.

Meetings In the absence of specific provisions in this manual, all committee meetings will follow Roberts Rules of Order. Quorum Two-thirds Requirement The quorum necessary for transacting business at meetings of the committee is two-thirds of the members currently on the committee’s roster. Lack of Quorum If a quorum is not present at the beginning of the meeting, the committee may not take any actions requiring a vote by the committee; however, the chair may, with the consent of the majority of members present, elect to allow discussion of the agenda items. Voting Actions by members of the committee will be approved upon receipt of the affirmative vote of two-thirds of the votes present at any meeting at which a quorum is present. Open Meetings NERC committee meetings will be open to the public, except as noted below under Confidential Information. Confidential Sessions At the discretion of the CCC chair, a meeting or portion of a meeting may have attendance limited based on confidentiality of the information to be disclosed at the meeting. Such limitations should be applied sparingly and on a non-discriminatory basis. All hearings of compliance matters will be confidential sessions. Confidential information will only be disclosed as provided by Section 1500 of the NERC ROP . Confidentiality agreements may also be applied, as necessary, to protect confidential information. Types of Meetings Meetings are conducted in person. Majority and Minority Views All members of a committee will be given the opportunity to provide alternative views on an issue. The results of committee actions, including recorded minutes, will reflect the majority as well as any minority views of the committee members. The chair will communicate both the majority and any minority views in presenting results to the NERC Board. Action Without a Meeting Any action required or permitted at a meeting of the committee may be taken without a meeting if two-thirds members of the CCC (including the proportional votes available to Regional Representatives) approve taking the action outside of a meeting. Procedure Such action without a meeting will be performed by mail or electronic ballot (e.g., telephone, fax, email, or Internet) and will be recorded in the minutes as a roll call ballot. The secretary will announce the action required

Commented [JF16]: All members? Does this need to be clarified?

Commented [NJ17]: Already covered above.

Commented [YL18]: This is not covered in the Charter. Reinstate language?

Meetings

at least 10 days before the date on which the action is to be voted. As time permits, members should be allowed a window of 10 business days to vote. The secretary will provide the results of such an action within 10 business days of the close of the voting period.

Officers and Staff Number of Positions The committee will have one secretary and two officers – one chair and one vice-chair. Secretary A member of the NERC staff will serve as the secretary of the committee. The secretary is not a committee member and does not have a vote. The secretary will do the following:

1. Manage the day-to-day operations and business of the committee;

2. Facilitate effective administration of committee procedures;

3. Prepare and distribute the notices of the committee meetings, prepare the meeting agenda, and prepare and distribute the minutes of the committee meetings; and,

4. Act as the committee’s parliamentarian. Officer Selection The CCC Nominating Subcommittee will recommend a chair and a vice chair from among the voting members annually for committee endorsement. The chair and vice chair are then appointed by the NERC Board for a two-year term. The term of the chair and the vice chair, except for the first year, will begin on July 1 and end on June 30. The chair and vice chair shall not have been representatives of the same sector. As the chair and vice chair shall continue to act as representative of the sectors upon appointment by the NERC Board, the administrative roles and responsibilities of the chair and vice-chair must be performed independently of the sectors they represent. Voting of Officers The committee chair and vice chair are voting members of the committee. Executive The committee shall retain an Executive Committee consisting of the committee officers, subcommittee chairs, secretary, and the NERC Executive Committee Sponsor. Chair The chair will direct and provide general supervision of committee activities, including the following:

1. Coordinate the schedule of all committee meetings, including approval of meeting duration and location;

2. Develop committee agendas and rule on any deviation, addition, or deletion from a published agenda;

3. Preside at and manage committee meetings, including the nature and length of discussion, recognition of speakers and proxies, motions, and voting;

4. Will lead or direct the conduct of any hearings and the preparation of any adjudicatory documents by the committee under Section 408 of the NERC ROP;

5. Will ensure actions and undertakings by the committee under the NERC ROP Section 408 meet all applicable legal and due process requirements;

6. Will act as spokesperson for the committee at forums inside and outside of NERC; and

Commented [YL19]: delete voting?

Officers and Staff

7. May attend meetings of the NERC Board when necessary to report to the Board on committee activities. Vice Chair The vice chair will assume the responsibilities of the chair under the following conditions:

1. At the discretion of the chair (for brief periods of time);

2. When the chair is absent or temporarily unable to perform the chair’s duties; or

3. When the chair is permanently unavailable or unable to perform the chair’s duties. In the case of a permanent change, the vice chair will continue to serve until a new chair is nominated and appointed by the NERC Board.

Subordinate Groups Committee Organization The CCC organizational structure will be arranged as allowed in the NERC Bylaws to support a superior-subordinate hierarchy that is ordered as follows: a committee, a subcommittee, a working group, and a task force, with a committee being primary and a task force being quaternary. Subgroups The committee may establish subcommittees, working groups, and task forces as necessary. The committee chair may also form any of these subordinate groups on behalf of the committee. The committee will be the responsible sponsor of all subordinate subcommittees, working groups, or task forces it may create, or that its subordinate subcommittees and working groups may create. The committee will keep the Board informed of all groups subordinate to the committee. Subcommittees The committee may establish subcommittees to which the committee may delegate some of the committee’s broadly defined continuing functions. The committee will approve the scope of each subcommittee it forms. The committee chair will appoint the subcommittee officers (typically a chair and a vice chair) for a specific term (generally two years). The subcommittee officers may be reappointed for up to two additional terms. The subcommittee will work within its assigned scope and be accountable for the responsibilities assigned to it by the committee. The formation of a subcommittee, due to the permanency of the subcommittee, will be approved by the Board. Working Groups The committee or any of its subcommittees may delegate specific continuing functions to a working group. The sponsoring committee or subcommittee will approve the scope of each working group it forms. The chair of the sponsoring committee or subcommittee will appoint the working group officers (typically a chair and a vice chair) for a specific term (generally two years). The working group officers may be reappointed for up to two additional terms. The sponsoring committee or subcommittee will conduct a “sunset” review of each working group every two years. The working group will be accountable for the responsibilities assigned to it by the committee or subcommittee and will, at all times, work within its assigned scope. Task Forces The committee, subcommittee, or working group may assign specific work of a finite duration to a task force. The sponsoring committee, subcommittee, or working group will approve the scope of each task force it forms. The chair of the sponsoring committee, subcommittee, or working group will appoint the task force officers (typically a chair and a vice chair). Each task force will have a finite duration, normally less than one year. The sponsoring group will review the task force scope at the end of the expected duration and at each subsequent meeting of the sponsoring group after that until the task force is retired. Action of the task force sponsoring group is required to continue the task force past its defined duration. The sponsoring group should consider promoting to a working group any task force that is required to work longer than one year. Membership and Representation The membership of each subcommittee, working group, and task force should be established to address the need for expertise and balance of interests. Each group’s membership requirements will be defined within the group’s approved scope. As a general guide, the broader the group’s scope, the more emphasis there should be on balancing of interests. Therefore, subcommittees would be expected to have the broadest representation of appropriate industry

Subordinate Groups

sectors, while a task force may be more focused on simply having the necessary expertise, and a working group may be somewhere between. Each member of a subordinate group, and its officers, will be appointed by the chair of the sponsoring committee or group. To the extent subgroup membership is of a representative nature, recommendations for staffing of the group should be provided in a manner consistent with the principles outlined in the staffing of a committee, including the use of an open nominations process. Regional Entity representatives should be recommended by the Regional Entity and Canadian representatives by the Canadian Electricity Association. Preference may also be given to representatives recommended by broadly-based industry associations. To the extent that subgroup membership is based on providing requisite expertise, the chair of the sponsoring committee or group may appoint members based on the relevant technical qualifications. Procedures Subcommittees, working groups, and taskforces will conduct business in a manner consistent with all applicable sections of this manual and Robert’s Rules of Order. CCC documents relating to the topics in the NERC Rules of Procedure will require Board of Trustee Approval.

Hearings General The CCC will conduct hearings, as necessary, to fulfill its function of serving as the hearing body for any contest between NERC and a Regional Entity regarding NERC findings, penalties, or sanctions for violation(s) of Reliability Standard(s) by the Regional Entity as described in Section 408 of the NERC ROP. Hearing Procedure Unless specifically identified otherwise elsewhere in this charter, the CCC’s hearing procedure shall follow the hearing procedure mandated and approved by jurisdictional authorities for use by NERC and the Regional Entities in the Compliance and Enforcement program. Hearing Panel The committee shall not have a standing hearing panel. When a hearing is to be conducted, the CCC shall select five members to serve as the adjudicatory panel for that hearing. Members to serve on the panel shall be selected by vote of a valid quorum of the committee. Voting members of the committee at arm’s length from parties to the hearing may be nominated or volunteer to stand for selection to the hearing panel. One or more alternates may also be selected, as the committee deems appropriate for the circumstances. A member may serve on more than one panel concurrently. A panel is disbanded upon conclusion of the hearing proceedings for which it was formed.

Attachment A CCC Membership Structure

Primary Sector Sub-Sector Number of Members Full Voting Proportional

Voting Non-Voting

Investor-Owned Utility 2 X State/Municipal Utility 2 X Cooperative Utility 2 X Federal or Provincial Utility/Federal Power Marketing Administration

Transmission Dependent Utility 2 X

Merchant Electricity Generator 2 X

Electricity Marketer 2 X Large End-use Electricity Customer 2 X

Small End-use Electricity Customer 2 X

Independent System Operator/Regional Transmission Organization

Government U.S. State 2 X U.S. Federal 2 X

Canadian Provincial 1 X

Canadian Federal 1 X At Large Position 6 X

Total 32

Compliance Monitoring Program for Reliability Standards Applicable to NERC CCC Monitoring Program – CCCPP-002

May 7, 2015

NERC | Report Title | Report Date

Table of Contents

NERC | Compliance Monitoring Program for Reliability Standards Applicable to NERC| May 7, 2015 ii

Preface ....................................................................................................................................................................... iii

Revision History ......................................................................................................................................................... iv

1. Introduction ............................................................................................................................................................ 1

2. Monitoring Processes ............................................................................................................................................. 3

3. Annual Work Plan ................................................................................................................................................... 5

4. Mitigation Plan ....................................................................................................................................................... 6

4.1 Contents of a Mitigation Plan ........................................................................................................................... 6

4.2 Timetable for Completion of a Mitigation Plan ................................................................................................ 6

5. Data Retention and Confidentiality ........................................................................................................................ 7

5.1 Records Management ....................................................................................................................................... 7

5.2 Retention Management .................................................................................................................................... 7

5.3 Confidentiality Management ............................................................................................................................ 7

6. Reporting and Disclosure ........................................................................................................................................ 8

6.1 Audit .................................................................................................................................................................. 8

6.2 Complaint .......................................................................................................................................................... 8

6.3 Mitigation Plan .................................................................................................................................................. 8

6.4 Other Monitoring Activity ................................................................................................................................. 8

NERC | Compliance Monitoring Program for Reliability Standards Applicable to NERC| May 7, 2015 iii

Preface

The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system (BPS) in North America. NERC develops and enforces Reliability Standards; annually assesses seasonal and long-term reliability; monitors the BPS through system awareness; and educates, trains, and certifies industry personnel. NERC’s area of responsibility spans the continental United States, Canada, and the northern portion of Baja California, Mexico. NERC is the electric reliability organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission (FERC) and governmental authorities in Canada. NERC’s jurisdiction includes users, owners, and operators of the BPS, which serves more than 334 million people.

The North American BPS is divided into several assessment areas within the eight Regional Entity (RE) boundaries, as shown in the map and corresponding table below.

The Regional boundaries in this map are approximate. The highlighted area between SPP and SERC denotes overlap as some load-serving entities participate in one Region while associated transmission owners/operators participate in another.

FRCC Florida Reliability Coordinating Council

SPP-RE Southwest Power Pool Regional Entity TRE Texas Reliability Entity

NERC | Compliance Monitoring Program for Reliability Standards Applicable to NERC| May 7, 2015 iv

Revision History

NERC Compliance and Certification Committee CCCPP-002 Title: Compliance Monitoring Program for Reliability Standards Applicable to NERC

Version: 2.0 Revision Date: 04/13/2015 Effective Date: 05/07/2015

Date Version Number Comments

June 11, 2008 1.0 Approved by the Compliance and Certification Committee

August 26, 2008 1.0 Approved by the Board of Trustees

April 13, 2015

Revised by the ERO Monitoring Subcommittee (EROMS), and approved by the Compliance and Certification Committee

May 7, 2015 2.0 Approved by the Board of Trustees

1. Introduction

NERC | Compliance Monitoring Program for Reliability Standards Applicable to NERC | May 7, 2015 1

In the capacity of a NERC board-appointed stakeholder committee serving and reporting directly to the Board under a NERC board-approved charter1, as approved by FERC2, and as set forth in the ROP, the CCC will engage with, support, and advise the Board and NERC Board of Trustees Compliance Committee (BOTCC) regarding all facets of the NERC CMEP, Registration program, and Certification program.

As a committee independent of NERC’s obligations to comply with reliability standards applicable to NERC, the CCC is responsible for establishing and implementing a program as specified in Section 405 of NERC’s Rules of Procedure to monitor NERC’s compliance with the Reliability Standards that apply to NERC. This document describes the program and associated processes to be utilized by the CCC in carrying out this responsibility.

As noted in the NERC board-approved CCC Charter, monitoring by the CCC is ongoing and does not preclude, interfere with, or replace, in whole or in part, the Board’s responsibility to conduct and provide such reviews of these programs as required by FERC regulations, 18 C.F.R. § 39.3(c): “The Electric Reliability Organization shall submit an assessment of its performance three years from the date of certification by the Commission, and every five years thereafter.”

1.1 Terms The terms defined below are applicable to this program only and are not intended to be applicable to or conflict with the same or similar terms used by NERC for other purposes.

1.1.1. Adverse Finding A finding of a non-compliance with a Reliability Standard as a result of an Audit, a Self-Certification, a Self-Report, or a Spot Check.

1.1.2. Audit A systematic, objective review and examination of records and activities to determine whether NERC has complied with Reliability Standards applicable to NERC.

1.1.3. Complaint An allegation that NERC has not complied with a Reliability Standard.

1.1.4. Mitigation Plan An action plan developed by NERC to (1) correct an Adverse Finding and/or (2) prevent any recurrence of an Adverse Finding.

1.1.5. Self-Certification Periodic reporting by NERC of compliance or non-compliance with a Reliability Standard.

1.1.6. Self-Report A report by NERC of a non-compliance with a Reliability Standard, based on NERC’s own assessment, and of any actions taken or that are being taken to resolve the non-compliance.

1.1.7. Spot Check

1 http://www.nerc.com/comm/CCC/Documents/CCC%20Charter%20Approved%20RR15-11-000.pdf 2 http://www.nerc.com/files/Order_on_Comp_Filing_06.07.2007_CCC_VSL_Order.pdf

1. Introduction

A process in which NERC is requested to provide information to assess whether NERC complies with Reliability Standards applicable to NERC.

2. Monitoring Processes

The CCC will monitor and assess NERC’s compliance with Reliability Standards applicable to NERC using the processes described below to collect information and make assessments.

2.1 Audits The CCC will work with the Enterprise-wide Risk Committee (EWRC) and the NERC Director of Internal Audits to schedule periodic external Audits of NERC’s compliance with Reliability Standards applicable to NERC. The CCC will participate as observers in these Audits, as described in Section 2.1.1. Audits will be conducted at NERC’s facility(ies) in a manner consistent with Section 403.11 of the ROP. All Audits will be conducted in accordance with Audit guides, consistent with accepted auditing guidelines as approved by NERC.

2.1.1. Audit Steps

• The CCC will collaborate with the NERC Director of Internal Audits and the EWRC to schedule externally led Audits of Reliability Standards applicable to NERC.

• The CCC will participate, along with the NERC Director of Internal Audits, in the selection of the external auditing contractor.

• Each Audit team will include NERC Internal Audit staff, assigned CCC observers, and the external auditing contractor.

• The assigned CCC observers must identify any applicable conflicts of interest (COI) and will be subject to NERC COI procedures in place at the time of the Audit, which includes the ability of NERC to request replacement of an observer who has a COI.

• The assigned CCC observers must have completed NERC Auditor Training.

• The assigned CCC observers must execute Confidentiality Agreements.

• The assigned CCC observers must abide by the NERC-provided observer guidelines.

• The assigned CCC observers will be included in Audit team pre- and post-Audit activities and actual auditing activities, including meeting with NERC personnel from the departments that are the subjects of the Audit.

• The assigned CCC observers may provide questions, comments, and advice to the external auditors during the course of the Audit.

• The assigned CCC observers will have access to non-confidential Audit documents (as determined by NERC) on the secure NERC site.

• The assigned CCC observers will review all daily, weekly, and final Audit reports.

2.1.2. Frequency of Audits Audits of NERC will be conducted at least every three (3) years. Additionally, an unscheduled Audit of NERC may be initiated by the CCC, in consultation with the EWRC and the NERC Director of Internal Audits, if reasonably determined to be necessary to determine NERC’s compliance with Reliability Standards applicable to NERC.

2.1.3. Scope of Audits An Audit will include elements of the Reliability Standards applicable to NERC selected by NERC, and elements of the Reliability Standards selected by the CCC.

2.1.4. Audit Reports

2. Monitoring Processes

The Audit team will develop a draft Audit report that will include a description of the objective, scope, and methodology of the Audit; identify any Adverse Findings; identify any mitigation activities which have been completed or are pending; and identify the nature of any confidential information redacted. The draft Audit report may contain other recommendations of the Audit team related to the findings.

The draft Audit report will be provided to NERC which will in turn provide the Audit team with comments and descriptions of Mitigation Plans for addressing any Adverse Findings for inclusion in the final Audit report. If NERC disputes any Adverse Findings, NERC will also provide language to the Audit team addressing such concerns for inclusion in the report.

The Audit team will consider comments provided by NERC and develop a final Audit report that includes any Mitigation Plan descriptions provided by NERC as well as any language regarding disputed Adverse Findings. The Audit team will then provide the final Audit report to the Board through the EWRC.

2.2 Self-Certifications NERC will certify its compliance with Reliability Standards applicable to NERC with respect to a subset of requirements selected by the CCC on a periodic basis. Such Self-Certifications will be achieved through reports to the CCC by a NERC officer or equivalent responsible for ensuring compliance with Reliability Standards applicable to NERC. Results of Self-Certifications will be communicated to the Board through the EWRC.

2.3 Spot Checks The CCC, in consultation with the EWRC and the NERC Director of Internal Audits, may from time to time request NERC to provide information to assess whether NERC complies with Reliability Standards applicable to NERC. A review of this information will be conducted in a manner similar to an Audit. A Spot Check may also be initiated in response to events or a Complaint. Results of a Spot Check will be documented in a Spot Check report and provided to the Board in a manner consistent with reporting for a Compliance Audit.

2.4 Self-Reports NERC is encouraged to self-report to the CCC at the time NERC becomes aware of (1) any NERC non-compliance with Reliability Standards applicable to NERC, or (2) a change in a previously identified Adverse Finding. Results of a Self-Report will be communicated to the Board through the EWRC.

2.5 Complaints The CCC may receive Complaints alleging NERC non-compliance with Reliability Standards applicable to NERC. The CCC will conduct a review of each Complaint it receives to determine if the Complaint may be closed as a result of an initial review and assessment, or if the Complaint provides sufficient basis for the CCC to consult with the EWRC and the NERC Director of Internal Audits to determine if further action is needed. All anonymous Complaints will be reviewed in a manner that will prevent disclosure of the complainant’s identity.

3. Annual Work Plan

The CCC will maintain and update an Annual Work Plan, to be carried out by the CCC in the performance of its responsibilities and duties in implementing this program. The plan will be provided to NERC each year and will specify reporting by NERC to the CCC that will be required to provide verification of compliance through any of the monitoring methods described in Section 2 of this document. The Work Plan will be posted on the NERC website.

4. Mitigation Plan

If an Adverse Finding is identified as a result of an Audit, a Self-Certification, a Self-Report, or a Spot Check, NERC will develop a corresponding Mitigation Plan.

4.1 Contents of a Mitigation Plan A Mitigation Plan should include the following information:

• The non-compliance with Reliability Standards applicable to NERC that the Mitigation Plan will correct.

• The cause of the non-compliance.

• NERC’s action plan to correct the non-compliance.

• NERC’s action plan to prevent recurrence of the non-compliance.

• A timetable for completion of the Mitigation Plan.

• Any other information deemed necessary or appropriate.

4.2 Timetable for Completion of a Mitigation Plan A Mitigation Plan should be completed in time to have a reasonable potential to correct the non-compliance prior to the next applicable reporting/assessment period after occurrence of the non-compliance for which the Mitigation Plan is provided. In all cases the Mitigation Plan should be completed without delay. NERC will keep the CCC informed of the status of Mitigation Plan activities, and will notify the CCC when a Mitigation Plan has been completed.

5. Data Retention and Confidentiality

5.1 Records Management All records associated with this program will be maintained by NERC. The associated records management policy will provide for a routine and orderly process for the retention and disposal of electronic and paper records related to this program, and ensure verification of compliance with appropriate business, regulatory, and legal requirements. The policy will allow for the maintenance of records as required to implement the CCC’s monitoring of NERC’s compliance with Reliability Standards applicable to NERC.

5.2 Retention Management NERC’s records management policy will require that information and data generated or received pursuant to activities associated with this program be retained for a minimum of five (5) years. If the information or data is material to the resolution of a controversy, the retention period for such data will not commence until after the controversy is resolved.

5.3 Confidentiality Management NERC and the CCC will maintain confidentiality of all Confidential Information in accordance with Section 1500 of the ROP. Information deemed to be critical energy infrastructure information will be redacted and will not be released publicly.

6. Reporting and Disclosure

6.1 Audit The CCC will coordinate with NERC to post final Audit reports on its public website after the reports have been reviewed by the NERC Board. Such posting will be subject to the confidentiality provisions of the ROP.

6.2 Complaint When the CCC determines that further action is needed regarding Complaints, it will report such Complaints to the NERC Board through the EWRC.

6.3 Mitigation Plan NERC will keep the CCC informed of the status of Mitigation Plan activities, and will notify the CCC when a Mitigation Plan has been completed.

6.4 Other Monitoring Activity The CCC will report to the NERC Board through the EWRC upon completion of a CCC monitoring activity described in this procedure.

2020 ERO Enterprise CMEP Implementation Plan

Steven Noess, Director of Regulatory Programs, NERCEd Kichline, Senior Counsel and Director of Enforcement OversightCompliance and Certification Committee Meeting November 19 - 20, 2019

Agenda Item 7a

RELIABILITY | RESILIENCE | SECURITY2

• Purpose of the Compliance Monitoring and Enforcement Program (CMEP) Implementation Plan (IP) Annual CMEP-related operating plan for NERC and Regional Entities Implementation of risk-based approach for CMEP activities

• Timeline NERC posts initial draft on or about September 1 of preceding year NERC final IP with links to regional schedules in November Updates may occur throughout year

Implementation Plan Background

• Aligned approach to NERC and Regional risk assessments• Streamlined: eliminated multiple appendices • Risk Elements now better reflect a combined ERO Enterprise

view More user-friendly More relevant to registered entities Reflects high level priorities for CMEP

2020 CMEP IP Highlights

2020 Risk Elements Comparison

• 2020 ERO Enterprise CMEP IP Draft 1: https://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/2020%20ERO%20CMEP%20Implementation%20Plan%20V%201.0.pdf

Resources

Internal Controls

Steven Noess, Director of Regulatory ProgramsEd Kichline, Senior Counsel and Director of Enforcement Oversight Compliance and Certification Committee MeetingNovember 19-20, 2019

Agenda Item 7b

• Internal Controls Commitment• Definition of a Compliance Oversight Plan (COP)• Elements and Outcomes of a COP• Example Discussion• Value Proposition

2 RELIABILITY | RESILIENCE | SECURITY

Overview

Internal Controls Commitment

CMEP Evolves and Matures• Goals for internal

controls unchanged• Internal controls

shape oversightplanning

Emphasis andCommitmentHave Grown• Internal Controls

understanding built into all aspects of CMEP

The Value Proposition• Investment in strong

internal controls matters

• CMEP experiences should reflect those differences

Maturation of Risk-based AssessmentProcesses

2018 - 2019 2019 - 2020

Inherent Risk Assessment

(IRA) Process Harmonization

COP Process Harmonization

Transition Period

• The COP tailors compliance monitoring activities based on entity-specific factors.

• COP is the oversight strategy for a registered entity.• COPs provide comparative assessments to shape oversight

planning and resource allocation of ERO Enterprise staff.• COPs place emphasis on understanding internal controls and

other performance considerations.• A COP is shared with the registered entity.

Definition of a COP

COP Process Highlights

Enhanced Analysis

Targeted Oversight

Prioritized Monitoring

Single Report

• Compliance Monitoring Impacts• Enforcement Considerations

FAC-008 Example

• Understanding of entity and strength of controls impacts monitoring experience (frequency, scope, etc.)

• Impacts to risk assessment of violation

Value Proposition

COP Process ImplementationTimeline

• Throughout the second half of 2019, REs began implementation of new COP summaries.

• Industry outreach will continue through 2020.

Streamlining in Enforcement

Ed Kichline, Senior Counsel and Director of Enforcement OversightCompliance and Certification Committee MeetingNovember 18-19, 2019

Agenda Item 7b

• Themes from stakeholder perception survey: Perception that it takes too long to resolve minimal risk noncompliance,

and Stakeholders see limited differentiation among processes for minimal risk

noncompliance and higher risk violations.

Stakeholder Feedback

• Sampling to verify completion of mitigation for Compliance Exceptions

• Enhancements to guidance for ERO Enterprise and registered entities Information gathering Risk assessment Cause analysis and mitigation

• Rules of Procedure revisions Self-Logging Program Data retention Mitigating activities

Streamlining Activities

Centralized Organization Registration ERO System (CORES) Update

Organization Registration Certification Subcommittee (ORCS) MeetingNovember 19, 2019

Agenda Item 7c

• The CORES platform enables entities to manage their registration information, contact information, and functional relationships from one application.

• The application is accessed through a common platform – the ERO Portal. Link to access- https://eroportal.nerc.net ERO Portal User Guide

(https://www.nerc.com/pa/comp/RegistrationReferenceDocsDL/User%20Guide_ERO%20Portal.pdf)

• The Centralized Organization Registration ERO System (CORES) was launched on July 15, 2019, to provide consistency and alignment across the ERO for registration activities.

CORES Review

CORES Package

MFA on ERO Portal

CORES on ERO Portal

ERO Enterprise Help Desk

Timeline of Work

Q1 2019: Development

May 2019: Focus group &

registered entity pilot

testing

June 2019: Multi-Factor

Authentication implemented for

the ERO Portal

Mid-July 2019: CORES Go-Live

- New Registrations

- Change Requests

Aug 2019:Focus group &

testing participants

began validation

process

Q4 2019: Continue the

rollout process by requesting

entities to begin the validation

process

Timeline of Work

testing

the ERO Portal

- New Registrations

- Change Requests

began validation

process

Timeline of Work

testing

the ERO Portal

- New Registrations

- Change Requests

began validation

process

Timeline of Work

testing

the ERO Portal

- New Registrations

- Change Requests

began validation

process

Timeline of Work

testing

the ERO Portal

- New Registrations

- Change Requests

began validation

process

• CORES is a new system and the ERO wants users to have a positive user experience and to have the resources available to assist users with registration activities

• There are three groups in the Managed Release 1. High priority entities that have registration requests that need to be

processed immediately2. The initial pilot entities and focus group3. The remainder of the entities in all the regions

• The software will be released to the remainder of entities over the next several months on a regional basis There were several enhancements that have been made or are close to

being completed that we received from registered entity feedback The remainder of the entities will be provided access according to each

Regional Entity’s plan.

Managed Release Review

• CORES is not currently planned to be used for Compliance Monitoring and Enforcement Functions – see the Align project.o https://www.nerc.com/ResourceCenter/Pages/CMEPTechnologyProject.aspx

Certification or Certification Reviewso No system in place for certification or certification reviews at this time

BES Processingo BES processing will continue to utilize the BESnet application

– https://identity.eroenterprise.com/account/signin

Key Points to Note

• The expectation is to complete these milestones no later than April 1, 2020 in preparation for the Align system release.

• In the short term, contact information will not be updated in CORES. Contact records, usernames,

permissions will be handled through the helpdesk for access.

• CORES Milestones Data validation from migrationo Functional Registrations and

dates Entity relationships Functional mapping Coordinated Functional

Registration Joint Registration Organization

Initial Rollout Plan Milestones

• CORES Video Library for Training Material https://vimeopro.com/nerclearning/cores-video-library/page/1

• Project Page https://www.nerc.com/pa/comp/Pages/CORESTechnologyProject.aspx

• Registration Pages for NERC and NPCC https://www.nerc.com/pa/comp/Pages/Registration.aspx https://www.npcc.org/Compliance/Compliance%20Registration1/Forms/P

ublic%20List.aspx

• ERO Enterprise Help Desk https://support.nerc.net

• Link to access and register for ERO Portal (CORES is accessed via the ERO Portal) https://eroportal.nerc.net/

One-Stop Shop for Training, Materials and Access to CORES and the ERO Enterprise Help

Agenda 7d NERC CCC Meeting

Internal Audit Report Action Update Background At every CCC meeting NERC’s Internal Audit and Corporate Risk Management Department (IA) provides an update regarding the status of CCC audits and other monitoring activities of NERC and the Regional Entities. Summary IA will update the CCC on the status of the 2019 NERC Compliance Monitoring and Enforcement Program and Organization Registration and Certification Program Independent Audit and the 2020 NERC Audit Plan that was approved by the Enterprise-wide Risk Committee in October.

Matt Gibbons, Director of Internal Audit and Corporate Risk ManagementCompliance and Certification Committee Meeting November 19 – 20, 2019

Internal Audit Report

Agenda Item 7d

2019 CCC CMEP/ORCP Audits

• Audit of NERC CMEP/ORCP is now complete.• Items previously reported complete: RFP sent to independent audit firms Independent auditor selected CCC observer team assembled and trained Audit risk assessment and scoping with CCC observer team Audit kickoff, planning, and fieldwork interviews with NERC staff Initial observations developed by independent auditor

• Items completed since last report: Completed audit fieldwork Report drafted and reviewed by CCC observer team and NERC Report completed and presented to the EWRC in October

• Items remaining: NERC IA to verify observations are mitigated

2020 Audit Plan

• Audit plan approved by the EWRC at October Meeting• Includes CCC Standards Process Audit • Audit is scheduled for Q2 2020• Please reach out to me or Jennifer Flandermeyer if interested in

participating as an observer

Agenda Item 9 NERC CCC Meeting November 18-19, 2019

Report of November 2019

Member Representative Committee (MRC) and Board of Trustees (Board) Action None – Information Only Background The following notes are provided by Compliance and Certification Committee (CCC) attendees at the meetings, and not intended to represent all agenda topics in full. The North American Electric Reliability Corporation (NERC) MRC and Board of Trustees (Board) convened their quarterly meetings in Atlanta, Georgia on November 5, 2019. MRC Meeting Summary: The following notes represent some of the significant highlights from the meetings. The Agenda package and the associated presentation are available from the following links: https://www.nerc.com/gov/bot/MRC/Agenda%20Highlights%20nad%20Minutes%202013/MRC_Meeting_Agenda_Package-November-5-2019.pdf https://www.nerc.com/gov/bot/MRC/Agenda%20Highlights%20nad%20Minutes%202013/MRC%20Presentation%20Package%20-%20November%205,%202019.pdf ERO Enterprise Effectiveness Survey Update NERC staff provided an overview of activities associated with the 2020 ERO Enterprise Stakeholder Survey. The CCC contributes an important component to the stakeholder survey, responsible for more than two dozen questions related to the Compliance Monitoring and Organizational Registration and Certification programs. As EROMS begins to address the next survey, NERC is considering the development of a more simplified approach to the survey, and will share a proposal with the MRC at the February 2020 meeting. In advance of the February 2020 meetings, NERC will be working with the CCC and the Member Executive Committee to further address potential approaches. Final Feedback to the Reliability and Security Technical Committee (RSTC) Proposal MRC members were given one final opportunity to provide feedback in advance of Board action to approve the proposal to establish a new Reliability and Security Technical Committee. With limited change, the MRC was supportive of Board action to move forward with approval. See Board meeting highlights for further detail on the vote. Other Areas of Interest

• Jennifer Sterling (Exelon) and Paul Choudhury (BC Hydro) were elected to serve as Chair/Vice Chair of the MRC for one-year beginning with the February 2020 meeting. Sterling takes over as MRC Chair for Greg Ford.

• The MRC approved an updated version of its Governance Guidelines, as part of the effort to streamline the documents that guide the operations of the MRC. With this approve, the number

of documents that guide the MRC have been reduced to two: the NERC Bylaws and the Governance Guidelines.

• Stan Hoptroff (NERC) briefed the MRC about NERC’s initial findings associated with a recent Section 1600 data request intended to help NERC better understand risks associated with low-impact Bulk Electric System cyber systems. While additional analysis is expected, the results concluded that a substantial portion of low impact assets are being used by organizations that also have medium/high assets.

• Updates were also provided on ERCOT’s performance during summer 2019. Board Meeting Summary: The following notes represent some of the significant highlights from the meetings. The Agenda package and the associated presentation are available from the following links: https://www.nerc.com/gov/bot/Agenda%20highlights%20and%20Mintues%202013/Board_Open_Meeting_Agenda_Package_November_5_2019.pdf https://www.nerc.com/gov/bot/Agenda%20highlights%20and%20Mintues%202013/Board_Presentations_November_5_2019.pdf Key Areas of Specific Interest to the CCC

• The following individuals were approved for a new three-year term on the CCC

Justin MacDonald – Midwest Energy Inc., Cooperative Sector

Ashley Stringer – Oklahoma Municipal Power Authority, Transmission Dependent Utility Sector

• CCC Chair Jennifer Flandermeyer provided a written quarterly update to the Board, summarizing the results of CCC meetings held in Kansas City on September 17-18, 2019.

Formal Creation of the Reliability and Security Technical (RSTC) Committee The NERC Board unanimously approved the creation of the RSTC, adopting a proposed charter developed by a Stakeholder Engagement Team. The new committee, which will consolidate three technical stakeholder committees (Operating, Planning, and Critical Infrastructure Protection Committees) will commence operation in June 2020 after a transition period that will include sector elections and at-large nominations. A nomination period for Sector elections will be held starting in mid-November to early-December, followed by a nomination period for the At-large positions. The Board anticipates appointing all members to the RSTC at its February 2020 meetings. During the meetings, the Board appointed Greg Ford (Georgia System Operator) to be the first Chair of the Committee and David Zwergel (MISO) to be the first Vice Chair. The RSTC proposal was developed as part of a year-long effort of a Stakeholder Engagement Team, which included three CCC members (Jennifer Flandermeyer, Patti Metro, and Scott Tomashefsky). The team also included the chairs of each key technical committees, two NERC Board members, senior NERC staff, and key stakeholders. Future NERC Board Meeting Schedule

The November board meeting featured a change in the schedule which results in all Board committee meetings being held via conference call, with only the MRC and Board meetings being held in person on one day. The change was undertaken as part of NERC’s ongoing effectiveness and efficiency activities, with the intent of reducing travel and related costs to NERC and the industry. After widespread discussion, NERC Chair Roy Thilly indicated that future meetings for 2020 will revert to the traditional schedule of holding Board/MRC/Committee meetings in person over a two-day period. Chair Thilly did indicate at the MRC meeting that he has asked NERC CEO Jim Robb to put together a plan to move to three Board meetings per year, suggest about the possibility of making adjustments starting with the January 2021 meeting. Other Items of Interest

• The Board accepted the 2019 ERO Reliability Risk Priorities Report developed by the Reliability Issues Steering Committee. The report is intended to provide a framework that prioritizes the issues of importance to ensure system reliability. Patti Metro represents the CCC in this effort.

• Given the shortened schedule for this quarter’s meetings, stakeholder committee reports (including the CCC) and Forum Groups were presented to the Board in written format, included as an Appendix to the Board package. Board Committee reports were provided verbally as part of the main meeting.

Agenda Item 11 NERC CCC Meeting

NERC Reliability Issues Steering Committee Action None Background The NERC Reliability Issues Steering Committee (RISC) presented for acceptance the 2019 ERO Reliability Risk Priorities to the NERC Board of Trustees (Board) at the public November 5, 2019 Board meeting. Summary The RISC ERO Reliability Risk Priorities report (RISC report) presents the results of the RISC’s continued work to strategically define and prioritize risks to the reliable operation of the bulk power system and thereby provide recommendations to the Board regarding the approach that NERC should take to enhance reliability and manage those risks. Since the September CCC meeting, the RISC reviewed the proposed final RISC report, which included recommended amendments based on stakeholder input, at their meeting on October 22, 2019 and with quorum, approved the report and recommended for Board acceptance at the November 5, 2019 open Board meeting.

Objectives:Understand the scope, priority and goals to mitigate known and emerging risks to bulk power system reliabilityProvide a framework to effectively focus NERC and industry resources to improve reliability

Biennial ActivitiesReliability Leadership SummitIndustry risk surveyIdentify Priority RisksVet mitigation alternatives

Document result in RISC Report

10 risks from multiple inputs (e.g., ERO Leadership Summit, Emerging Risks Survey results, Subject Matter Expertise)

Changing Resource MixBulk Power System PlanningResource Adequacy and PerformanceProtection System ComplexityHuman Performance and Skilled WorkforceLoss of Situational AwarenessExtreme Natural EventsPhysical Security VulnerabilitiesCyber Security VulnerabilitiesCritical Infrastructure Interdependencies*

*Newly Identified Risk

Further review and consolidation has resulted in four high level risk profiles:

Manage versus Monitor

Analysis of mitigating activities and the effects on risk likelihood and impacts, enable biennial comparison/trendingA larger emphasis on immediate and shortterm actionable activities to reduce riskDifferentiation between actively manage versus monitorProspectively it will be important for the RISC to:

Collaborate with the Reliability Security and Technical CommitteeCoordinate with the annual business plan and budget and ERO Enterprise LongTerm Strategy to ensure alignment of priorities and strategic execution on a goingforward basis

RISC seeks Board of Trustees acceptance of the report and approval for its formal publication.

NERC | Report Title | Report Date I

NERCRCC || Report Title | Report DateI

2019 ERO Reliability Risk Priorities Report

November 2019

NERC | RISC ERO Reliability Risk Priorities Report| November 2019 ii

Table of ContentsPreface ........................................................................................................................................................................... iii Executive Summary ................................................................................................................................................. 5

Common Themes and Emerging Trends ...................................................................................................................... 6

Background and Introduction ............................................................................................................................. 8

Inputs to the Risk Profiles ............................................................................................................................................ 8

Prioritization of Inherent Priority Risks ......................................................................................................... 12

Risk Groupings ........................................................................................................................................................... 12

Risk Profiles ................................................................................................................................................................... 14

Risk Profile #1: Grid Transformation .......................................................................................................................... 14

Risk Profile #2: Extreme Natural Events .................................................................................................................... 18

Risk Profile #3: Security Risks .................................................................................................................................... 21

Risk Profile #4: Critical Infrastructure Interdependencies ........................................................................................ 24

Preface

NERC | RISC ERO Reliability Risk Priorities Report| November 2019 iii

Preface Electricity is a key component of the fabric of modern society and the Electric Reliability Organization (ERO) Enterprise serves to strengthen that fabric. The vision for the ERO Enterprise, which is comprised of the North American Electric Reliability Corporation (NERC) and the six Regional Entities (RE), is a highly reliable and secure North American bulk power system (BPS). Our mission is to assure the effective and efficient reduction of risks to the reliability and security of the grid.

Reliability | Resilience | Security Because nearly 400 million citizens in North America are counting on us

The North American BPS is divided into six RE boundaries as shown in the map and corresponding table below. The multicolored area denotes overlap as some load-serving entities participate in one Region while associated Transmission Owners/Operators participate in another.

Texas RE Texas Reliability Entity

Preface

NERC | RISC ERO Reliability Risk Priorities Report| November 2019 iv

The Reliability Issues Steering Committee (RISC) is an advisory committee to the NERC Board of Trustees (Board). The RISC provides key insights, priorities, and high-level leadership for issues of strategic importance to BPS reliability. The RISC advises the Board, NERC committees, NERC staff, regulators, REs, and industry stakeholders to establish a common understanding of the scope, priority, and goals for the development of solutions to address emerging reliability issues. The RISC provides guidance to the ERO Enterprise1 and the industry to effectively focus resources on the critical issues to improve the reliability of the BPS. This ERO Reliability Risk Priorities Report (RISC Report) presents the results of the RISC’s continued work to strategically define and prioritize risks to the reliable operation of the BPS and thereby provide recommendations to the Board regarding the approach that NERC, the ERO, and industry should take to enhance reliability and manage those risks.

1 ERO Enterprise is interpreted to mean NERC, the Regional Entities, and the technical committees of NERC.

Executive Summary

NERC | RISC ERO Reliability Risk Priorities Report| November 2019 5

Executive SummaryThe primary objective of the 2019 ERO Risk Priorities Report is to highlight risks that merit attention and recommend actions that align with those risks. This report differs from other ERO reports in that it is a forward-looking view of the BPS. For example, this is in contrast to the State of Reliability2 report, which reviews data from previous years to draw objective conclusions about emerging risks and monitors their mitigation. On September 13, 2019, an initial draft of the report was posted for stakeholder comments. This report reflects the collective opinion of the RISC membership regarding the priorities. The RISC reviewed and assembled information from ERO Enterprise stakeholders and policymakers3 and focused subgroup work to develop an initial composite set of risk profiles. Further review and consolidation resulted in four high level risks: Grid Transformation, Extreme Natural Events, Security Risks, and Critical Infrastructure Interdependencies. The image below illustrates the encapsulation of the identified risks that are further detailed in the Risk Profiles section.

2 2019 State or Reliability Report: https://www.nerc.com/pa/RAPA/PA/Performance%20Analysis%20DL/NERC_SOR_2019.pdf 3 Policymakers is used generally to mean any organization that can impact the legal or regulatory framework in place at various levels,

including local, state, federal, and provincial governmental authorities in addition to various trades and lobbying organizations.

Executive Summary

For the 2019 report, the RISC also significantly reduced the number of recommendations. This was completed by consolidating overlapping recommendations and removing recommendations that reflected ongoing activities; though these activities are important, they are already well underway and monitored as part of NERC’s Long-Term Strategy Plan and applicable NERC committee plans. The graphic below depicts the classification for each of the identified risks.

The Risk Profiles section of this report provides a statement of risk, descriptors of risk, and recommendations for mitigating the risk for each profile. Through the risk profiles, the RISC recommends actionable mitigating activities that enable the ERO Enterprise and industry to use the composite risk profiles and the risk map for baseline and recurring reliability risk evaluations. When possible, the RISC also identified the group or organization that it believes should lead the mitigating action. However, some recommendations do not present a clear owner or responsible party. In these cases, the recommendation is presented as a more generalized action item that can apply to numerous entities, including policymakers, industry, and the various organizations within the ERO Enterprise. The RISC did not assess resource needs for the mitigating actions that will be addressed with industry during the annual ERO Enterprise Business Plan and Budget activities. Additionally, the committee evaluated risks based on impact to the BPS regardless of the source or location of the risk. To evaluate key risks to the system, the RISC recognized emerging issues emanating from different areas of the grid (e.g., resources like distributed energy resources (DERs) that may not be located or directly connected to the BPS). Operators and planners of the BPS are aware of the need to have a wide-area view of changes to the system to provide an understanding of external conditions that can affect them; therefore, the profiles identify several risks where the BPS can be impacted at interfaces (e.g., customers distributed resources, resources located on the electric distribution system, natural gas delivery system, telecom system, water system). The RISC determined it is important to illuminate external factors that increase BPS risk and offer recommendations to address those risks. Common Themes and Emerging TrendsFor risks that the committee recommends active monitoring for, it is important to note that a convergence of centralized themes and emerging trends is present. These themes and trends underscore not only the increasing interdependency between identified BPS risks but also an increase in potential magnitude of emerging risks. Common themes and emerging trends are indicated as follows:

Interdependencies between industries and fuel types

Increased security risks (both cyber and physical)

The increase in natural gas and renewable generation coupled with the decline in nuclear and coal-fired generation

Executive Summary

The importance of emerging technologies and how to best incorporate those into a reliable and secure BPS

Significant changes to the grid require new models and tools for reliable integration

Development of credible and centralized data sharing along with the right tools to proactively analyze system conditions is becoming more critical

Background and Introduction

Background and Introduction This report documents the results of the RISC’s continued work to identify key risks to the reliable operation of the BPS and provide recommendations to mitigate those risks. This report includes recommendations regarding relative priorities to further assist the Board and NERC management as well as industry and its stakeholders. The RISC’s efforts are both responsive to and in support of the Board’s resolutions in connection with the initial 2013 RISC recommendations4 that direct continued work by the RISC to define and prioritize risks, develop mitigating activities, and identify accountable parties for those risks. There are important linkages between the risk priorities and the recommended actions for the ERO Enterprise and industry. While the risk profile recommendations in this report are presented individually, there are interdependencies between many of the risks that present unique challenges to the electric industry. These interdependencies have been acknowledged in the report. Further, many of these risks have been long recognized with commensurate NERC and industry monitoring for proper mitigation whereas others are newly emerging, requiring active management with a more aggressive immediate approach necessary for effective foresight and mitigation. The RISC acknowledges and appreciates the increased reliance of the Board and ERO Enterprise leadership on the results of the RISC’s activities as an input for the ERO Enterprise’s Long-Term Strategy Plan and Business Plan and Budget. The RISC did not assess the resource impacts of the recommendations that will be addressed with industry during the annual ERO Enterprise Business Plan and Budget activities. The RISC participants include representatives from the NERC committees, the Member Representatives Committee, and “at large” industry executives. The observations, findings, and guidance presented in this report include input from industry forums, trade associations, and other industry groups through multiple channels. The RISC also received feedback through an Emerging Risks Survey that garnered over 150 responses. This report relies on and extends the comprehensive initial assessment and corresponding recommendations to the Board made in February 2018 that have been updated and refined. This report and recommendations also reflect discussions with representatives from the NERC committees, the discussion with leaders at the NERC Reliability Leadership Summit, and the many technical reports and assessments conducted by NERC and industry. Inputs to the Risk Profiles Reliability Leadership SummitOn March 14, 2019, NERC and the RISC hosted a summit with leaders of the reliability community, including top industry executives, state and federal regulators, and NERC and Regional Entity senior leadership. The summit focused on three specific areas: regulatory and policymaking during unprecedented change, identifying and mitigating significant existing and emerging landscape of risks to reliability, and providing assurance for the availability of adequate fuel delivery to satisfy energy needs. Open discussion at the end of the summit was held to address these and any other risks that required deeper investigation. Below are the pictograph summaries of each of these sessions.

4 See minutes from the Board’s February 7, 2013, meeting: http://www.nerc.com/gov/bot/Agenda%20highlights%20and%20Mintues%202013/BOT%20-%20February%207%202013%20Minutes.pdf

Background and Information

Reliability Leadership Summit

Regulatory and Policymaking during Unprecedented Change

Identifying and Mitigating Significant Existing and Emerging Landscape of Risks to Reliability

Providing Assurance for the Availability of Adequate Fuel Delivery to Satisfy Energy Needs

Open Discussion

The panel discussions underscored the importance of conducting cross-sector coordination with other industries. The potential impact on reliability from the accelerating proliferation of DERs was discussed along with potential NERC efforts to assess the effects of DERs on the reliable operation of the BPS. Recognizing that the performance of renewable energy resources is affected by weather, the discussions reiterated the importance of improving weather forecasting to mitigate risks associated with its uncertainty. With large increases in renewable resources and natural-gas-fired units, continued retirements of coal and nuclear units is expected. All resources must be integrated into the BPS while ensuring sufficient levels of grid essential reliability services (ERSs) are maintained. While planning for a fundamentally reliable system and recognizing the impacts of grid transformation, it is important to continue to evaluate reserve margins and the appropriate mechanisms for establishing adequate reserve margins, particularly given the changing dynamics of the BPS. The operation of the grid and the relationship between Generator Operators and Balancing Authorities has changed due to proliferation of DERs and the creation of larger Balancing Authorities operated by centralized Regional Transmission Organizations markets. Lastly, the need for higher levels of cyber security will continue to create additional intricacies to BPS reliability. It is important to understand which organizations are accountable for cyber security and long-term security plans. Information technology and operational technology convergences should be recognized and adequate levels of cyber security should be planned for prospectively. For effective implementation of existing and future cyber security standards developed for each of the critical infrastructure sectors, harmonization may be required. Cross-sector communication will be critical to effective management of cyber risks.

Prioritization of Inherent Priority Risks

Prioritization of Inherent Priority Risks Risk Groupings This year is transitional for the RISC Report and includes industry input on each risk profile as well as a new format. In 2018, input was requested from industry for each of the prior year risk profiles. Unlike previous RISC reports where the risk likelihood and impact was derived from the expertise of the RISC members, the 2019 risk mappings of impact and likelihood were derived by using a comprehensive survey provided to industry leaders across the ERO footprint. The survey results have been used to establish a 2020 base line of impacts and likelihood that can be used to trend and benchmark against subsequent RISC reports and analyses. Survey results provided the RISC with a two-fold benefit: a prioritization of the existing risk profiles and the ability to consolidate the profiles from nine5 to four. The 2018 survey did not provide an overarching data collection for each stated risk profile. The survey data is considered relevant and has been reviewed with the expertise and judgement of the RISC members. The prioritization by industry did align with prior year’s heat map placement of each risk profile “bubble.” The data now provides a baseline capability from which the RISC can determine over time how each risk is viewed by industry through its evolution and risk profile lifecycle. In addition, survey data provided quantitative information for the RISC members to discuss prior to heat map finalization. Similar to prior years, the heat map is formatted based on an X-Y axis: X representing the potential likelihood or probability of the risk coming to fruition, and Y representing the perceived impact. Risk profile placement is based on 2019 data where 0 = minimal risk/minimal impact, and 5 = severe risk/severe impact. Consolidation of prior year’s risk profiles from nine to four simplifies high-level discussions on risk identification and phased mitigation or remediation processes. The heat map tracks the risks so industry can consider potential impacts within their organization. The following graphic shows each of the identified individual inherent risk profiles mapped against likelihood and impact scales. The heat map illustrates RISC’s assessment of how the inherent risks of the profiles have changed, if any, from the previous report. Extreme Natural Events and Human Performance and Skilled Workforce had the most significant change (identified in red on the heat map) while all other risks remained in the same general location as the previous report. The orange color on the individual risk heat maps represents the high-level risk profile they are associated with.

5 Critical Infrastructure Interdependencies was added as the tenth risk profile mid-year in 2018 while reformatting the report and developing the Industry Risk Profile Survey.

Prioritization of Inherent Priority Risks

Cyber Security Risk

Changing Resource Mix

Extreme Natural Events

Critical Infrastructure Interdependencies

Bulk Power System Planning

Loss of Situational Awareness

Resource Adequacy and Performance

Human Performance and Skilled Workforce

Increasing Complexity in Protection and Control Systems

Physical Security Risks

2 2.5 3 3.5 4 4.5

RISK PROFILESB A S E L I K E L I H O O D [ X A X I S ]

B A S E I M P A C T [ Y A X I S ]

Risk Profiles

Risk Profile #1: Grid Transformation The transformation of generating resources and fuel sources along with changes in load characteristics is creating new reliability risks from long and short-term planning to real-time operations.

Statement of the RiskPublic inputs along with the influence of regulatory and socioeconomic policies are continuing to drive a significant evolution in the mix of power resources. The shift away from conventional synchronous central-station generators toward a new mix of resources continues to challenge generation and grid planners and operators. This new paradigm of the resource mix includes natural-gas-fired generation; unprecedented proportions of non-synchronous resources, including renewables and battery storage; demand response; smart- and micro-grids; and other emerging technologies. Collectively, the new resources are more susceptible to energy sufficiency issues through common mode contingencies in fuel supply whether the fuel is natural gas or inverter-based. Looking forward, consumers’ desire to decarbonize, individual states’ legislative and regulatory initiatives, expected lower production costs of new resources, and the aging of existing generation infrastructure all will alter the nature and dispatch of generation, leading to further resource and grid transformation. This transformation presents a number of potential challenges and opportunities when it comes to reliability of the BPS as detailed in the risk descriptors below.

Natural

Risk Profiles

NERC | RISC ERO Reliability Risk Priorities Report | November 2019 15

Risk Mapping

Descriptors of the RiskChanging Resource Mix, Bulk Power System Planning, and Resource Adequacy and Performance

Potential Impact on Essential Reliability Services: Transformation of the resource mix can alter the provision of and need for ERSs and other ancillary services needed for BPS reliability and system operations, such as voltage control and reactive support, frequency response, and ramping/balancing. Restoration services, such as blackstart capabilities and procedures, could be affected as well.

Technology with Different Design and Performance Characteristics: The continued integration of large amounts of new resource technologies (e.g., DERs, grid and distribution system-connected inverter-based resources, and energy storage) could lead to inaccurate forecasting of anticipated demand. Further, this integration can also result in other planning and operational challenges if these resource additions are not observable or predictable or are otherwise not taken into account. The dynamic and transient performance and response of these technologies also brings new challenges.

New Data and Information Requirements: The need for data and information about new and changing resource characteristics must be incorporated into the long-term planning, operational planning, and operating time horizons. Some of this new information will be from nontraditional sources (e.g., breakout of penetrations of DERs and inverter operating parameters) that in itself may present challenges to those responsible for incorporating the information into models representing future conditions.

Energy Storage Technologies: Storage capabilities and uses will likely transform both distributed and bulk system operations. Whether in combination with renewables or conventional resources and whether connected to distribution systems or the BPS, storage and hybrid technologies will further magnify the pace of innovation and the evolution of resource capabilities during both steady state and transient conditions.

Cyber Security Risk

2 2.5 3 3.5 4 4.5

GRID TRANSFORMATIONB A S E L I K E L I H O O D [ X A X I S ]

Risk Profiles

Fuel Supply Considerations: Fuel sourcing and disruption capabilities, such as from weather events and other nature-based extreme conditions, are driving new scenarios and case studies and broadening the range of dependencies for reliability planning and operations. Fuel constraints and environmental limitations might not be reflected in assessment of resource adequacy.

Resource Adequacy Guidelines Consideration: In addition to fuel sourcing, other elements of resource adequacy (e.g., transmission development, pipeline construction, and environmental permitting) may need much more lead-time in order to assure future reliability and resource adequacy of the system.

Ensuring Sufficient Flexible Resources to Meet Demand: With the volume of wind and solar resources expected and their characteristic fuel-driven commitment and dispatch capabilities as well as the characteristics of other resources that may constrain their near-term ability to respond, sufficient flexible resources will be needed to meet demand when the less flexible resources are unavailable. The flexible resources will need to be dispatchable within the forecasting period of the less flexible resources becoming unavailable.

Coordination of Behind-the-Meter DERs with the BPS: Distributed generation as well as storage, and other DER technologies currently follow local interconnection requirements and operational protocols, posing potential challenges to the BPS from a planning and forecasting perspective.

Human Performance and Skilled Workforce: The BPS is becoming more complex, and the industry will have difficulty staffing and maintaining necessary skilled workers as it faces turnover in technical expertise.

Loss of Situational Awareness: Loss or degradation of situational awareness poses BPS challenges as it affects the ability of personnel or automatic control systems to perceive and anticipate degradation of system reliability and take pre-emptive action.

Control and Protection Systems Complexity: The interaction and performance of control systems during transient events, including the control systems in remedial action schemes (RASs) and other protection systems, must be understood to prevent new common-mode failures that may not have been anticipated (e.g., the inverter performance as demonstrated during the Blue Cut Fire and related events, misoperation of RAS logic and control systems, interdependencies of RAS operations in sequence and follow through).

Recommendations for Mitigating the RiskAs a result of this complex set of factors, the traditional methods of assessing resource adequacy (i.e., by focusing primarily on generating capacity, transmission and pipeline capacity, and fuel availability at traditional peak load times) may not accurately or fully reflect the ability of the new resource mix to supply energy and reserves for all operating conditions. Historic methods of assessing and allocating ancillary services (e.g., regulation, ramping, frequency response, and voltage support during transient, recovery and follow through) may no longer ensure that sufficient ERSs and contingency reserves are available at all times during real time, next hour, and next day operations. Balancing and ramping concerns that up to now have been largely confined to limited locations will likely expand regionally as solar and wind generation continues to grow and provides a larger portion of the energy mix. Such resources provide challenges in counting as available capacity in traditional integrated resource planning to assure reliability of the BPS in near-term to long-term planning horizons. The combination of these many factors related to resource and grid transformation that offer both challenges and opportunities as a result of the transformation calls for a planned set of NERC activities as described in the following action plan.

Risk Profiles

Resource and grid transformation will require new and updated tools, methods, and strategies that are used in planning, modeling, and operating the BPS. In order to best achieve those goals, the RISC encourages the following actions:

Update data, modeling and assessment requirements to ensure valid and accurate results given resource and grid transformation (ongoing effort): The ERO's Committees should identify the information and modeling capabilities needed to ensure the efficacy of assessments while taking into consideration the complex and interrelated aspects of the ongoing transformation. The ERO should also pay close attention on settings of controllable devices and power electronics installed to stabilize the system. The risk of cascading continues to increase and more remedial action schemes with its complexity are added to BPS system.

The technical committees should establish and implement an approach to evaluate the potential impacts of energy storage on reliability: Work with industry stakeholders to use available information and experience to support an evaluation of energy storage implications.

Improve inverter-based resource BPS interconnection and operation and stay abreast of new technologies, such as storage/hybrid resources: The ERO Enterprise should continue its effort to address the recommendations of the Inverter-Based Resource Performance Task Force (IRPTF)6.

Ensure sufficient operating flexibility at all stages of resource and grid transformation: System operators and planners should ensure sufficient flexible ramping/balancing capacity is available as a tool to meet needs of changing patterns of variability and new characteristics of system performance.

6 IRPTF Recommendations - https://www.nerc.com/comm/PC_Reliability_Guidelines_DL/Reliability_Guideline_IBR_Interconnection_Requirements_Improvements.pdf

Risk Profiles

Risk Profile #2: Extreme Natural Events Statement of the RiskExtreme natural events (e.g., storms, wildfire) cause a significant proportion of major BPS impacts. For example, NERC’s 2019 State of Reliability report7 noted weather was responsible for both Category 3 events (there were no Category 4 or 5 events) across the ERO Enterprise’s footprint in 2018. Extreme natural events tend to be regional in nature. Natural events may affect BES equipment, resources, or infrastructure required to operate the BES. Certain events are unique to areas that they impact while others may occur in any area of the BPS. Each type of event brings unique challenges from supply sufficiency, spare-parts availability, delivery, and restoration perspectives. Preparation and proactive planning of procedures and protocols are critical for utilities to assess and determine appropriate steps for both reliability and resiliency.

Risk Mapping

7 https://www.nerc.com/pa/RAPA/PA/Performance%20Analysis%20DL/NERC_SOR_2019.pdf

Cyber Security Risk

2 2.5 3 3.5 4 4.5

EXTREME NATU RAL EVENTSB A S E L I K E L I H O O D [ X A X I S ]

Risk Profiles

Descriptors of the RiskVarious North American regions routinely incur severe natural events, such as hurricanes and extreme cold weather. While the risk of these events in those regions is high, the relative impact on the BPS is low. See the following examples:

Hurricanes: They can cause widespread destruction to BES equipment, degradation of communication capabilities, loss of load, and damage to generation resources. Recovery and restoration efforts can be hampered due to the size or scope of the storm and damage to interdependent infrastructure.

Tornados/Derecho: They can cause localized destruction to BES equipment, local degradation of communication capabilities, loss of load, and damage to generation resources. Recovery and restoration efforts can be hampered due to local damage to interdependent infrastructure

Extreme Heat and Drought: They can cause higher than anticipated demand, overloading and failure of BES equipment, and degradation of resource availability. There can be limited water available for operating hydroelectric generation or reduced cooling water capacity. Drought can also be a precursor to wild fire risk as described in the next bullet.

Wild Fires: They can be a direct threat to BES equipment. Pre-emptive actions must be taken to de-energize equipment without causing additional cascading effects in areas where wild fire risk is significant.

Flooding: This can occur in any area and in any season of the year. The impacts from flooding include mechanical damage to BES equipment, degradation of clearances, fuel infrastructure, personnel access, and communications capabilities.

Extreme Cold Weather (Polar Vortices): This can cause higher than anticipated demand, overloading and stress failure of BES equipment, and degradation of resource availability via mechanical failure or fuel supply interruption.

Other types of severe natural events, though less likely, could have a higher impact given the potentially broader geographic footprint. See the following examples:

Earthquakes: These are possible in many areas of the United States and Canada. Depending on the scope and magnitude of the event, mechanical damage may occur to BES facilities and interdependent infrastructure (e.g., communications, fuel, transportation). The duration to recover from earthquakes could be long, and further assessment and coordination is required among utilities and the ERO Enterprise.

Geomagnetic Disturbances: These can induce harmonic currents in BES circuits and equipment. The impacts of these induced currents may include overheating of transformers, relay misoperations, and increased reactive demand or damage to reactive resources. GMD events can also affect communications capabilities, fuel delivery, and GPS systems.

Recommendations for Mitigating the RiskExtreme natural events and their potential impacts on BPS reliability should be monitored and addressed to maintain reliability and improve resiliency. Based on uncertainties predicting some events, it is important for operations and planning personnel to remain vigilant and prepare for high-risk seasons by learning from prior events, practicing recovery efforts, and anticipating impacts of an event to critical infrastructure needed to operate or restore the BES.

Risk Profiles

In order to best achieve those goals, the RISC encourages the following actions:

Special assessments of extreme natural event impacts, including capturing lessons learned, creating simulation models, and establishing protocols and procedures for system recovery and resiliency: The ERO Enterprise should conduct detailed special assessments of extreme natural event impacts by geographical areas that integrate the following:

Infrastructure interdependencies (e.g., telecommunications, water supply, generator fuel supply)

Analytic data and insights regarding resilience under severe weather conditions

Based on those assessments, the ERO Enterprise should develop detailed special assessments on possible mitigation plans and provide a roadmap for its implementations. The road map should include specific protocols and procedures for system restoration and system resiliency.

Development of tools for BPS resiliency: The Department of Energy (DOE) is in process of developing appropriate tools for BPS resiliency and NERC, the ERO, the North American Transmission Forum (NATF), and the North American Generator Forum (NAGF) should work with DOE in assessing the tools as well as develop guidelines, industry recommendations, and procedures for industry to follow.

Understanding of Geomagnetic Disturbance (GMD) events on BPS: The ERO Enterprise should continue working with the Electric Power Research Institute (EPRI) and others to conduct research and development to further understand impacts from geomagnetically induced current on BES facilities to support enhancements to models and standards and to facilitate preparedness consider preparing sensitivity analyses to simulate the impacts in a planning area. The ERO Enterprise should assist the industry to implement the necessary protocols and mitigation plans to reduce the risk in maintain reliability and security for the BPS.

Risk Profiles

Risk Profile #3: Security Risks Statement of the Risk Operational security is an essential component of a highly reliable BPS. Cyber and physical security are interdependent aspects as exploitation of either physical or cyber security risks could be used to compromise the other dimension. Resulting impacts could cause asset damage or loss of functionality and situational awareness needed to reliably operate or restore the BPS. Exploitation could occur directly against equipment used to monitor, protect, and control the BPS or indirectly through supporting systems, such as voice communications or interdependent critical infrastructure sectors8 and subsectors (e.g., water supply and natural gas used for electrical power generation). A coordinated cyber and physical attack scenario that is, potentially targeted to occur simultaneously with an extreme natural event, could further impact reliability and/or complicate recovery activities. A man-made electromagnetic pulse (EMP) event targeted at the BPS may impact operations and result in damaged equipment that may require an extended period of time to replace. The volume, frequency, and sophistication of cyber exploits is increasing and could potentially disrupt a broad (e.g., interconnection-wide) footprint. Significant physical security events have been rare and the impact is likely to be more geographically constrained. EMP events are far less likely to occur but may carry a highly consequential security risk.

8 https://www.dhs.gov/cisa/critical-infrastructure-sectors

Risk Profiles

Risk Mapping

Descriptors of the RiskPhysical Security Risks: The nature and impact of physical vulnerabilities are better understood than other security risks (e.g., cyber or EMP). The impacts from significant physical attacks are likely to be more localized geographically. There is modest, ongoing evolution of the physical security risk via drones. The largest risk considerations are considered to be the co-dependence with cyber security (e.g., computer controls for physical access) and the prospective impact of replacing long lead-time equipment (e.g., large power transformers) damaged during an attack.

Cyber Security Risks: Exploitation of cyber security risks could arise from a variety of external and/or internal sources. Additionally, the operational and technological environment of the electrical grid is evolving significantly and rapidly, potentially increasing the potential cyberattack-surface. Sources of potential exploitation include increasingly sophisticated attacks by nation states, terrorist, and criminal organizations. Vulnerability to such exploits are exacerbated by insider threats, poor cyber hygiene, supply-chain considerations, and dramatic transformation of the grid’s operational and technological environment. These transformative changes include convergence of information and operational technology (IT/OT), reliance on cloud-based technology, and potential workforce knowledge gaps.

Electromagnetic Pulse Risk: An EMP is a short-duration, high-energy burst that may be disruptive or damaging to electronic equipment. For security purposes, EMP refers to man-made sources. A high-altitude EMP (HEMP) is an electromagnetic pulse stimulated by a nuclear blast in the atmosphere and such action would likely be initiated by a nation-state and thus have clear national security implications. HEMP concerns include the large geographic footprint susceptible to the pulse, range of electric grid equipment at risk (generation, transmission, distribution, and load), and lack of definitive forewarning. Smaller, handheld devices are relatively limited in potential impact and can be considered analogous to a physical attack.

Cyber Security Risk

2 2.5 3 3.5 4 4.5

SECU RITY RISKSB A S E L I K E L I H O O D [ X A X I S ]

Risk Profiles

Recommendations for Mitigating the RiskNERC, in collaboration with industry, should evaluate the need for additional assessments of the risks of attack scenarios (e.g., vulnerabilities related to drone activity, attacks on midstream or interstate natural gas pipelines or other critical infrastructure).

The Electricity Information Sharing and Analysis Center (E-ISAC) should encourage continued industry efforts on workforce cyber education to raise awareness of methods and tactics used by cyber attackers (e.g., email phishing, credential theft).

NATF and NAGF should develop supply chain cyber security superior practices.

E-ISAC should execute a long-term strategy to improve cyber and physical security information-sharing, protection, risk analysis, and increase engagement within the electric sector as well as with other ISACs.

NATF, NAGF, Trades Associations, and E-ISAC should develop tiered security performance metrics. Such metrics would track and evaluate events and use predictive analysis to identify and address prospective vulnerabilities on a risk-prioritized basis.

NERC should facilitate the development of planning approaches, models, and simulation approaches that reduce the number of critical facilities and mitigate the impact relative to the exposure to attack.

NERC’s EMP taskforce should highlight key risk areas that arise from the EPRI’s EMP analysis for timely industry action.

Risk Profiles

Risk Profile #4: Critical Infrastructure Interdependencies Statement of the Risk Significant and evolving critical infrastructure sector (e.g., communications, water/wastewater) and subsector (e.g., oil, natural gas) interdependencies are not fully or accurately characterized, resulting in incomplete information about prospective BPS response to disruptions originating from or impacting other sectors or subsectors and resultant reliability and security implications.

Risk Mapping

Cyber Security Risk

2 2.5 3 3.5 4 4.5

CRITICAL INFRASTRUCTURE INTERDEPENDENCIESB A S E L I K E L I H O O D [ X A X I S ]

Risk Profiles

Descriptors of the RiskSector interdependence is becoming more critical, such as the added importance of digital communications for electric system protection and control and voice communications for emergency response and restoration.

Subsector interdependence is increasing (e.g., growing reliance on natural gas as an electrical generation fuel source with potential needs for fuel switching in the event of natural gas unavailability), creating the potential for more limiting contingencies, including single-point failures.

Cross-sector and subsector implications and coordination are not routinely socialized or thoroughly tested during drills.

Governmental oversight and regulatory constructs differ widely among the sectors and subsectors, impeding information sharing and alignment.

Recommendations for Mitigating the Risk

NERC, in collaboration with industry and industry partners, should identify and prioritize limiting conditions and/or contingencies that arise from other sectors that affect the BPS.

NERC and industry partners should host strategic interactions among critical infrastructure partners (e.g., industry and regulators) to identify and align on mutual priorities.

NERC and industry partners should increase emphasis on cross-sector considerations in industry drills (e.g., NERC Grid-Ex, DOE drills, utility exercises (e.g., Southern California Edison (SCE) Resilient Grid Exercise)).

NERC should evaluate the need to conduct special regional assessments that address natural gas availability and pipeline impacts under physical attack scenarios.

EPRI and the DOE should continue their work on communication alternatives but also the use of same or similar technologies for critical SCADA data. New technologies should be explored that could assist in providing unique and hardened back-up telecommunication methods for the most critical data.

NERC and industry partners should conduct various meetings and conferences to highlight the importance of cross-sector interdependence and coordination, such as the NERC Reliability Summit, NATF/EPRI resiliency summits, and FERC/DOE technical conferences.

agenda compliance and certification committee highlights and...agenda – compliance certification...

Documents

certification scheme compliance

certification requirements for battery system compliance...

battery compliance certification program

compliance certification reportdocumentation for the ....

sponsored projects compliance certification program

durability & reliability means of compliance · compliance...

environmental compliance inspector certification - cwea

rca bermuda compliance certification programme bermuda...

compliance certification checklist and forms booklet ·...

guideline for certification of halal compliance

certification requirements for battery system compliance

cuna regulatory compliance certification eschool:...

2012 self-certification-plus compliance form

compliance certification - in.gov

compliance design and certification for iot cellular ... ·...

2010 self-certification-plus compliance form

10 bfug conference - certification and compliance options

compliance enforcement and organization certification

charter school compliance certification

evaluation of international comparable compliance,...