npcc compliance webinar welcome
play

NPCC Compliance Webinar Welcome Scott Nied Assistant - PowerPoint PPT Presentation

Nov 24, 2023 •30 likes •940 views

NPCC Compliance Webinar Welcome Scott Nied Assistant Vice-President, Compliance July 14, 2020 7/14/2020 1 The ERO Golden Circle Why, How, What 7/14/2020 2 Example of ERO CMEP Aspirations The Staff initiatives and behavior are

  1. NPCC Compliance Webinar Welcome Scott Nied Assistant Vice-President, Compliance July 14, 2020 7/14/2020 1

  2. The ERO Golden Circle Why, How, What 7/14/2020 2

  3. Example of ERO CMEP Aspirations • The Staff initiatives and behavior are centered around our “why.” • Monitoring engagements are not just about compliance. It is more holistic. Is security and reliability sustainable? Stakeholders identify with our transformational activities and see value in their monitoring • engagement with us. 7/14/2020 3

  4. Note: Audit Preparation • Successful audits take effort and need project management • Understand the Requirements • Know what the auditor is looking for. There are measures in the Requirement and auditor approaches in RSAW. • Acquire, track, and log your evidence. • The CIP ERT, PRC-005 components, list of BES facilities; all need to be accurate. That affects the sampling process. Analyze your evidence • Annotate the evidence. (Or a data request is needed.) • Develop relevant compliance narratives that accurately and succinctly speak to the evidence that • you provide and how it supports your compliance. User Guide: A recommendation is to give the same evidence to someone within your organization who is – less familiar with it to determine if you have provided sufficient context or explanation. • Package your evidence, Use naming conventions as per the ERT user guide, Review folder structure of evidence submittals; so NPCC can find it. • Perform a Mock Audit • Uniform effort: Sys Ops, Prot Eng, Substations, Trans Eng, Trans Plan, Line Clearance, EMS Support, IT, Network Security • Ensure SMEs understand how the evidence that you are presenting makes you compliant 7/14/2020 4

  5. COVID-19 Noncompliance Logging Damase Hebert July 14, 2020, NPCC Workshop 1

  6. ERO Enterprise Guidance addressing Noncompliance Related to Coronavirus Impacts Issued May 28, 2020 2

  7. May 28 Guidance • Maintaining Safety of workforce and communities • Assure Reliability of bulk power system during public health emergency. • Self-log noncompliance. 3

  8. May 28 Guidance • Applies to minimal and moderate risk noncompliance • Applies to periodic and non-periodic actions. • Expires September 30, 2020 4

  9. 5

  10. NPCC COVID-19 Notification Spreadsheet • Standard, Requirement, Functions • Start and Possible End Dates. • Compliance impact details and mitigating controls • Justification for Exception. 6

  11. NPCC On-site Activity • Suspended through 2020 • Off-site activity continues 7

  12. Questions • Questions? Email: COVID19_Notifications@npcc.org 8

  13. CIP Evidence Request Tool v4.5 v4.0 to v4.5 Change List July 14, 2020

  14. Agenda • CIP ERT Version 4.5 User Guide • Using the ERT • Submitting the ERT and Responses • General Recommendations • Tips for Evidence • ERT and RSAW 2

  15. CIP ERT 4.5 User Guide – Key resource when completing the ERT – Sent with audit notification package – Available on NERC website: CIP v5 Transition Program CIP ERT Version 4.5 3

  16. Using the ERT ERT Level 1 – Initial Evidence Request – 90 requests depending upon scope – Also requested in RSAW – Documentation focused: • Policies • Programs Procedures • • Processes • Diagrams • Configurations • Etc. – Populations of Cyber Assets, etc., that will be used for generating the Sample Sets in the Level 2 Evidence Request. Bright Green rows indicate that there is a tab to be completed. 4

  17. Using the ERT ERT Level 1 - Sampling Population Tabs • 13 Sampling Populations depending upon audit scope. • Each population has a tab that must be completed. All fields on the tab should be completed or blank as appropriate . For requests anywhere in the ERT on standards or requirements that are not in scope for the audit simply state “Not in scope”. • The CIP Evidence Request Tool User Guide v4.5 has detailed instructions for completing each tab and each column in the ERT. • Pay attention to true/blank drop downs, pick lists and date of activation/deactivation. • When in doubt, contact your Audit Team Lead. 5

  18. Using the ERT NPCC TAB Used by audit team to ask questions and request evidence that may not be covered by the ERT or RSAW. This tab is also used to document onsite questions • Each request is assigned a unique number • Multiple rounds of questions will be separated by a yellow bar • Initial questions may be available with the L1 6 requests. 6

  19. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 7

  20. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 (cont.) * Sampling performed in alignment with the ERO Sampling Handbook 8

  21. Using the ERT Sample Sets Example – CA Tab – CIP-005-6 R2 (cont.) Level 2 Evidence Requests Request IDs CIP-005-R2-L2-01 to CIP-005-R2-L2-03 apply to the cyber assets selected in SS-005-R2-L2-01 9

  22. Using the ERT Sample Sets Example – Sampling Dates These can be a range or ranges of dates throughout the audit period. SS-Date-XX will be documented on the NPCC Tab of the ERT and sent with the Level 2 requests. 10

  23. Submitting the ERT and Responses Naming Conventions – Each line of the Level 1 and Level 2 tabs contains a “Request ID,” which uniquely identifies each request. Level 1 Tab Level 2 Tab CIP- sss -R r -L m - nn – sss is the three-digit CIP Reliability Standard number; – r is the Requirement number within the Standard; – m is the level of the evidence request (either “1” for Level 1 or “2” for Level 2); – nn is a two-digit request number within the Standard, Requirement, and Level. 11

  24. Submitting the ERT and Responses Folder Structure • Response Level • ERT Request ID • NPCC Data Request # 12

  25. General Recommendations • Review the Audit package instructions when submitting evidence artifacts (ex. Filling out the ERT and usage of evidence narratives) – Review accuracy of assets on the ERT – Provide narratives with evidence artifacts – Use naming conventions as per the user guide – Review folder structure of evidence submittals 13

  26. Tips for Evidence • Submit supporting documents with brief explanations of evidence files (i.e. README files or narratives). • Screen Shot Evidence – Annotate if possible – Cyber Asset Name/Identifier – Date & Time • Photographic Evidence – Annotate if possible – Front and back of device – Cyber Asset Name/Identifier Tag 14

  27. ERT and RSAW • ERT, ERT responses and RSAWS must be submitted. • Cite ERT responses in RSAW if the same evidence is being used to demonstrate compliance. • Additional evidence may be required to support RSAW responses 15

  28. Questions? Please send all questions to cip@npcc.org 16

  29. Data Validation Kimberly Griffith Senior Compliance Engineer 5/20/2020 1

  30. • New Registration Requests • Changes to Existing Registrations Registration Information • 7/14/2020 2

  31. CORES Functionality: Accessing CORES 5/20/2020 3

  32. CORES – My Entity Validation Summary Form Section Instructions Basic Information Ensure all fields are filled out correctly and add information if applicable. Upstream Holding Companies Add the top tier Holding Company and, if applicable, all NERC registered affiliates. Contacts (Roles - PCC, ACC, Temporary Contact Role Change Process PCO, etc.) • Until further notice, any changes made to Compliance Contact Roles (PCC, ACC, PCO, etc.) will be made in CDAA - NOT in CORES. • Please let me know if you make changes in CDAA so I can make them in CORES. Entity Scopes Ensure all fields are filled out correctly (effective date of the NERC reliability function(s) per region). Functional Mapping Functional Relationships. Please add, if available. Required for new registrations in CORES. Coordinated Oversight If applicable, review the Coordinated Oversight entity list. CFR If a Coordinated Functional Registration (CFR) record exists, review the information for accuracy. JRO If a Joint Registration Organization (JRO) record exists, review the information for accuracy. Comments & Attachments Upload supporting documents, etc. 5/20/2020 4

  33. Resources - Help Desk • Select the Help Desk option • This opens a page where you can submit a ticket to the NERC Help Desk – https://support.nerc.net/ 5/20/2020 5

  34. CORES Resources Resource Link ERO Portal Access https://eroportal.nerc.net/ ERO Enterprise Help Desk https://support.nerc.net/ ERO Portal User Guide https://www.nerc.com/pa/comp/RegistrationReferenceDo csDL/User Guide_ERO Portal.pdf NERC CORES Training https://training.nerc.net/ NERC Project Page https://www.nerc.com/pa/comp/Pages/CORESTechnology Project.aspx NERC Registration Page https://www.nerc.com/pa/comp/Pages/Registration.aspx NPCC Registration Page https://www.npcc.org/Compliance/Compliance Registration1/Forms/Public List.aspx 5/20/2020 6

  35. Contact Kimberly Griffith Senior Compliance Engineer 646-276-5332 (cell) 212-205-7051 (office) kgriffith@npcc.org 5/20/2020 7

  36. NPCC C FA FAC-008 F Focused ed Ou Outreac each and Complian ance B e Bulletins NPCC Webinar July 14, 2020 Ben Eng, Mgr. ERA 1

  37. Objectives • Why the Focus on FAC-008-3? • NPCC Survey results • Suggested Actions from NPCC • What is NPCC doing to address these concerns? 2

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NPCC 2019-2020 Winter Outlook NE Electric/Gas Operations Committee December 9, 2019 NPCC

NPCC 2019-2020 Winter Outlook NE Electric/Gas Operations Committee December 9, 2019 NPCC

NPCC 2019-2020 Winter Outlook NE Electric/Gas Operations Committee December 9, 2019 NPCC Resource Adequacy Projections Winter 2019-20 NPCC Region The coincident peak demand of 109,163 MW is forecast to occur on week beginning January 19

280 views • 11 slides
NPCC Task 5 Study NPCC Task 5 Study New York State Reliability Council Executive Committee Meeting

NPCC Task 5 Study NPCC Task 5 Study New York State Reliability Council Executive Committee Meeting

NPCC Task 5 Study NPCC Task 5 Study New York State Reliability Council Executive Committee Meeting Quoc Le NPCC Manager of System Planning and Protection February 10, 2012 Northeast Power Coordinating Council Inc. 1 Presentation Outline

232 views • 12 slides
NP NPCC Submission 5 February 2020 Presented by NPCC Representative: Ben Human Agenda Context:

NP NPCC Submission 5 February 2020 Presented by NPCC Representative: Ben Human Agenda Context:

Po Ports Re Regulator of South Africa Po Port Tariff Methodology for Tariff Years rs 2021/2022- 2023/ 2023/2024 2024 NP NPCC Submission 5 February 2020 Presented by NPCC Representative: Ben Human Agenda Context: Legislation and

566 views • 19 slides
Ports Regulator South Africa 2 2018/2019 Ports Authority Tariff f Methodology Roadshow NPCC

Ports Regulator South Africa 2 2018/2019 Ports Authority Tariff f Methodology Roadshow NPCC

Ports Regulator South Africa 2 2018/2019 Ports Authority Tariff f Methodology Roadshow NPCC Submis issio ion 24 31 October 2016 Agenda Context: Legislation and Governance 1 PCC Members per Port & NPCC Representatives 2 Tariff

485 views • 19 slides
NPCC VISIT THE POWER SYSTEM OPERATOR OF PAKISTAN National Power Control Centre Presented by:

NPCC VISIT THE POWER SYSTEM OPERATOR OF PAKISTAN National Power Control Centre Presented by:

SAARC TRAINING FOR PROFESSIONALS OF AFGHANISTANS POWER REGULATORY SYSTEM NPCC VISIT THE POWER SYSTEM OPERATOR OF PAKISTAN National Power Control Centre Presented by: Salman Gul Deputy Manager NPCC National Transmission and Despatch

881 views • 46 slides
Compliance in a virtual environment Caroline Mackenzie Webinar 24 April 2020 Consider what you

Compliance in a virtual environment Caroline Mackenzie Webinar 24 April 2020 Consider what you

Compliance in a virtual environment Caroline Mackenzie Webinar 24 April 2020 Consider what you can offer? Congress ABC Page 10 Page 2 Extract of Clause 28 from ABPI UK Code Compliance applies in a The Internet and other Digital Platforms

199 views • 9 slides
FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and

FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and

Presenting a live 90-minute webinar with interactive Q&A Anti-Corruption Reform in Mexico: FCPA Compliance is No Longer Enough Understanding Key Provisions, Ensuring Compliance and Mitigating Legal Risks WEDNESDAY, DECEMBER 9, 2015 1pm

420 views • 27 slides
Behavioral Health Advisor: The Guide to Navigating Compliance Quarterly Webinar February 13,

Behavioral Health Advisor: The Guide to Navigating Compliance Quarterly Webinar February 13,

Behavioral Health Advisor: The Guide to Navigating Compliance Quarterly Webinar February 13, 2018 Todays Presenters Shannon Mace , Senior Advisor, National Council for Behavioral Health Dianne Pledgie , Compliance Counsel, Feldesman Tucker

750 views • 42 slides
Qubec I nterconnection Approach to BES NPCC Governmental/ Regulatory Affairs Advisory Group

Qubec I nterconnection Approach to BES NPCC Governmental/ Regulatory Affairs Advisory Group

Placer une photo ici sil y a lieu Qubec I nterconnection Approach to BES NPCC Governmental/ Regulatory Affairs Advisory Group Sylvain Clermont November 27, 2012 I ntroduction: HQT Our m ission HQT operates its transmission system,

467 views • 12 slides
The 2020 MHTF and MoHIP Compliance Webinar will begin in a few minutes. COMMUNITY

The 2020 MHTF and MoHIP Compliance Webinar will begin in a few minutes. COMMUNITY

The 2020 MHTF and MoHIP Compliance Webinar will begin in a few minutes. COMMUNITY INITIATIVES Community Initiatives Department Contacts: Cassie Wilson Grants Administrator Denise Hoss Compliance Officer Caty Field MoHIP/MHTF

287 views • 25 slides
WEBINAR: Q2 2019 Compliance, Risk, and Regulation Roundtable Discussion Featuring Tom Fox,

WEBINAR: Q2 2019 Compliance, Risk, and Regulation Roundtable Discussion Featuring Tom Fox,

WEBINAR: Q2 2019 Compliance, Risk, and Regulation Roundtable Discussion Featuring Tom Fox, Jonathan Marks, and Sean Freidlin July 17, 2019 Our Speakers Jonathan Marks Tom Fox Partner at Baker Tilly The Compliance Evangelist 30+ years of

305 views • 19 slides
NATIONAL POLICE CADET CORPS (NPCC) C.L.I.F. 5 & 6 Achievements 3 Consecutive Years of

NATIONAL POLICE CADET CORPS (NPCC) C.L.I.F. 5 & 6 Achievements 3 Consecutive Years of

NATIONAL POLICE CADET CORPS (NPCC) C.L.I.F. 5 & 6 Achievements 3 Consecutive Years of Gold Award (UOPA) Best Police Youth Ambassador (PYA) award 2016 Camp-craft 11 th Position Multiple Singapore Police Force (SPF) Awardee

472 views • 16 slides
Program Year 2018 Webinar Presented by: Janet Sheridan Compliance Specialist Jessi Wilson

Program Year 2018 Webinar Presented by: Janet Sheridan Compliance Specialist Jessi Wilson

Oregons Medicaid EHR Incentive Program Program Year 2018 Webinar Presented by: Janet Sheridan Compliance Specialist Jessi Wilson Program Manager Julie Sinacola Compliance Specialist Joni Moore Program Lead Karen Allen

640 views • 27 slides
Harassment and CSU Policy Webinar Presented by: DHR Compliance Unit & OGC CSU Office of the

Harassment and CSU Policy Webinar Presented by: DHR Compliance Unit & OGC CSU Office of the

Harassment and CSU Policy Webinar Presented by: DHR Compliance Unit & OGC CSU Office of the Chancellor September 30, 2020 10 A.M. 11:30 A.M. Presenters Laura Anson Sr. Systemwide Director Systemwide DHR/Whistleblower/Equal

690 views • 31 slides
NPCC 2018 BOD Approved Cost Allocation Business Plan & Budget Discussion I tem # 4 FERC

NPCC 2018 BOD Approved Cost Allocation Business Plan & Budget Discussion I tem # 4 FERC

NPCC 2018 BOD Approved Cost Allocation Business Plan & Budget Discussion I tem # 4 FERC On-Site Audit April 1 7 , 2 0 1 2 Jessica H Je a Hal ala Mana nager, F Finance nce a and A Account nting ng 1 2018 Budget Overview No

389 views • 11 slides
EREC G99 Technical Compliance Requirements Webinar 30 th April 2019 Peter Twomey and Gill

EREC G99 Technical Compliance Requirements Webinar 30 th April 2019 Peter Twomey and Gill

EREC G99 Technical Compliance Requirements Webinar 30 th April 2019 Peter Twomey and Gill Williamson Welcome to our webinar Gill Williamson Peter Twomey Strategic Planning Policy Webinar format 15 minutes 45

569 views • 40 slides
Meaningful Stakeholder Engagement: A Collaborative Approach to Programs for People with

Meaningful Stakeholder Engagement: A Collaborative Approach to Programs for People with

Meaningful Stakeholder Engagement: A Collaborative Approach to Programs for People with Intellectual and Development Disabilities and Their Families Welcome to Todays Webinar Thank you for joining us to learn about meaningful stakeholder

594 views • 38 slides
Su Survey y of Ir Irani anian an Ame meric ricans ans Conducted by Zogby Research

Su Survey y of Ir Irani anian an Ame meric ricans ans Conducted by Zogby Research

2018 Nat ation ional al Publi lic Op Opini inion on Su Survey y of Ir Irani anian an Ame meric ricans ans Conducted by Zogby Research Services & Zogby Analytics Content i. Understanding the Iranian American Community ii.

510 views • 12 slides
Roadmap Hounslow CCG 23 August 2019 Contents Item Slide 1 Vision and ambition for the

Roadmap Hounslow CCG 23 August 2019 Contents Item Slide 1 Vision and ambition for the

Hounslow Integrated Care Partnership Roadmap Hounslow CCG 23 August 2019 Contents Item Slide 1 Vision and ambition for the partnership 4 2 Scope, composition and partner commitment 10 3 Model of care 18 4 Approach to population

888 views • 37 slides
Status Update May 2010 Big picture Reminder > we set two main goals for 2010: 1. Introduce

Status Update May 2010 Big picture Reminder > we set two main goals for 2010: 1. Introduce

Mozilla Foundation Status Update May 2010 Big picture Reminder > we set two main goals for 2010: 1. Introduce Drumbeat. Build projects and community. 2. Strengthen position as leading public charity promoting open internet. These are

315 views • 16 slides
Strengthening Early Childhood in Kansas in 2019 WEBINAR August 21, 2019 Statewide Needs

Strengthening Early Childhood in Kansas in 2019 WEBINAR August 21, 2019 Statewide Needs

Strengthening Early Childhood in Kansas in 2019 WEBINAR August 21, 2019 Statewide Needs Assessment Review Existing Needs Assessment Reports and Information Community Engagement Sessions Our Tomorrows Story Collection Gather

758 views • 58 slides
The IMO Grand Challenge Daniel Selsam Microsoft Research September 16th, 2020 Outline The

The IMO Grand Challenge Daniel Selsam Microsoft Research September 16th, 2020 Outline The

The IMO Grand Challenge Daniel Selsam Microsoft Research September 16th, 2020 Outline The Great Myth 1 The Grand Challenge 2 High-Level Strategy 3 Preliminary Roadmap 4 The Search Transformer The Universal Oracle Beyond the IMO 5 2

2.24k views • 177 slides
IQCP Demystified: Practical Considerations for a Blood Gas Individualized Quality Control Plan

IQCP Demystified: Practical Considerations for a Blood Gas Individualized Quality Control Plan

IQCP Demystified: Practical Considerations for a Blood Gas Individualized Quality Control Plan (IQCP) James H. Nichols, PhD, DABCC, FACB Professor of Clinical Pathology, Microbiology and Immunology Medical Director of Clinical Chemistry and

710 views • 44 slides
NSF: Astro 2020 Ralph Gaume Saul Gonzalez Vladimir Papitashvili Outline NSF Goals for

NSF: Astro 2020 Ralph Gaume Saul Gonzalez Vladimir Papitashvili Outline NSF Goals for

NSF: Astro 2020 Ralph Gaume Saul Gonzalez Vladimir Papitashvili Outline NSF Goals for Astro2020 Notional NSF Budgets: Construction and Operations Highlights of AST Response to Astro2010 Highlights of AST Program Status

802 views • 44 slides

More recommend