Maintaining compliance with NERC Reliability Standards can be complex and costly for most Power & Utility organizations. Additionally, failure to comply with the standards can result in heavy fines and adversely impact the power grid.
Cential has developed a unique and effective solution to assist organizations in managing their NERC program across the organization, centralizing data and enabling real-time reporting.
What are some of the main NERC compliance challenges for Power and Utility organizations?
NERC Compliance can be difficult to manage due to changing standards and managing compliance across divisions and business lines. In particular, organizations struggle with:
- Capturing and maintaining evidence of compliance.
- Staying abreast of continually evolving standards and requirements.
- Proper monitoring and reporting due to decentralized processes and documentation.
Cential’s Andrew Gunter saw the need for an answer to address these challenges and has created an innovative, effective solution located on the Onspring GRC platform.
Our solution provides Power and Utility organizations the ability to track compliance with individual NERC Standards & Requirements, including:
- Performing risk assessments
- Executing RSAWs
- Capturing compliance evidence
- Creating and monitoring controls
- Tracking issues and remediations
- Tracking Incidents
- Managing Self-Reports
- Mapping requirements to critical facilities and assets.
- Managing MOD-026 & 027 compliance
- Managing compliance tasks
Many NERC compliance solutions on the market can be time-consuming to implement and cumbersome to maintain and operate; our NERC compliance solution has solved these issues and more.
Cential’s NERC solution provides monthly updated content on NERC Standards and Requirements so clients stay up to date on new and revised standards. Through our solution clients can easily track impacted Processes, Controls, People, and Facilities and Assets when a Standard is updated. Removing the need to maintain manual spreadsheets and forms to monitor the program.
This solution is unlike any other current solution on the market thanks to Onspring’s:
- User-friendly interface
- Reporting and dashboard capabilities
- Ability for customers to configure solutions to support unique compliance processes.
Onspring’s flexible, cloud-based platform enables organizations to create their own applications and quickly integrate them into Cential’s NERC solution.
In a recent implementation of the NERC solution, Cential helped the client build out processes to help track all their NERC projects on a single dashboard and remind users to provide project updates. Thus, saving hours of time emailing and updating spreadsheets.
Additionally, Cential’s NERC compliance solution integrates with the broader OnSpring GRC platform, enabling organizations to manage other risk and compliance processes (e.g., SOX, ERM, BCM/DR, Third Party Risk Management, etc.) inside the solution. For example, a control documented and tested for NERC can also be tied to FERC, NIST, or other frameworks and managed through a test once and apply to many philosophies.
NERC compliance can be tricky for Power and Utility organizations of all sizes. Cential is proud that our solution can be scaled to help any Power & Utility’s unique challenges when complying with NERC Standards.
More about NERC and why the NERC Reliability Standards exist
NERC, or the North American Electric Reliability Corporation, is tasked with the responsibility to develop and enforce mandatory Reliability Standards to ensure the North American bulk power system is highly reliable and secure. NERC enforces approximately 100 standards across 14 different disciplines. Any organization that is associated with electrical generation, transmission, and interconnection of the bulk power system in North America is subject to the NERC Standards and must register with one of NERC’s regional entities.
The national power grid is interconnected across North America and is operated by almost 2,000 operators. This interconnection creates the risk that an incident by one operator can impact millions of people across a region or the entire country. The NERC standards require that organizations abide by the same standards, which helps ensure that best practices are followed and enforced.
NERC standards can be difficult to manage and tracking compliance can be time consuming and costly for organizations. For example, when NERC introduces a new or revised standard, organizations must identify the impacted assets and people, update their processes, and implement the new or revised standard to ensure ongoing compliance.
Additionally, NERC will conduct periodic audits of power & utility organizations (at least once every five years) to ensure NERC compliance programs are properly implemented. A poor audit performance can result in costly remediation actions or even fines for violations of up to $1,000,000 a day. Thus, spending the time and resources upfront to build a sustainable NERC compliance program pays dividends for organizations long term.
If you’d like to learn more about how Cential’s NERC solution could serve your business, contact us today.