Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tony Purgar CIP Compliance Workshop Baltimore, MD August 19-20, 2009 1.

Published byBartholomew Quinn Modified over 9 years ago

Similar presentations

Presentation on theme: "Tony Purgar CIP Compliance Workshop Baltimore, MD August 19-20, 2009 1."— Presentation transcript:

1 Tony Purgar CIP Compliance Workshop Baltimore, MD August 19-20, 2009 1

2  Background  Overview – Initial TFE Program Proposal (dated March 16, 2009)  Overview - “Compliance Process Bulletin #2009-006 Interim Approach to Technical Feasibility Exceptions” (dated July 1, 2009)  Where Are We Today? ◦ “Joint NERC and RE Proposal to Implement TFE Evaluations”  Next Steps 2

3  January 18, 2008: FERC issued Order No. 706 approving mandatory Reliability Standards for CIP and directed NERC to establish a procedure for the submission, review, audit and approval of Technical Feasibility Exceptions (TFEs) ◦ Specifically, NERC as the ERO was directed “to develop a set of conditions or criteria that a responsible entity must follow when relying on the technical feasibility exception contained in specific requirements of the CIP Reliability Standards.” ◦ Also, “technical feasibility exceptions should be reported, justified and subject to approval by the ERO or relevant Regional Entity.” 3

4  March 16, 2009: NERC posted a “Request for Comments on Proposed Procedure for Requesting and Receiving Technical Feasibility Exceptions to NERC CIP Standards and Related Amendments to NERC Rules of Procedure” - Initial TFE Program Proposal ◦ April 30, 2009: Comments due ◦ April-May, 2009: Over 50 different sets of comments were received  Review of comments and evaluation of additional approaches is ongoing 4

5  May 16, 2009: Order No. 706-A issued ◦ FERC “expects Regional Entities to process and evaluate requests for technical feasibility on a fair and consistent basis.” ◦ NERC would have discretion to develop uniform procedure (i.e. revision to NERC RoP) to establish level of consistency in processing TFEs 5

6  July 1, 2009: NERC released “Compliance Process Bulletin #2009-006 Interim Approach to Technical Feasibility Exceptions” ◦ Provides guidance to REs and affected Registered Entities concerning applicability & implementation of NERC CIP Standards that refer to “technical feasibility” and/or “technical limitation” pending the adoption of permanent program to address TFEs. 6

7  Applicable only to specific requirements in CIP-002 through CIP-009  Proposed process was a modification to the NERC Rules of Procedure  Modeled after the Self Report of Non-Compliance with Mitigation Plan  An “Exception” not an “Exemption” from Compliance 7

8  Applicable Requirement: A Requirement of a CIP standard that expressly provides either ◦ (i) that compliance with the terms of the Requirement is required where or as technically feasible, or ◦ (ii) that technical limitations may preclude compliance with the terms of the Requirement  Covered Asset: A Cyber Asset or Critical Cyber Asset that is subject to an Applicable Requirement 8

9  Eligible Reviewer: A person who has the required security clearances or other qualifications, or who otherwise meets the applicable criteria, to have access to classified National Security Information, NRC Safeguards Information, or Protected FOIA Information, as applicable to the particular information to be reviewed.  Expiration Date: The date on which a TFE expires, as specified in the approved TFE Request or in a Notice of Revocation. 9

10  National Security Information (NSI): Information classified by an Executive Order, whose compromise would cause some degree of damage to the national security.  Protected FOIA Information: Required Information, held by a governmental entity, that is subject to an exemption from disclosure under FOIA (5 U.S.C. §552(e)) or any similar state or local statutory provision which would be lost were the Required Information to be placed into the public domain. ◦ [NOTE: This definition should be interpreted to include any Canadian or provincial provisions similar to FOIA.] 10

11  Region: The geographic boundaries of a Regional Entity.  Regional Entity: The organization that has compliance enforcement authority for the Critical Asset supported by the Covered Asset that is the subject of the TFE request.  Responsible Entity: A user, owner or operator of the Bulk Electric System that is registered in the Compliance Registry and is responsible for complying with an Applicable Requirement, as specified in the Applicability section of the CIP Standard. 11

12  Safeguards Information (SGI): Safeguards information is a special category of sensitive unclassified information authorized by Section 147 of the Atomic Energy Act to be protected. ◦ Safeguards information concerns the physical protection of operating power reactors, spent fuel shipments, strategic special nuclear material, or other radioactive material.  Senior Manager: The person assigned by the Responsible Entity, in accordance with CIP Standard CIP-003-1 Requirement R2 (or subsequent versions), to have overall responsibility for leading and managing the Responsible Entity’s implementation of, and adherence to, the CIP Standards. 12

13  Strict Compliance: Compliance with the terms of an Applicable Requirement without reliance on a Technical Feasibility Exception  Technical Feasibility Exception or TFE: An exception from compliance with the terms of an Applicable Requirement on grounds of technical feasibility or technical limitations in accordance with one or more of the criteria defined within the TFE Basis for Approval  TFE Request: A request submitted by a Responsible Entity in accordance with the published Interim TFE process for an exception from Compliance with an Applicable Requirement 13

14 When Strict Compliance with an Applicable Requirement:  Is not technically feasible  Is not operationally feasible  Is precluded by technical limitations  Could adversely affect the reliability of the Bulk Electric System to an extent that outweighs the reliability benefits of Compliance with the Applicable Requirement 14

15  While technically and operationally feasible, cannot be achieved by the Compliance Date due to such factors as: ◦ Scarce technical resources ◦ Limited availability of required equipment or components ◦ Need to construct, install, or modify equipment during planned outages 15

16  Would pose safety risks or issues that outweigh the reliability benefits of Strict Compliance  Would conflict with, or cause the Responsible Entity to be non-compliant with a separate statutory or regulatory requirement that cannot be waived  Would incur costs that exceed the benefits of Compliance 16

17  Responsible Entity is required to implement and maintain an alternate approach to achieving compliance through the use of compensating and/or mitigating measures  TFE will typically be approved for a limited duration ◦ Normally requires expiration date  Compliance with applicable requirement is expected ◦ Open-ended TFE allowed under limited conditions if justified, with periodic review to perpetuate TFE 17

18  Separate submission for each TFE request ◦ For each Applicable Requirement pertaining to each Covered Asset.  Can group multiple, similar Covered Assets into one submission ◦ Same or multiple locations ◦ Same basis for TFE ◦ Same compensating and mitigating measures ◦ Similar proposed Expiration Dates 18

19  Responsible Entity name  Contact information, including how NERC may arrange to view confidential information  Location of Covered Asset  Applicable Requirement  Narrative discussion and analysis of the basis for approval  Narrative discussion and analysis of compensating and mitigating measures, including how and to what extent the measures will reduce risk 19

20  List of confidential information to be reviewed onsite along with criteria to be an Eligible Reviewer  Proposed implementation and reporting schedule  Proposed plan and time schedule for terminating TFE and achieving Strict Compliance ◦ Detailed steps and milestone schedule for achieving Strict Compliance, or ◦ Specific research, design, analytical, testing, or other activities, with schedule, to determine a means to achieve Strict Compliance 20

21  Justification for requesting TFE with no expiration date  If Expiration Date is longer than one year, a proposed schedule for submitting reports to NERC on continuing need and justification for TFE ◦ Reports must be submitted at least annually  Statement, signed by the Sr. Manager, acknowledging that the Sr. Manager has read and understands the TFE request and recommends approval 21

22  Preliminary Review to confirm all requirements of submission are satisfied ◦ Unique identifier assigned ◦ If Submission is complete, NERC sends notice accepting TFE as complete ◦ If Submission is incomplete, NERC sends notice rejecting the TFE  NERC shall indentify missing content.  Responsible Entity may resubmit 22

23  Substantive Review for Approval/Disapproval ◦ 60-day review period, can be extended ◦ If not approved, disapproved, or extended within review period, TFE automatically disapproved ◦ Notice of Approval or Disapproval (with option to appeal) ◦ NERC shall perform wide-area analysis collaborating with other Regional Entities and Responsible Entities 23

24  Reason for Disapproval stated in notice  NERC may state revisions to TFE that would result in approval of TFE Request if resubmitted ◦ NERC not required to identify revisions  Requester has 30 days from time of notice to ◦ Resubmit TFE with NERC identified revisions, or ◦ Submit a mitigation plan to achieve Strict Compliance  Mitigation Plan processing shall follow CMEP 24

25  Findings of Violations and Imposition of Penalties will be deferred during TFE Review ◦ Deferment starts with acceptance as complete ◦ Deferment ends with notice of approval or effective date of disapproval  Once TFE is approved, deferment continues as long as the TFE remains in effect and/or progress to Strict Compliance remains on schedule 25

26  Responsible Entity to submit timely periodic and other reports as specified in approved TFE request ◦ Covers progress implementing  Compensating and/or mitigating measures  Steps, research, analysis to achieve strict compliance 26

27  TFE can be revoked if progress milestones not met, mitigation not maintained, or reports not submitted ◦ TFE amendment can be requested, if needed ◦ No guarantee amendment will be accepted  NERC may initiate Revocation Investigation ◦ Can revoke TFE prior to Expiration Date - may become Alleged Violation ◦ Can advance Expiration Date ◦ Can impose additional requirements 27

28  Responsible Entity can amend a pending TFE Request at any time the TFE is under review by NERC ◦ Provide additional information ◦ Revise required information  Can resubmit the entire TFE as amended or only the portion being amended if easily separable  May result in extension of review period 28

29  Responsible Entity may submit amendment to approved TFE requesting revision to any TFE requirement. ◦ For example:  Revised compensating/mitigating measures  Extension to implementation schedule  Extension of Expiration Date  May submit entire TFE or only amended portions 29

30  Responsible Entity must include: ◦ Narrative explanation of the amendment ◦ Reason and purpose of the amendment ◦ Reasons approved TFE requirements cannot be met  NERC will review for completeness and accept or reject the submission  If complete, NERC will perform substantive review to approve or disapprove  Approved TFE replaces previous TFE 30

31  Notice Required to NERC ◦ At least 30 days prior to Expiration Date ◦ Signed and dated by Sr. Manager ◦ Asserts Responsible Entity has or will be able to achieve Strict Compliance by Expiration Date  Audit of Strict Compliance included in next Compliance Audit, even if not originally planned in the audit program 31

32  Hearing can be requested before the Compliance and Certification Committee (CCC) ◦ Dispute rejection or disapproval of TFE request ◦ Dispute rejection or disapproval of proposed amendment ◦ Dispute Revocation Notice  Adverse final order of the CCC can be appealed to the Board of Trustees Compliance Committee (BOTCC) 32

33  “Interim Guidance” document ◦ Background ◦ Approach ◦ Submittal Requirements ◦ Regional Activities ◦ TFE Disapproval ◦ TFE Compliance 33

34  Posted July 1, 2009 as guidance to REs and affected Responsible Entities for addressing TFEs pending the adoption of permanent program.  Interim process is required to address TFEs for requirements for which certain Responsible Entities reached the “C- Compliant” stage on July 1, 2009 per the CIP Implementation Plan. 34

35  Without formal TFE process, REs will need to address TFEs in context of CIP Audits, Investigations and Spot-Checks  Responsible Entities asserting TFE must provide documentary support for the assertion of the TFE. ◦ Basic information and particulars of TFE ◦ Information justifying appropriateness of TFE ◦ Information concerning mitigating and compensating measures to be implemented with TFE to reduce risk to reliability of BES. 35

36  Responsible Entities should submit TFE through an appropriately secure means acceptable to RE ◦ Secure Portal ◦ Encrypted e-mail  Should be submitted prior to time the Responsible Entity receives notice of a CIP audit or spot-check, ideally at time Responsible Entity is in “C-Compliant” stage of implementation 36

37  REs to provide time for TFE submission to Responsible Entities that will reach “C- Compliant” stage for specific requirements OR that received CIP audit / spot-check notices prior to July 1, 2009  REs should receive TFE request at least 30 days prior to site visit of any audit or spot- check 37

38  Identification of Standard & Requirements for which the TFE is being asserted  Description of assets, critical assets, and critical cyber assets affected by TFE, including vendor documentation detailing specific limitation of relevant equipment 38

39  Explanation of why TFE is necessary  Documentation of date TFE was approved by Senior Manager or delegate(s)  Description of mitigating and compensating measures taken by Responsible Entity to address all risks to reliability of BES 39

40  If applicable, list of which other Regions the Responsible Entity is seeking TFE request  Time period for which TFE is to remain in place ◦ Specify Effective date and Actual or Expected End date  Evidence that the TFE assertion is in fact required based on factors outlined in the proposed Appendix 4D to the RoP, in TFE Program Proposal ◦ Refer to “TFE Basis for Approval” section of this presentation 40

41  Documentation and evidence of implementation plan that achieves a comparable level of security to the requirement for which TFE is being claimed  Remediation plan and timeline for eliminating use of TFE or evidence that remediation by certain date is not feasible due to technical limitations or other just cause. 41

42  Auditors will consider the “Basis for Approval” factors and any evidence to determine whether compliance could be found based on TFE assertion ◦ Mitigating and Compensating measures will be evaluated 42

43  Auditors required to document Audit or Spot Check Reports that include (when applicable) : ◦ Whether Registered Entity asserted a TFE request ◦ Basis for accepting TFE as part of findings of compliance ◦ Basis for rejecting TFE as part of findings of possible violations  “Contrary to current practice, any spot-check report documenting one or more TFEs MUST be submitted to NERC” 43

44  If TFE rejected, Auditors to send notice of disapproval and reasons for disapproval ◦ May suggest revisions that, if made, would lead to approval ◦ Shall specify effective date 44

45  Revised TFE may be submitted during period from notice date to effective date ◦ If re-submitted as specified, Auditors issue notice of approval and consider TFE in findings ◦ If not re-submitted, case enters Enforcement space as possible violation 45

46  If Responsible Entity is found in Compliance based on TFE, finding will remain in effect until earlier of: ◦ Responsible Entity’s next audit; ◦ Subsequent compliance action identifies a failure to comply with mitigation, compensating or remediation plans submitted with TFE request; ◦ Effective date of formal program adopted to review and approve TFEs, at which time the Responsible Entity would be expected to formally submit TFE request through formal program 46

47  NERC and REs are closely collaborating to develop an efficient, secure and manageable permanent TFE program  “TFE Program Proposal” and “Interim Guidance” documents provide the framework for a permanent TFE program  “Interim Guidance” is official pending updates or the adoption of a permanent TFE Program  Latest Submission = Joint NERC and RE Proposal to Implement TFEs 47

48  Background  Applicability  TFE Requests and Responsibilities of Registered Entities  Procedures for Evaluation of a TFE Request (Regional Entities and NERC)  Regional Entities’ Roles and Responsibilities  NERC’s Roles and Responsibilities 48

49  Per Orders 706 & 706-A, NERC/REs defined these characteristics for the proposed TFE program: ◦ Produce the information needed to review and approve TFE Requests; ◦ Be straightforward and not unduly burdensome to NERC, REs and Responsible Entities; ◦ Maintain security of sensitive information per §1500 of NERC RoP; ◦ Leverage existing resources at NERC & REs; ◦ Minimize processing burden due to large volumes of TFEs ◦ Clearly define roles/responsibilities of NERC, REs and Responsible Entities 49

50  NERC will be responsible for oversight, implementation and consistency of TFE Program implementation, including oversight at the Regional Entity  NERC and REs shall: ◦ Establish uniform processes & tools to receive, catalogue and approve TFE requests  Using existing NERC and Regional Entity Systems  Ensuring CEII and other confidential information is secure at all times per §1500 of NERC RoP ◦ Approve common templates and electronic forms ◦ Maintain list of requirements eligible for TFE Requests  Including evaluation and proposal of class-type TFEs applicable to broad classes of devices & equipment 50

51  Requirements eligible for TFE Request: ◦ CIP-005-1/R2.4 ◦ CIP-005-1/R2.6 ◦ CIP-005-1/R3.1 ◦ CIP-005-1/R3.2 ◦ CIP-006-1/R1.1 ◦ CIP-007-1/R2.3 ◦ CIP-007-1/R3.2 ◦ CIP-007-1/R4 ◦ CIP-007-1/R4.1 ◦ CIP-007-1/R5.3 ◦ CIP-007-1/R6. ◦ CIP-007-1/R6.3.  NERC will revise this list as Reliability Standards are revised and approved by FERC.  Added based on recent discussions with FERC and the REs 51

52  Responsible Entity expected to prepare TFEs that: ◦ Achieve goals of eligible requirement ◦ Mitigate any potential impacts to reliability of BES ◦ Provide for timely transition to Compliance w/o TFE 52

53  TFE Request - Submittal Process (Part A & Part B) ◦ Part A:  Signifies notice to RE of a TFE Request  Submitted electronically via Form/Template through a secure portal or alternate format designated by RE  Documents detailed information for REs to determine if TFE should be accepted on interim basis  Documents data for NERC to develop wide-area Annual Report to FERC and for NERC’s oversight of TFE process  Shall be confidentially posted to a RE db and available for review by NERC and other REs to ensure consistency  Used by RE to implement electronic system for receiving and cataloguing TFE requests 53

54  TFE Request - Submittal Process (Part A & Part B) ◦ Part B: Detailed information for determining if TFE should be granted including:  Documents, drawings & other information needed for details and justification of TFE  Description of mitigating measures in use to meet the purpose of the Std/Requirement while TFE is in effect ◦ Available onsite for RE/NERC review during audit, spot- check or other compliance inquiry  In special cases, RE can require all or portion of information is filed with RE, provided this can be done securely with NO compromise of sensitive information ◦ Must be completed at same time as Part A. 54

55  Initial (Preliminary) TFE Review ◦ Completed within 60 days of submittal ◦ Upon completion, RE to notify Responsible Entity:  TFE accepted on interim basis  TFE deficient but could be accepted with changes  TFE denied with justification  If deficient, RE to provide instruction to make TFE acceptable ◦ 30 days to resubmit minor correction ◦ 60 days to resubmit major correction 55

56  Final (Substantive) TFE Review ◦ Starts after Interim Acceptance and is completed within 360 days of submittal ◦ Review verifies supporting documentation and that Responsible Entity is performing compensating measures to eliminate TFE ◦ Review will be at Entity site or via alternate means with adequate protection of sensitive data ◦ Review will conclude one of the following:  Final Approval  Conditional Approval subject to certain changes being made in a specific timeframe  Revocation 56

57  RE can request additional time to complete review (no more than 60 days)  RE to provide final report to NERC within (30) days after detailed review and closure  REs to manage Enforcement process, and as needed, the Hearing process when TFE not accepted OR when entity fails to implement outlined measures  Appeals of rejected TFEs to be addressed via normal Compliance process and hearings, if necessary 57

58  August, 2009 ◦ Joint Proposal to be finalized ◦ TFE Package to posted for public comment  Joint Proposal  New proposed Appendix 4D to the NERC RoP  Part A Electronic Form with Instructions 58

59  September, 2009 ◦ Comments on TFE Package due ◦ Updated Interim Guidance to be posted ◦ Part A Form implemented to start accepting TFE Requests ◦ Development of permanent TFE Program to continue ◦ Revisions to NERC’s RoP, the CMEP and a new Appendix 4D to NERC’s RoP (based on Initial TFE Program Proposal)  To be filed with FERC for approval 59

60 60

Download ppt "Tony Purgar CIP Compliance Workshop Baltimore, MD August 19-20, 2009 1."

Similar presentations

Document Categorization Steve Ashbaker Director of Operations Joint Guidance Committee WECC Leadership Annual Training Session Salt Lake City, UT May 6-7,

Document Categorization Steve Ashbaker Director of Operations Joint Guidance Committee WECC Leadership Annual Training Session Salt Lake City, UT May 6-7,
Reliability Provisions of EPAct of 2005 & FERC’s Final Rule

Reliability Provisions of EPAct of 2005 & FERC’s Final Rule
Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.

Reliability Center Data Request Task Force Report WECC Board Meeting April 2009.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.

Q1 Q – The data retention period for Standards CIP-002 to CIP-009 versions 2 and 3 state: “The Responsible Entity shall keep all documentation and records.
Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.

Key Reliability Standard Spot Check Frank Vick Compliance Team Lead.
Issue Identification, Tracking, Escalation, and Resolution.

Issue Identification, Tracking, Escalation, and Resolution.
Agency Drafts Statement of Scope 227.135 Governor Approves 227.135(2) No Agency Drafts: Special Report for rules impacting housing 227.115 Fiscal Estimate.

Agency Drafts Statement of Scope Governor Approves (2) No Agency Drafts: Special Report for rules impacting housing Fiscal Estimate.
Why TADS Is Needed No systematic transmission outage data collection effort exists for all of North America Energy Information Administration data (Schedule.

Why TADS Is Needed No systematic transmission outage data collection effort exists for all of North America Energy Information Administration data (Schedule.
Overview of Eligibility & Enrollment II Final Rule – Medicaid and CHIP Jennifer Ryan Center for Medicaid & CHIP Services July 17, 2013.

Overview of Eligibility & Enrollment II Final Rule – Medicaid and CHIP Jennifer Ryan Center for Medicaid & CHIP Services July 17, 2013.
[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO] [ENTITY NAME] [FUNCTION CERTIFYING] Certification [LOCATION] – [DATES OF ON-SITE VISIT] [Presenter Name,

[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO] [ENTITY NAME] [FUNCTION CERTIFYING] Certification [LOCATION] – [DATES OF ON-SITE VISIT] [Presenter Name,
Compliance Application Notice Process Update and Discussion with NERC MRC.

Compliance Application Notice Process Update and Discussion with NERC MRC.
IRB Determinations 1. AAHRPP Site Visit Results Site visitors observed a real commitment to human subject protections Investigator and research staff.

IRB Determinations 1. AAHRPP Site Visit Results Site visitors observed a real commitment to human subject protections Investigator and research staff.
June 6, 2007 TAC Meeting NERC Registration Issues Andrew Gallo, Assistant General Counsel, Litigation and Business Operations ERCOT Legal Dept.

June 6, 2007 TAC Meeting NERC Registration Issues Andrew Gallo, Assistant General Counsel, Litigation and Business Operations ERCOT Legal Dept.
Technical Feasibility Exceptions (TFEs) ReliabilityFirst CIP Webinar Thursday, September 30, 2010 Steve Garn, Sr. Engineer.

Technical Feasibility Exceptions (TFEs) ReliabilityFirst CIP Webinar Thursday, September 30, 2010 Steve Garn, Sr. Engineer.
Continuing Review VA Requirements Kevin L. Nellis, M.S., M.T. (A.S.C.P.) Program Analyst Program for Research Integrity Development and Education (PRIDE)

Continuing Review VA Requirements Kevin L. Nellis, M.S., M.T. (A.S.C.P.) Program Analyst Program for Research Integrity Development and Education (PRIDE)
Auditing Internal Control over Financial Reporting

Auditing Internal Control over Financial Reporting
Texas Regional Entity Compliance Report TAC July 9, 2009.

Texas Regional Entity Compliance Report TAC July 9, 2009.
Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
1 Application of SAS 112 in a Single Audit GAQC Member Conference Call January 15, 2008 Presented by Mandy Nelson, CPA George Rippey, CPA.

1 Application of SAS 112 in a Single Audit GAQC Member Conference Call January 15, 2008 Presented by Mandy Nelson, CPA George Rippey, CPA.

Similar presentations

Ads by Google