Michael Dalebout WECC NERC Align 2 Benefits Improve the - PowerPoint PPT Presentation

NERC Technology Update April 18, 2019 Michael Dalebout WECC

NERC Align 2

Benefits ▪ Improve the ability of NERC and the Regions to share and analyze compliance information ▪ Increase the efficiency of ERO Enterprise operations by delivering common tools across the ERO Enterprise ▪ Define and ensure alignment of common CMEP business processes for consistency in practices and data gathering ▪ Ensure the ERO Enterprise continues to meet its obligations for planning, conducting, and reporting on the CMEP ▪ Deliver a common platform and registered entity experience 3

Improvements ▪ Single interface across regions ▪ Standardized forms and templates ▪ Consistent tracking ▪ Enhanced reporting ▪ Incorporated evidence and enforcement records ▪ Single self-certification process for all types 4

Security ▪ Security Technologies and Approach ▪ NIST 800-71 Guidance; ISAE3402 ▪ FEDRAMP solutions (AWS, Azure) ▪ Multi-factor Authentication ▪ Encryption Technologies ▪ Incident Response Plans 5

Entity Impact CORES Align Release Release Release CORES 1 3 2 Go-Live End of June ‘19 Est. Q1/Q2 2020 Est. Q3/Q4 2020 September ‘19 Managing entity Self-Certification, Self-Reporting and Audits, Spot Checks, registration and contact Periodic Data Self-Logging, Compliance information Submittals (PDS), and Enforcement, and Investigations, Technical Feasibility Mitigation. Complaints, and Exceptions (TFE) Compliance Planning 6

Functionality Release 1 ▪ Create and submit Self-Reports and Self-Logs ▪ Create and manage mitigating activities Registered (informal) and Mitigation Plans (formal) Entity Users ▪ View and track Open Enforcement Actions (EA) (resulting from all monitoring methods) ▪ Receive and respond to Requests for Information (RFI) ▪ Receive notifications and view dashboards on new/open action items ▪ Generate report of Standards and Requirements applicable to your entity ▪ Manage user access for your entity 7

Align Release 2 Functionality Release 3 Functionality Est. Q1/Q2 2020 Est. Q3/Q4 2020 • Compliance Planning (Risk, CMEP • Technical Feasibility Exceptions Implementation Plan, Inherent (TFE) Risk Assessment, Internal Controls • Periodic Data Submittals (PDS) Evaluation, Compliance Oversight • Self-Certifications Plan) Note: A strategy is being developed for • Compliance Audit how these monitoring methods will be • Spot-Check managed in the gap between releases • Compliance Investigations • Complaints 8

Training Date City, State August 27, 2019 Westminster, CO In-Person Training Tri-State Generation and Transmission Association, Inc. August 29, 2019 Folsom, CA In-Person Training California ISO September 5, 2019 WebEx In-Person Training & Webinar Salt Lake City, UT WECC September 10, 2019 Portland, OR In-Person Training Bonneville Power Authority September 12, 2019 East Wenatchee, WA In-Person Training Douglas County PUD 9

Contact: Michael Dalebout Registration Manager mdalebout@wecc.org 10