npcc compliance webinar welcome
play

NPCC Compliance Webinar Welcome Scott Nied Assistant - PowerPoint PPT Presentation

NPCC Compliance Webinar Welcome Scott Nied Assistant Vice-President, Compliance July 14, 2020 7/14/2020 1 The ERO Golden Circle Why, How, What 7/14/2020 2 Example of ERO CMEP Aspirations The Staff initiatives and behavior are


  1. NPCC Compliance Webinar Welcome Scott Nied Assistant Vice-President, Compliance July 14, 2020 7/14/2020 1

  2. The ERO Golden Circle Why, How, What 7/14/2020 2

  3. Example of ERO CMEP Aspirations • The Staff initiatives and behavior are centered around our “why.” • Monitoring engagements are not just about compliance. It is more holistic. Is security and reliability sustainable? Stakeholders identify with our transformational activities and see value in their monitoring • engagement with us. 7/14/2020 3

  4. Note: Audit Preparation • Successful audits take effort and need project management • Understand the Requirements • Know what the auditor is looking for. There are measures in the Requirement and auditor approaches in RSAW. • Acquire, track, and log your evidence. • The CIP ERT, PRC-005 components, list of BES facilities; all need to be accurate. That affects the sampling process. Analyze your evidence • Annotate the evidence. (Or a data request is needed.) • Develop relevant compliance narratives that accurately and succinctly speak to the evidence that • you provide and how it supports your compliance. User Guide: A recommendation is to give the same evidence to someone within your organization who is – less familiar with it to determine if you have provided sufficient context or explanation. • Package your evidence, Use naming conventions as per the ERT user guide, Review folder structure of evidence submittals; so NPCC can find it. • Perform a Mock Audit • Uniform effort: Sys Ops, Prot Eng, Substations, Trans Eng, Trans Plan, Line Clearance, EMS Support, IT, Network Security • Ensure SMEs understand how the evidence that you are presenting makes you compliant 7/14/2020 4

  5. COVID-19 Noncompliance Logging Damase Hebert July 14, 2020, NPCC Workshop 1

  6. ERO Enterprise Guidance addressing Noncompliance Related to Coronavirus Impacts Issued May 28, 2020 2

  7. May 28 Guidance • Maintaining Safety of workforce and communities • Assure Reliability of bulk power system during public health emergency. • Self-log noncompliance. 3

  8. May 28 Guidance • Applies to minimal and moderate risk noncompliance • Applies to periodic and non-periodic actions. • Expires September 30, 2020 4

  9. 5

  10. NPCC COVID-19 Notification Spreadsheet • Standard, Requirement, Functions • Start and Possible End Dates. • Compliance impact details and mitigating controls • Justification for Exception. 6

  11. NPCC On-site Activity • Suspended through 2020 • Off-site activity continues 7

  12. Questions • Questions? Email: COVID19_Notifications@npcc.org 8

  13. CIP Evidence Request Tool v4.5 v4.0 to v4.5 Change List July 14, 2020

  14. Agenda • CIP ERT Version 4.5 User Guide • Using the ERT • Submitting the ERT and Responses • General Recommendations • Tips for Evidence • ERT and RSAW 2

  15. CIP ERT 4.5 User Guide – Key resource when completing the ERT – Sent with audit notification package – Available on NERC website: CIP v5 Transition Program CIP ERT Version 4.5 3

  16. Using the ERT ERT Level 1 – Initial Evidence Request – 90 requests depending upon scope – Also requested in RSAW – Documentation focused: • Policies • Programs Procedures • • Processes • Diagrams • Configurations • Etc. – Populations of Cyber Assets, etc., that will be used for generating the Sample Sets in the Level 2 Evidence Request. Bright Green rows indicate that there is a tab to be completed. 4

  17. Using the ERT ERT Level 1 - Sampling Population Tabs • 13 Sampling Populations depending upon audit scope. • Each population has a tab that must be completed. All fields on the tab should be completed or blank as appropriate . For requests anywhere in the ERT on standards or requirements that are not in scope for the audit simply state “Not in scope”. • The CIP Evidence Request Tool User Guide v4.5 has detailed instructions for completing each tab and each column in the ERT. • Pay attention to true/blank drop downs, pick lists and date of activation/deactivation. • When in doubt, contact your Audit Team Lead. 5

  18. Using the ERT NPCC TAB Used by audit team to ask questions and request evidence that may not be covered by the ERT or RSAW. This tab is also used to document onsite questions • Each request is assigned a unique number • Multiple rounds of questions will be separated by a yellow bar • Initial questions may be available with the L1 6 requests. 6

  19. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 7

  20. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 (cont.) * Sampling performed in alignment with the ERO Sampling Handbook 8

  21. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 (cont.) Level 2 Evidence Requests Request IDs CIP-005-R2-L2-01 to CIP-005-R2-L2-03 apply to the cyber assets selected in SS-005-R2-L2-01 9

  22. Using the ERT Sample Sets Example – Sampling Dates These can be a range or ranges of dates throughout the audit period. SS-Date-XX will be documented on the NPCC Tab of the ERT and sent with the Level 2 requests. 10

  23. Submitting the ERT and Responses Naming Conventions – Each line of the Level 1 and Level 2 tabs contains a “Request ID,” which uniquely identifies each request. Level 1 Tab Level 2 Tab CIP- sss -R r -L m - nn – sss is the three-digit CIP Reliability Standard number; – r is the Requirement number within the Standard; – m is the level of the evidence request (either “1” for Level 1 or “2” for Level 2); – nn is a two-digit request number within the Standard, Requirement, and Level. 11

  24. Submitting the ERT and Responses Folder Structure • Response Level • ERT Request ID • NPCC Data Request # 12

  25. General Recommendations • Review the Audit package instructions when submitting evidence artifacts (ex. Filling out the ERT and usage of evidence narratives) – Review accuracy of assets on the ERT – Provide narratives with evidence artifacts – Use naming conventions as per the user guide – Review folder structure of evidence submittals 13

  26. Tips for Evidence • Submit supporting documents with brief explanations of evidence files (i.e. README files or narratives). • Screen Shot Evidence – Annotate if possible – Cyber Asset Name/Identifier – Date & Time • Photographic Evidence – Annotate if possible – Front and back of device – Cyber Asset Name/Identifier Tag 14

  27. ERT and RSAW • ERT, ERT responses and RSAWS must be submitted. • Cite ERT responses in RSAW if the same evidence is being used to demonstrate compliance. • Additional evidence may be required to support RSAW responses 15

  28. Questions? Please send all questions to cip@npcc.org 16

  29. Data Validation Kimberly Griffith Senior Compliance Engineer 5/20/2020 1

  30. • New Registration Requests • Changes to Existing Registrations Registration Information • 7/14/2020 2

  31. CORES Functionality: Accessing CORES 5/20/2020 3

  32. CORES – My Entity Validation Summary Form Section Instructions Basic Information Ensure all fields are filled out correctly and add information if applicable. Upstream Holding Companies Add the top tier Holding Company and, if applicable, all NERC registered affiliates. Contacts (Roles - PCC, ACC, Temporary Contact Role Change Process PCO, etc.) • Until further notice, any changes made to Compliance Contact Roles (PCC, ACC, PCO, etc.) will be made in CDAA - NOT in CORES. • Please let me know if you make changes in CDAA so I can make them in CORES. Entity Scopes Ensure all fields are filled out correctly (effective date of the NERC reliability function(s) per region). Functional Mapping Functional Relationships. Please add, if available. Required for new registrations in CORES. Coordinated Oversight If applicable, review the Coordinated Oversight entity list. CFR If a Coordinated Functional Registration (CFR) record exists, review the information for accuracy. JRO If a Joint Registration Organization (JRO) record exists, review the information for accuracy. Comments & Attachments Upload supporting documents, etc. 5/20/2020 4

  33. Resources - Help Desk • Select the Help Desk option • This opens a page where you can submit a ticket to the NERC Help Desk – https://support.nerc.net/ 5/20/2020 5

  34. CORES Resources Resource Link ERO Portal Access https://eroportal.nerc.net/ ERO Enterprise Help Desk https://support.nerc.net/ ERO Portal User Guide https://www.nerc.com/pa/comp/RegistrationReferenceDo csDL/User Guide_ERO Portal.pdf NERC CORES Training https://training.nerc.net/ NERC Project Page https://www.nerc.com/pa/comp/Pages/CORESTechnology Project.aspx NERC Registration Page https://www.nerc.com/pa/comp/Pages/Registration.aspx NPCC Registration Page https://www.npcc.org/Compliance/Compliance Registration1/Forms/Public List.aspx 5/20/2020 6

  35. Contact Kimberly Griffith Senior Compliance Engineer 646-276-5332 (cell) 212-205-7051 (office) kgriffith@npcc.org 5/20/2020 7

  36. NPCC C FA FAC-008 F Focused ed Ou Outreac each and Complian ance B e Bulletins NPCC Webinar July 14, 2020 Ben Eng, Mgr. ERA 1

  37. Objectives • Why the Focus on FAC-008-3? • NPCC Survey results • Suggested Actions from NPCC • What is NPCC doing to address these concerns? 2

Recommend


More recommend