WECC COMPLIANCE 101 Webinar Thursday, October 9, 2014

Agenda Introductions Laura Scholl Overview of WECC and Regulatory Structure Connie White Audit – What to Expect Stacia Ellis and Bill Fletcher Enforcement Overview Rachael Ferrin, Richard Shiflett, Haley Sousa, and Joelle Bohlender webCDMS and EFT Brittany Power

Overview of WECC and Regulatory Structure Constance White Vice President of Compliance and Acting Regional Manager

And Regulatory Structure COMPLIANCE 101 Overview of WECC And Regulatory Structure

WECC Profile The Western Electricity Coordinating Council (WECC) is a non-profit corporation that exists to assure a reliable bulk electric system in the geographic area of the Western Interconnection. This area includes all or parts of the 14 western United States, two Canadian provinces, and the northern portion of Baja California, Mexico.

WECC History Incorporated in 2002 Predecessor, WSCC formed in 1967 Largest geographic area of the eight Regional Entities Entire Western Interconnection (1.8 million square miles) - includes all or part of 14 U.S. states, 2 Canadian provinces and a portion of Baja California Norte, Mexico Non-Governmental Industry participants join together to promote system reliability Bifurcation in February 2014 changed functions

WECC Coverage Service Area 1.8 million square miles 126,285 miles of transmission Population of 78 million

WECC Organization Independent Board of Directors 9 members Committees Members Advisory Committee Members Grid owners, operators, users Stakeholders State and Provincial

Bifurcation Peak Reliability assumed responsibility for Reliability Coordination Operate two Reliability Coordination Offices (Vancouver WA and Loveland CO) that provide situational awareness and real-time supervision of the entire Western Interconnection

WECC Services Transmission expansion planning Studies Management of a comprehensive planning database Provide coordination of sub-regional planning processes Analyses and modeling Studies Model the system and perform studies under a variety of scenarios to set operating policies and limits

WECC Services Loads and Resources Assessments Operator Training WREGIS Perform annual assessment of 10-year loads and resources Maintain 10-year coordinated plan of system growth Provide information to NERC for summer and winter assessments of the reliability and adequacy of the bulk-power system Operator Training Provide training sessions for operators, schedulers and dispatchers WREGIS Hosts the Western Renewable Energy Generation Information System, which creates and tracks renewable energy certificates

WECC Services Delegation Agreement Perform functions delegated to WECC as a Regional Entity under Delegation Agreement with NERC, including regulating entities subject to mandatory Reliability Standards

Mandatory Reliability Regulation Northeast Blackout of 2003 10 Million people in Ontario, Canada 45 million people in eight U.S. states

Task Force Report Final report of the U.S.- Canada Power System Outage Task Force on the 2003 blackout concluded: the single most important recommendation for preventing future blackouts, and reducing the scope of those that occur, is for the U.S. government to make reliability standards mandatory and enforceable.

Task Force Findings Inadequate System Understanding Inadequate Situational Awareness Inadequate Tree Trimming Inadequate Reliability Center Diagnostic Support

Congressional Action Energy Policy Act of 2005 “Section 215” On August 8, 2005, the Energy Policy Act of 2005 (EPAct 2005) was signed into law. “Section 215” Section 215 of the EPAct 2005 directed FERC to certify an Electric Reliability Organization (ERO) and develop procedures for establishing, approving and enforcing electric reliability standards.

Authority for Compliance Monitoring FERC Order 672 (Implementing Rule 18 CFR 39) Responsibility and oversight assigned to FERC FERC designated NERC as Electric Reliability Organization NERC has delegation agreement with WECC and seven other regions

Implementing Section 215 SECTION 215 Creates Electrical Reliability Organization (ERO) FERC names NERC as ERO Regional Entities NERC selects 8 regional entities WECC is selected for Western Interconnection Delegation Agreement NERC and WECC sign agreements WECC oversight begins in Western Interconnection

Development of Mandatory Reliability Standards Critical Infrastructure Protection (CIP) standards become mandatory and enforceable December 2009 (FERC Order 706) Operations and Planning (O&P) Standards become mandatory and enforceable June17, 2007 (FERC Order 693)

Order 693 & Order 706 Standards Order 693 (Operations and Planning) includes: Resource and Demand Balancing (BAL) Emergency Preparedness & Operations (EOP) Facilities Design, Connection & Mtnce. (FAC) Protection and Control (PRC) Order 706 (CIP) includes: Critical Cyber Asset Identification Personnel & Training Electronic Security Perimeters

WECC Compliance Recommends Registrations for Entities Register users, owners, operators according to function Monitors Compliance with Standards Monitor compliance by users, owners and operators of the bulk power system in the United States Enforces Compliance Violation mitigation and settlement negotiation Representation of WECC in any hearing or appeal process Administration Audit coordination Reporting systems webCDMS and EFT

In summary…

Reliability Standards Authority CMEP Reliability Standards Delegation Agreement Federal Power Act 2005

Registration Registration Authority WECC recommends registration to NERC based on functions New tool Discussed by Brittany Power later Authority

Monitoring Other Self Certifications Registration Self Reports Audits Onsite Audit Offsite Audit Self Reports Self Certifications Spot Checks Compliance Violation Investigations Complaints Authority

Enforcement Mitigation Actions Settlement Registration Monitoring Risk Assessments Mitigation Actions Settlement Due Process If a violation is identified, due process includes Notice of Alleged Violation and Penalty or Sanction Registered Entity Response Request for Settlement or Hearing NERC Approval FERC Approval Mitigation of Violations Prompt mitigation of violations and of risk to BES is important Mitigation is not an “admission of guilt” WECC reviews mitigation plans and accepts, rejects or requests revisions WECC reviews completion of mitigation activities Authority

Education/Outreach Education/Outreach Registration Enforcement Monitoring Enforcement Compliance User Groups/ Critical Infrastructure Compliance User Groups Open WebEX - Monthly Targeted Training CIP 101 WebCDMS and EFT Compliance 101 Ad Hoc as needed e.g. CIP v.5 Authority

Reference Documents Compliance Monitoring and Enforcement Program (CMEP) & WECC’s annual plan Delegation Agreement Rules of Procedure NERC Standards and WECC Regional Standards NERC Guidance, Bulletins, Directives and Compliance Application Notices (CANs) FERC Orders

Stacia Ellis Compliance Program Coordinator Notice of Audit Stacia Ellis Compliance Program Coordinator

Notice of Compliance Audit Packet Notice of Audit Letter Compliance Monitoring Authority Letter Audit Team Biographies Confidentiality Agreements

Notice of Compliance Audit Packet Certification Letter Pre-Audit Data Requests Pre-Audit Survey Audit Scope and WECC RSAWs

Notice of Compliance Audit Letter 90-Day Notice of Audit Letter Details of your specific Audit Dates of Audit Audit Scope Due Dates Audit Team Composition, observers (if applicable) Observers can include FERC/NERC Date/time of proposed Pre-Audit Conference Call Opening Presentation Suggestions

Notice of Compliance Audit Letter Audit Team Composition Primary Audit Team Individuals expected to participate in the Audit Alternate Audit Team Individuals available to act as backup or replacements for Primary Team members

Attachments A, B and C Attachment A Attachment B Attachment C Informational; Explanation of Compliance Monitoring Authority Attachment B Short Biographies of the WECC Audit Staff Attachment C Signed Confidentiality Agreements of the WECC Audit Staff

Attachments D and E Attachment D Attachment E Audit Scope RSAWs (Reliability Standard Audit Worksheets) Customized for your Entity and your audit Based on your Registered Functions and Audit Scope Attachment E Certification Letter Must be printed on your company letterhead and signed by an Authorized Officer Certifies that the information being provided for the Audit is accurate

Attachment F Attachment F Pre-Audit Survey Verify contact information Audit Logistics List any delegation agreements Signed by Authorized Officer Please complete all applicable fields

Attachment G Attachment G Why are we doing this to you?!? Pre-Audit Data Requests Why are we doing this to you?!? Clarifications for data submittals Specifying types of evidence to remove some of the guesswork

Att G – Operations & Planning (O&P) Data Some evidence may apply to more than one Standard One copy is sufficient, but document inventories or “roadmaps” are appreciated Single Line Diagram Requested for the majority of Audits

Att G – Cyber Security (CIP) Data CIP-004 – CIP-009 may not be applicable based upon the Critical Asset/Critical Cyber Asset determination Determined by CIP-002-3 Requirements 2 & 3 Complete RSAWs indicating absence of CA/CCA identification 2015 CIP audits will include CIP v5 outreach If you have any questions please contact Brent Castagnetto at bcastagnetto@wecc.biz or 801-819-7627

Attachment H Attachment H Audit Feedback Now sending with initial package Feedback is encouraged for all phases of audit.

Operations and Planning (O&P) Audit Periods Defined Audit Periods, for O&P and CIP, are clearly defined in Attachment G for both: Operations and Planning (O&P) Cyber Security (CIP)

Audit Frequency 3 year cycle Entities registered as a: All others Balancing Authority (BA) Transmission Operator (TOP) or Reliability Coordinator (RC) All others Generally a 6 year cycle. Subject to flexibility in the future as part of NERC’s Reliability Assurance Initiative (RAI).

Outreach “Howdy Call” A few days after Notice of Audit Packet is uploaded to the EFT Server.

Recommendations Know the Reliability Standards Use the RSAWs as guides Ask questions Participate in Outreach (CUG/CIPUG) We are here for you… Questions Comments Concerns

Audit Approach and Best Evidence William Fletcher Senior Compliance Auditor, Operations and Planning

Compliance Audit (on-site vs. off-site) Primary difference is: Location of audit conduct Scope is typically smaller for off site. On-Site – Required for RC, BA, TOP functions Per NERC Rules of Procedure 403.11.2

Compliance Audit (on-site vs. off-site) Documentation sent to WECC before audit for preliminary review The audit team reviews evidence during off-site week or the first week of the audit and completes its review during the second week or on-site week Data Requests or DRs In-person interviews for clarification Off-Site Entity may be present at audit if desired Telephone interviews for clarification

Audit Approaches We audit to the Requirements of the Standards General Approaches included in RSAW RSAW may ask specific questions Always includes the section: “Describe, in narrative form, how you meet compliance with this requirement.”

Audit Approaches “Describe, in narrative form, how you meet compliance with this requirement.” Describe here how your company knows it is compliant with this requirement and how you know you have been compliant for the entire period of the audit. Your place to describe your internal controls. Your evidence should support your narrative.

Audit Approaches List the evidence provided in the RSAW. This road map is important Compliance Assessment Approach in RSAW is used as a checklist. Data Request (DR) for gaps or samples Document & record review is primary Interviews and observations are usually for Corroborating

Sufficient Audit Evidence Sufficiency of Evidence The measure of the quantity of evidence Quantity of evidence is dependent on the scope of the audit Extra quantity does not make up for poor quality Ensure you provide enough evidence to demonstrate compliance for the entire audit period.

Sufficient Audit Evidence Sampling is used to limit the amount of detailed evidence provided. Normally used in conjunction with summary of a full set of data. Sampling used to assess details. Reduces the burden on the Audit Team but not really on the Entity Audit Team must select the samples

Appropriate Audit Evidence Appropriateness The measure of the quality of evidence Relevance Validity Reliability

Appropriate Audit Evidence Quality of Evidence Good Internal Controls point to reliable evidence. Direct observation is more reliable than indirect observation. Examination of original documents is more reliable than examination of copies. Testimonial evidence from system experts is more reliable than from personnel with indirect or partial knowledge.

Types of Evidence Physical Evidence Documentary Evidence Testimonial Evidence Compliance Audits may use all three types but Documentary Evidence is by far the most frequent type of evidence assessed and relied on.

Testimonial Evidence Attestations of Compliance or Statements of Compliance are generally not accepted as the only available evidence. Attestations may be used to explain minor gaps in documentation or to state if no conditions occurred which are subject to a requirement. Attestor must be knowledgable and qualified.

Evidence for Procedural Documents The characteristics of a valid procedural or policy document include: Document title Definition or Purpose Revision level Effective dates Authorizing signatures

Non Applicable Requirements Three instances are acceptable for use of term “Not Applicable” Entity is not registered for the applicable function. (only TOP responsible for TOP requirements) Entity does not own, operate or maintain the equipment addressed by the requirement. (UVLS, UFLS, SPS etc.) Entity does not use the program or process specified by the requirement. (and is not required to… ATC, CBM, etc)

Evidence for Tasks Performed When the standard calls for a task to be performed it must be documented. Records Logs Reports Work Orders Phone recordings Transcripts of phone recordings Shift Schedules Dates & Times are critical

Evidence of “Coordination” with other entities Typical evidence provided initially is a single email. “…If you have any comments please contact ______” This alone is neither sufficient or appropriate to demonstrate coordination between two or more parties. If emails or correspondence are used Two way communications are needed Better are: Meeting Agendas Meeting Minutes Attendance Lists

Evidence of “Distribution” of information Typical evidence provided initially is a single email with a large distribution list. “…please see attached” This alone is typically neither sufficient or appropriate to demonstrate distribution to others. If emails or correspondence are used Need clear identification of the personnel on the distribution list. Even Better is corroboration by receipt acknowledgement

Rachael Ferrin Richard Shiflett Haley Sousa Joelle Bohlender Enforcement 101 October 9, 2014 Rachael Ferrin Richard Shiflett Haley Sousa Joelle Bohlender

Agenda What is a violation? How does WECC know about a violation? What is the submittal and review process for possible violations? What is the submittal and review process for Mitigation Plans? What is a violation? The definition of a possible violation per the NERC Rules of Procedure is “A failure to demonstrate compliance pursuant to applicable NERC Reliability Standard Requirement.”

What is a violation? A violation is a failure to demonstrate compliance pursuant to applicable NERC Reliability Standard Requirement Possible Violation (PV) The identification by the Compliance Enforcement Authority of a possible failure by a registered Entity to comply with a Reliability Standard that is applicable to the Registered Entity. NERC Rules of Procedure, Appendix 2 (January 31, 2012). What is a violation? The definition of a possible violation per the NERC Rules of Procedure is “A failure to demonstrate compliance pursuant to applicable NERC Reliability Standard Requirement.”

How does the Entity discover a possible violation? Ongoing Compliance Assessments Internal Assessments Internal Audits Compliance Culture Now that you know the definition of a possible violation, how does the entity go about discovering a possible violation? This slide demonstrates several different avenues that may lead entities into discovering possible violations and submitting a Self Report.

How does WECC know about a possible violation? Compliance Monitoring Self-Reports Self-Certifications New possible violation Change in scope Compliance Audits Spot Checks Compliance Investigations Periodic Data Submittals Complaints Listed on this slide are the 7 compliance monitoring methods as described in the CMEP. Out of the 7, the most common discovery methods are SRs and SCs. Please note that WECC strongly encourages entities to promptly self-report, WECC considers prompt self-reporting as being pro-active. Quickly, I would like to discuss the difference between a Self Report and Self Certification. While Self Reports can be submitted at any time a possible violation is discovered, a Self Certification can only be submitted during the Self Certification period, the Self Certification period occurs on an annual basis and is considered mandatory.

Possible Violation Submittal Submit Self-Reports and Self-Certifications via webCDMS Self Report/Self Certification Content Checklist If you discover a new possible violation you will want to submit a Self Report. All forms SR and SC’s are submitted via webCDMS. When submitting a new possible violation for the first time, it may be helpful to reference the Self Report/Self Certification Content Checklist link to help guide you in identifying the necessary information needed for WECC’s technical review. I will now turn the time over to Ben, to go over the SR/SC content checklist in detail.

Self-Report/Self-Certification Content Checklist Is the version of the standard (in effect at the time of the violation) identified? Are all multiple subrequirements in scope identified? Has this violation been previously reported? Does the violation description include: All devices/facilities/personnel in scope? Names/IDs of devices/facilities/personnel? Where are these devices located? What are these devices used for? What type of access do the personnel have? Any additional information to assess the VSL? Is the start date and end date identified? Are the compensating measures identified? RS

Possible Violation Review WECC Subject Matter Experts (SME) reviews the “possible violation” Analyze facts and circumstances Data Requests/conference call if necessary Technical assessment Facts and Timelines Risk Assessment Recommendation of Dismissal or Acceptance to Case Managers RS SR, SC reviewed at WECC Audit/Spot check reviewed at the audit/spot check What about the details of the SME analysis?

Entity’s next step after reporting a Possible Violation Submit Mitigation Plan Notice of Alleged Violation triggers Mitigation Plan due date Timely Mitigation is encouraged Not admission of violation Once an entity has reported a new possible violation, WECC encourages entities to submit its MP as soon as possible or preferably at the same time. Remember that the faster the violation is mitigated, the better off reliability is! There is no need to wait for a disposition document to submit a Mitigation Plan, also please note that submitting a mitigation plan is not considered an admission of the possible violation. It is important to mention that all violations regardless of discovery method will go through the same review process. Every violation goes through the same process.

Mitigation Plan Submittal Submit via webCDMS One violation per plan Eight Steps to Prevention and Mitigation Mitigation Plan Content Checklist RF Similarly, to the SR/SC process, all forms for MPs are submitted via webCDMS. For reference, please use the Eight Steps to Prevention and Mitigation and Mitigation Plan Content Checklist when preparing to submit a Mitigation Plan. Again, I will turn the time over to Ben to discuss the MP content checklist and review process of MPs.

Mitigation and Prevention Checklist Symptom Root Cause Corrective Actions Preventive Actions Detective Actions Assign tasks Timeline and milestones Interim Risk RS

Mitigation Plan Content Checklist Has the scope of the violation being mitigated changed? Has the root cause been identified? Does the mitigation plan include: What is being fixed? How it is being fixed? When it is being fixed? Do the mitigation actions: Relate to the requirements in scope? Identify preventative measures? Identify detection measures? RS

Mitigation Plan Review WECC Subject Matter Experts (SME) conduct reviews Review the mitigation plan Actions (Corrective, Detective and Preventive) Duration Data Requests/conference call if necessary Notice of Acceptance or Rejection via auto notification or EFT server RS

Mitigation Plan Extensions Extension Requests Accepted Mitigation Plan completion date = date Completion Certification and evidence submitted to WECC Five business days prior to completion date RF If for some reason, you foresee a conflict and do not think the MP will be complete by the proposed completion date, you can submit an EXT. WECC encourages EXTs to be submitted as soon as you know you need one, but no later than 5 business days prior. The EXT must be submitted via webCDMS, please remember to include your reasons for requesting an extension and include any additional milestones that may be needed. Once submitted, it will go through the same review process as discussed earlier, and WECC will notify entities of approval or rejection of the EXT.

CMP Submittal Submit Completion Certification and evidence via webCDMS CMP Content Checklist RF Again, you will submit the CMP and evidence via webCDMS. For reference, please use the CMP Content Checklist when preparing to submit your CMP. Now, I will turn the time over to Tyson to discuss the CMP content checklist and review process of CMPs.

CMP Content Checklist Has the scope changed since the Mitigation Plan was accepted? Have you included a brief statement to confirm the scope? Is the evidence uploaded with a description for each file? Is there a mapping of actions to evidence? Is there a completion date for each action? RS

Mitigation Plan Completion Review WECC Subject Matter Experts (SME) conduct reviews Analyze Evidence Were all actions outlined in the plan completed? Has both procedural and implementation evidence been submitted? Data Requests/conference call if necessary Notice of Acceptance or Rejection via auto notification or EFT Server RS

Summary Violation life cycle Resources Submitting violations and mitigation plans WECC’s review of violations and mitigation plans Resources http://www.wecc.biz/compliance/outreach/Lists/101Links/AllItems.aspx RS

The Hand-Off The Hand-off to Case Manager Haley Begins Possible Violation Submittal Technical SME Review The Hand-off to Case Manager Case Manager Review 4 Methods of PV Disposition Confirmed Violation Haley Begins After the Possible Violation has been submitted and the Subject Matter Expert has reviewed it, the PV is handed off to the Case Manager for review. The Case Manager will review the facts of the PV and the Subject Matter Experts findings to determine the appropriate disposition method.

WECC Enforcement Case Managers Primary Role: Determining Violation Disposition (disposition analysis) Case analysis Violation Disposition Policy analysis Assess penalties Conduct settlements Build relationships HS: The primary role of the Case Manager is to determine the disposition method for possible violations. However, Case Managers also conduct case analysis, policy analysis, assess penalties and conduct settlements. Case Managers are always available to answer your questions or concerns, and to guide you through the enforcement process. Never hesitate to contact your Case Manager.

Enforcement Processes HS: This slide demonstrates each of the four possible disposition methods and the process following each. We will discuss each disposition method in detail.

Disposition Analysis Dismissal Find, Fix and Track (“FFT”) Notice of Alleged Violation (“NOAV”) Expedited Settlement Agreement (“ESA”) HS: The first disposition method I will discuss is the Dismissal.

Dismissal Disposition method used when the Case Manager determines the possible violation is not enforceable For Example… Standard Requirement does not apply to Entity Facts and circumstances warrant a violation of a different Standard Requirement Entity produced additional evidence demonstrating compliance HS: Your Case Manager will issue a dismissal any time it is determined that the possible violation is not enforceable. Generally, the Case Manager will determine if a dismissal is appropriate after the technical review and before any disposition document has been issued. However, a dismissal can be issued at any time before the violation becomes a Confirmed Violation.

What does a dismissal look like? Case Manager will issue a “Notice of Dismissal and Completion of Enforcement Action” WECC: Withdraws the Possible Violation from Entity’s compliance record Any data retention directives relating to the possible violation are released Entity: Does not need to respond to notice Questions/concerns contact Case Manager HS: If the Case Manager determines that a dismissal is warranted, the Case Manager will issue a “Notice of Dismissal.” When the dismissal is issued, the violation is withdrawn from the entity’s compliance history and the entity is release from all previously issued data retention directives. The entity is not required to submit a response the to WECC.

Not a Dismissal, Now what? Find, Fix and Track (“FFT”) Notice of Alleged Violation (“NOAV”) Expedited Settlement Agreement (“ESA”) HS: If the Case Manager determines that the violation cannot be dismissed, there are three methods that can be used to dispose of the possible violation. The first method is Find, Fix and Track, or FFT.

PVs for FFT Review WECC Reviews All PVs for FFT Treatment “Strong” FFT Candidates: Are not Repeat PVs PV does not reveal programmatic or systematic shortcomings Found and Fixed by the Entity Mitigation Plan has been submitted HS: All violations are reviewed for FFT candidacy but some violations are more likely than others to be processed as FFTs. Strong candidates are those that were Self-Reported or Self-Certified, are not repeats, do not demonstrate systematic issues and have been mitigated or are in the process of being mitigated.

What does an FFT look like? WECC Enforcement will issue a “Notice of Find, Fix and Track” Remediation Required No Penalty or sanction FFT is filed with NERC but does not become a “confirmed violation” FFT will become part of an Entity’s compliance history HS: When an FFT is issued, remediation is still required and the entity must still submit a mitigation plan. With FFTs, no penalties are issued. Also, while the FFT is filed with NERC and the FFT becomes part of compliance history, the FFT does not become a confirmed violation.

What to do with an FFT? Within five (5) days of receiving an FFT Notice an Entity Must: Submit to WECC an affidavit, signed by an officer with knowledge of remediation, OR Submit to WECC written notification opting out of the FFT processing If an Entity opts out of the FFT disposition, then WECCs policy is to issue the violation through the traditional NOAV process. HS: Appended to the FFT is an Affidavit. After you receive an FFT, an officer with knowledge of remediation must sign the affidavit and return it to WECC. Alternatively, you may choose to opt out of the FFT process, in which case WECC will issue a Notice of Alleged Violation.

4 Disposition Methods Dismissal Find, Fix and Track (“FFT”) Notice of Alleged Violation (“NOAV”) Expedited Settlement Agreement (“ESA”) HS: The next disposition method is the Notice of Alleged Violation, which will be presented by Joelle.

What does a NOAV look like? CMEP Section 5.3 NERC Rules of Procedure, Appendix 4C §5.3 (“CMEP”) Alleged Violation Facts Mitigation Plan Summary (if applicable) Enforcement Violation Determinations BES Impact Statement Minimal Moderate Severe Violation Severity Level (“VSL”) Violation Risk Factor (“VRF”) Penalty JB An “Alleged Violation” is a possible violation for which the Enforcement Authority [Case Manager] has determined, based on an assessment of the facts and circumstances surrounding the possible violation, that evidence exists to indicate a Registered Entity has violated a reliability Standard. Appendix 4 Section 5.3 to the NERC Rules of procedure identifies specific content requirements of a NOAV. You can access Appendix 4, using the link included herein. In short, the NOAV will contain a summary of the evidence that constitute Alleged Violation Facts. The NOAV will also summarize action prescribed by any Mitigation Plan submitted by the entity prior to the NOAV. The NOAV will also include determinations made by the Case Manager. These risks posed by possible noncompliance. At the lowest end of the “risk spectrum” a case manager may determine that the alleged violation poses a “minimal” risk to the BES. At the highest end of the risk spectrum, the case manager may determine that the alleged violation poses a severe risk to the BES. The NOAV will also include a Violation Severity Level for Each Violation, and a Violation Severity Level for each violation. Violation Severity Levels and VRFs can be found on NERC’s website, and may be updated. Lastly, a NOAV will include a proposed penalty for each violation.

What to do with a NOAV? Submit a NOAV Response within 30 days The NOAV Response must conform to one of three options Agree with the violation AND penalty Agree with the violation, but contest penalty Contest both the violation AND penalty Failure to submit a NOAV Response within 30 days will automatically result in confirmed violations with penalties JB

NOAV Response: “Option 1” Does not contest Does not contest violation facts as alleged in the NOAV May identify errors that should be corrected in the “Notice of Confirmed Violation” (“NOCV”) Submit a Mitigation Plan Enforcement will issue a Notice of Confirmed Violation within ten (10) days of receiving a NOAV Response that “agrees with or does not contest an alleged violation.” JB

NOAV Response: “Option 2” Contests Penalty NOAV Response will be submitted to Enforcement using the EFT Server within thirty (30) calendar days of receiving the NOAV. Submit a Mitigation Plan. NOAV Response must explicitly contest penalty and request settlement. NOAV Response must articulate basis for each penalty NOAV Response should include a proposed penalty the Entity believes to be reasonable including the basis for proposed penalty JB

NOAV Response: “Option 3” Contests Alleged Violation & Penalties NOAV Response must be submitted to Enforcement using the EFT Server within thirty (30) calendar days of receiving the NOAV. NOAV Response must explicitly contest each alleged violation and proposed penalty and request settlement. Each Contention must be supported by: An explanation of the Entity’s position Basis for Contention Additional Information or evidence JB

A Word on Penalties Attached to violations disposed of using the NOAV or ESA processes Based on: NERC Sanction Guidelines (January 31, 2012) Penalty Range Penalty range depends upon Violation Severity Level (“VSL”) and Violation Risk Factor (“VRF”) Penalties are then adjusted for either Mitigating or Aggravating Factors HS: Before we move into the Expedited Settlement Agreement, I would like to mention a few things about penalties. Penalties are associated with both the NOAV and ESA. Penalties are based on both the NERC Sanction Guidelines and by the penalty range. The penalty range is a chart, produced by NERC, that uses the Violation Severity Level and Violation Risk Factor to provide a low end and high end of a penalty range. The Case Manager will then review mitigating factors and aggravating factors, and then adjust the penalty amount upward or downward, respectively.

Settlement Negotiation Reaching Settlement NOAV NOAV Response C & T Agreement Schedule Settlement Work with Case Manager Settlement Negotiation Settlement Agreement HS: This slide demonstrates the process from when a NOAV is sent to the entity through the Settlement Agreement. After a NOAV is issued, the entity has 30 days to respond to the NOAV. If the entity contests either the violation or the penalty amount, or both, the settlement process begins. We will first execute a Confidentiality and Tolling Agreement and set a date for settlement. After we reach a settlement, we will execute a Settlement Agreement. If everything moves smoothly with no hiccups, the process from NOAV to Settlement Agreement takes roughly 3 months.

4 Disposition Methods Dismissal Find, Fix and Track (“FFT”) Notice of Alleged Violation (“NOAV”) Expedited Settlement Agreement (“ESA”) HS: The final disposition method is the Expedited Settlement Agreement, or ESA.

ESA: Expedited Settlement Process Settlement Agreement ESA HS: As you can see, the ESA removes the middle steps from the process and goes straight to the Settlement Agreement.

What does an ESA look like? Expedites Formal Settlement Negotiations The ESA will contain Facts and circumstances of the violation Risk Assessment Summary Mitigation Plan Summary VSL and VRF determinations Penalty determination The ESA has many of the same elements as a NOAV. It contains the facts of the violation, a risk assessment, details on mitigation plan submittals, a determination on the VSL and VRF, and a penalty determination. However, unlike the NOAV, the ESA expedites the process and goes straight to a Settlement Agreement. Also, the penalty amount in an ESA is greatly reduced than what a NOAV would contain.

What to do with an ESA? Entity will have 15 days to review the ESA… The Entity will contact Case Manager with questions or concerns. If the Entity accepts the terms of the ESA… The Entity must submit a signed copy of the ESA to WECC within 15 days of receipt of the ESA issuance. If the Entity rejects the ESA or does not respond within 15 days… WECC will issue a Notice of Alleged Violation and Proposed Penalty and Sanction. If you receive an ESA, you will have 15 days to review it and to discuss it with your Case Manager. At the end of that 15 days, you must choose whether to accept it or reject it. You are under no obligation to accept it. If you choose to accept it, you will execute a signed copy of the ESA and return it to WECC. If you choose to reject the ESA, or if you do not respond within the 15 days, WECC will issue a NOAV. Remember, the ESA is a take it or leave it document. The penalty amount is not negotiable.

Settlement Agreements & Expedited Settlement Agreements Once an ESA or Settlement Agreement has been executed, WECC files the Agreement with NERC. NERC staff review the Settlement Agreement and contact the Case Manager with questions. NERC files the terms of the Settlement Agreement with the NERC Board of Trustees, Compliance Committee. Once that committee approves the Settlement Agreement, a Notice of Penalty is prepared and filed with FERC. After review, FERC will issue an “Order of no Further Review”, and the Notice of Penalty becomes effective. After it becomes effective, the Notice of Penalty is made public and can be viewed on the NERC website.

Payment & Closure of Enforcement Action After NOP becomes effective, WECC issues a “Payment Due Notice” The Penalty will be due thirty (30) days from the date the Notice is issued Public NOP filings can be found on the NERC website CASE CLOSED After the Notice of Penalty becomes effective, WECC will issue a “Payment Due Notice” to the entity which allows the entity 30 days to tender the penalty amount to WECC.

Enforcement Process Summary Possible Violation Submittal Technical SME Review The Hand-off to Case Manager Case Manager Review 4 Methods of PV Disposition Confirmed Violation Lifecycle of a Possible Violation Best Compliance Practices http://www.wecc.biz/compliance/Pages/Best-Practices.aspx Possible Violation Disposition and Entity Responses In summary, we have reviewed the lifecycle of a possible violation, from detection through settlement. For additional information on Best Practices, there is a link provided in this slide. Are there any questions before we turn the time over to Brittany?

Brittany Power Data Coordinator Compliance 101 Brittany Power Data Coordinator

webCDMS

webCDMS Regions MRO SPP WECC Texas RE RFC

EFT Server WECC EFT Server

Compliance Standards Index

Compliance Standards Index

Compliance Standards Index

Compliance Standards Index

Reminder: Help Desk WECC Support OATI Support Call @ 801-883-6879 Types of calls for WECC EFT Questions Registration Questions Historical Questions Standard Questions Non-technical Questions support@wecc.biz Call @ 673-220-2020 Types of calls for OATI Technical Problems webCDMS Login Problems Certificate Problems Access Problems