Reliability Assurance Initiative-2016 CMEP IP - V - 2 5 - 071116 - POSTED

2016 ERO Enterprise
Compliance Monitoring
and Enforcement Program
Implementation Plan
Version 2.5
July 2016
NERC | Report Title | Report Date

I
Table of Contents
Revision History ......................................................................................................................................................... iv
Preface ........................................................................................................................................................................ v
Introduction ................................................................................................................................................................1
Purpose ...................................................................................................................................................................1
Implementation Plan ..............................................................................................................................................1
Significant Initiatives Impacting CMEP Activities .......................................................................................................2
Risk-Based Registration Initiative ...........................................................................................................................2
Critical Infrastructure Protection Reliability Standards, Version 5 .........................................................................2
Physical Security NERC Reliability Standard CIP-014-2 ...........................................................................................3
Risk-Based Approach to Compliance Monitoring and Enforcement ..........................................................................4
Risk-Based Compliance Monitoring ........................................................................................................................4
Risk-Based Enforcement .........................................................................................................................................7
Risk-Based Compliance Oversight Plan...................................................................................................................8
2016 Risk Elements .................................................................................................................................................9
Regional Risk Assessments .................................................................................................................................. 15
Regional Compliance Monitoring Plan ................................................................................................................ 15
Appendix A1 - Florida Reliability Coordinating Council (FRCC) 2016 CMEP Implementation Plan ......................... 18
Compliance Monitoring and Enforcement .......................................................................................................... 18
Regional Risk Assessment Process ....................................................................................................................... 19
Regional Risks and Associated Reliability Standards ........................................................................................... 21
Compliance Outreach .......................................................................................................................................... 23
Appendix A2 - Midwest Reliability Organization (MRO) 2016 CMEP Implementation Plan ................................... 24
Compliance Outreach .......................................................................................................................................... 27
Appendix A3 - Northeast Power Coordinating Council (NPCC) 2016 CMEP Implementation Plan......................... 28
Regional Risk Elements and Areas of Focus......................................................................................................... 30
1.
Compliance Outreach .................................................................................................................................. 35
Appendix A4 - ReliabilityFirst Corporation (ReliabilityFirst) 2016 CMEP Implementation Plan ............................. 36

NERC | 2016 ERO CMEP Implementation Plan Version 2.5 | July 2016
ii
Error! No text of specified style in document.
1.
Compliance Monitoring and Enforcement .................................................................................................. 36
2.
Other Regional Key Initiatives and Activities............................................................................................... 36
3.
Regional Risk Assessment Process .............................................................................................................. 37
4.
Regional Risk Elements and Areas of Focus ................................................................................................ 40
5.
Regional Compliance Monitoring Plan ........................................................................................................ 52
6. Compliance Outreach ...................................................................................................................................... 55

Appendix A5 - SERC Reliability Corporation (SERC) 2016 CMEP Implementation Plan .......................................... 57
1.
2.
3.
4.
5.
Appendix A6 - Southwest Power Pool Regional Entity (SPP RE) 2016 CMEP Implementation Plan ....................... 63
1.
2.
3.
4.
5.
Appendix A7 - Texas Reliability Entity (Texas RE) 2016 CMEP Implementation Plan ............................................. 68
1.
2.
3.
Regional Risks and Associated Reliability Standards ................................................................................... 70
4.
Compliance Oversight Plan.......................................................................................................................... 74
5.
Appendix A8 - Western Electricity Coordinating Council (WECC) 2016 CMEP Implementation Plan ..................... 76
1.
2.
3.
4.
5.
Appendix B Compliance Assessment Report ........................................................................................................ 80

Compliance Assessment Process for Events and Disturbances ........................................................................... 80
iii
Revision History
Version
Version 1.0
Version 2.0
Date
September 10, 2015
November 17, 2015
Revision Detail
Initial release of the 2016 ERO Enterprise CMEP Implementation Plan
ERO Enterprise CMEP Implementation Plan updated to include RE
Implementation Plans within the Appendix A. Significant changes
include:
Removed key enforcement date table due to dependency of

enforcement and implementation dates being based on actions
of the registered entity. Registered entities should contact their
RE for details and questions on CIP-014-2 implementation
Expanded information on self-logging on page 7, and
Added ERO Enterprise 2016 monitoring approach for CIP

Version 5 and CIP-014 beginning on pages 16-17.
Added R3 for CIP-014-2 to Table 3 Extreme Physical Events
to align with ERO Enterprise 2016 monitoring approach for
CIP-014-2.
Version 2.1
November 24, 2015
Removed duplicate requirements in the Regional Risk Elements

and Areas of Focus section of the Appendix A5 SERC Reliability
Corporation (SERC) 2016 CMEP Implementation Plan
Corrected the link to the SERC 2016 Audit Schedule within the
same appendix.
Version 2.2
Version 2.3
Version 2.4
Version 2.5
December 1, 2015
December 8, 2015
June 17, 2016
Changed NCR01321 within SERCs 2016 Compliance Audit Plan

table to O&P audit only.
Removed City of Minden from the SPP RE 2016 Compliance Audit Plan.
Changed the footnote reference on page 55 from LSE to GO.
Removed reference to LSE from the audit schedule on pages 68

and 69.
Added vegetation management as area of focus
Changed CIP V5 effective dates
Edits to MRO, NPCC, RF, and SPP RE Regional IPs
Table 3 updated: Critical Infrastructure Protection page 10.

Standard version numbers updated to CIP-006.6 and to CIP007.6.
iv
Preface
The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority
whose mission is to assure the reliability of the bulk power system (BPS) in North America. NERC develops and
enforces Reliability Standards; annually assesses seasonal and longterm reliability; monitors the BPS through
system awareness; and educates, trains, and certifies industry personnel. NERCs area of responsibility spans the
continental United States, Canada, and the northern portion of Baja California in Mexico. NERC is the electric
reliability organization (ERO) for North America, subject to oversight by the Federal Energy Regulatory Commission
(FERC) and governmental authorities in Canada. NERCs jurisdiction includes users, owners, and operators of the
BPS, which serves more than 334 million people.
The North American BPS is divided into eight Regional Entity (RE) boundaries, as shown in the map and
corresponding table below.
The Regional boundaries in this map are approximate. The highlighted area between SPP and SERC denotes overlap as some
load-serving entities participate in one Region while associated transmission owners/operators participate in another.
FRCC
Florida Reliability Coordinating Council
MRO
Midwest Reliability Organization
NPCC
Northeast Power Coordinating Council
RF
ReliabilityFirst
SERC
SERC Reliability Corporation
SPP RE
Southwest Power Pool Regional Entity
Texas RE
Texas Reliability Entity
WECC
Western Electricity Coordinating Council
v
Introduction
Purpose
The ERO Enterprise Compliance Monitoring and Enforcement Program (CMEP) Implementation Plan (IP) is the
annual operating plan carried out by Compliance Enforcement Authorities (CEAs) while performing their
responsibilities and duties. CEAs, which consist of NERC and the eight Regional Entities (REs), carry out CMEP
activities in accordance with the NERC Rules of Procedure (ROP) (including Appendix 4C), their respective Regional
Delegation Agreements, and other agreements with the Canadian regulatory authorities.
The ROP requires NERC to provide an Implementation Plan to the REs on or about September 1 of the preceding
year.1 REs must submit their Implementation Plans to NERC for review and approval on or about October 1. RE
Implementation Plans provide:
Details on Regional Risk Assessment processes and results;
Reliability Standards and Requirements associated with Regional Risk Assessment results;
The RE compliance oversight plan, which includes the annual audit plan; and
Other key activities and processes used for CMEP implementation.
The ERO Enterprise maintains a consolidated Implementation Plan that provides guidance and implementation
information common between NERC and the eight REs.
Implementation Plan
In 2014, NERC began consolidating its Implementation Plan (IP) with that of the REs. The consolidated plan uses a
streamlined format that eliminates redundant information, improves transparency of CMEP activities, and
promotes consistency among the REs Implementation Plans. This format provides ERO Enterprise-wide guidance
and implementation information while preserving potential RE differences by appending RE-specific
Implementation Plans to supplement the overall ERO Enterprise Implementation Plan. The RE Implementation
Plans describe risk assessments that identify what risks the REs will consider as part of their compliance oversight
plans.
NERC is responsible for collecting and reviewing the RE Implementation Plans to help ensure REs provide
appropriate and consistent information regarding how they conduct CMEP activities. NERC monitors RE progress
of CMEP activities against the RE Implementation Plans throughout the year and reports on CMEP activities in a
yearend annual CMEP report.2
During the implementation year, NERC or an RE may update the Implementation Plan. Updates may include, but
are not limited to: changes to compliance monitoring processes; changes to RE processes; or updates resulting
from a major event, FERC order, or other matter. REs submit updates to the NERC Compliance Assurance group,
which reviews the updates and makes any needed changes. When changes occur, NERC posts a revised plan on
its website and issues a compliance communication.
RE Implementation Plans were due to NERC for review and approval on or about October 1. NERC has since
reviewed the Regional Implementation Plans and included them in this document in Appendix A (18).
1
2
NERC ROP, Section 403 (Required Attributes of RE Compliance Monitoring and Enforcement Programs).
ERO Enterprise Annual CMEP Reports available at http://www.nerc.com/pa/comp/Pages/AnnualReports.aspx
1
Significant Initiatives Impacting CMEP Activities

The following ongoing NERC initiatives continuing in 2016 impact the ERO Enterprises CMEP implementation.
Risk-Based Registration Initiative
Background
NERC launched the Risk-Based Registration (RBR) initiative in 2014 to streamline the approach to identify and
evaluate risks to reliability throughout the ERO Enterprise.3 The new registration process has established clearer
thresholds and ensures that registration is based on risk to reliability. All reliability stakeholders should benefit
from this initiative.
NERC will continue work with the REs throughout 2016 to monitor the RBR effects and to assess the potential
impact of RBR on other ongoing risk-based CMEP activities. NERC and the REs will determine if any other processes
can be streamlined.
Critical Infrastructure Protection Reliability Standards, Version 5
Background
On February 25, 2016, FERC issued a letter order4 granting an extension of time to defer the implementation of
the CIP Version 5 Reliability Standards from April 1, 2016 to July 1, 2016 to align with the effective date for the
revised CIP Reliability Standards approved in Order No. 822. Therefore, for Responsible Entities in the United
States, the requirements in the CIP Version 5 standards applicable to high- and medium-impact Bulk Electric
System (BES) Cyber Systems (BCSs) will become enforceable on July 1, 2016. There is no change to enforceable
date for the requirements applicable to low-impact BCSs, which remains April 1, 2017. In other jurisdictions, the
CIP Version 5 standards become effective in accordance with the rules of those individual jurisdictions,
respectively.
Responsible Entities must identify and categorize their BCSs based on CIP Version 5 criteria that are commensurate
with the adverse impact that loss, compromise, or misuse of those systems could have on the reliable operation
of the BES. All registered entities, including those expected to have only Low Impact BES Cyber Systems, must be
compliant with CIP-002-5.1 R1 and R2 as of July 1, 2016.5
Activities
The requirements of CIP Version 5 standards that will affect compliance expectations during 2016 are those with
both initial and recurring performance obligations (e.g., at least once every 15 calendar months). A list of
requirements with performance expectations is included in the Implementation Plan for Version 5 CIP Cyber
Security Standards.6
Once the standards and definitions of terms used in CIP Version 5 become effective, the Responsible Entities
identified in the Applicability section of the standard must comply with the requirements. While Critical
Infrastructure Protection is identified as a separate risk element, discussed below in this report, it is important
that the CIP Standards themselves are also linked to other risk elements identified in this document. Staff that
assess compliance to the CIP standards are encouraged to coordinate with Operations and Planning staff to ensure
that the appropriate risks are identified and addressed.
3
Refer to the RBR Initiative website that contains supporting documents and resources for ongoing RBR activities located here:
http://www.nerc.com/pa/comp/CAC/Pages/Risk-Based%20Registration.aspx.
4
Docket No. RM15-14-000, Order Granting Extension of Time, Issued February 25, 2016
5
Refer to complete list of CIP enforceable dates here:
http://www.nerc.com/pa/CI/Documents/CIP%20Version%205%20Standards%20Implementation%20Dates%20-%20Final.xlsx
6 http://www.nerc.com/pa/Stand/CIP00251RD/Implementation_Plan_clean_4_(2012-1024-1352).pdf%20.
2
Significant Initiatives Impacting CMEP Activities
Physical Security NERC Reliability Standard CIP-014-2
Background
Physical Security NERC Reliability Standard CIP-014-2 takes effect in October 2015. Requirement R1 is enforceable
on October 1, 2015. Requirements R2 through R6 must be completed according to the timelines specified in the
standard. Focus areas for CIP-014 will involve monitoring evidence for the following attributes:
Number of assets critical under the Standard;
Defining characteristics of the assets identified as critical;
Scope of security plans (types of security and resiliency contemplated);
Timelines included for implementing security and resiliency measures; and
Industrys progress in implementing the Standard.
For additional information on key implementation dates or details on CIP-014-2, registered entities should
communicate with their points of contact at the RE.
NERC | 2016 ERO CMEP Implementation Plan Version 2.5| July 2016
3
Risk-Based Approach to Compliance Monitoring and

Enforcement
Risk-Based Compliance Monitoring
Risk-based compliance monitoring involves the use of the ERO Enterprise Risk-Based Compliance Oversight
Framework (Framework) depicted in Figure 1 below. The Framework focuses on identifying, prioritizing, and
addressing risks to the bulk power system (BPS), which enables each CEA to focus resources where they are most
needed. REs are responsible for tailoring their monitoring (i.e., monitoring tools and the frequency and depth of
monitoring engagements) of registered entities using the Framework described below.
Figure 1: Risk-Based Compliance Oversight Framework

During 2016 and beyond, CEAs will continue deploying processes and tools used to support risk-based compliance
oversight. NERC and the REs are committed to ensuring full transformation to risk-based compliance oversight,
and they plan to continue communications, training, and outreach throughout 2016.
As reliability risk is not the same for all registered entities, the Framework examines BPS riskas well as individual
registered entity riskto determine the most appropriate CMEP tool to use when monitoring a registered entitys
compliance with NERC Reliability Standards. The Framework also promotes an examination into how registered
entities operate and tailors compliance monitoring focus to areas that pose the greatest risk to BPS reliability. The
elements in Figure 1 are dynamic and are not independent; rather, they are complementary and dependent on
each other.
The first step of the Framework is identification and prioritization of continent-wide risks based on the potential
impact to reliability and the likelihood that such an impact might be realized, resulting in an annual compilation
of ERO Enterprise risk elements. NERC Reliability Standards are in place to help ensure the reliable operation of
the BPS. That is, the elements of the BPS should be operated so that instability, uncontrolled separation, and
cascading failures of the system will not occur. Through the identification of risk elements, the ERO Enterprise
maps a preliminary list of applicable NERC Reliability Standards and responsible registration functional categories
to the risk elements, known as areas of focus. The areas of focus represent an initial list of NERC Reliability
Standards on which the ERO Enterprise focuses compliance monitoring efforts. However, the risk elements and
areas of focus contained with the Implementation Plan do not constitute the entirety of the risks that may affect
the BPS.
4
Risk-Based Approach to Compliance Monitoring and Enforcement
The Implementation Plan contains the ERO Enterprise risk elements, which provide guidance to REs in the
preparation of their RE Implementation Plans. REs are expected to further consider local risks and specific
circumstances associated with individual registered entities within their footprints when developing their
compliance oversight plans. The process for identifying ERO Enterprise and RE risk elements, and their associated
areas of focus, is explained later in the document.
After risk elements and their associated areas of focus are identified and prioritized, the Inherent Risk Assessment
(IRA) occurs. The IRA involves a review of potential risks posed by an individual registered entity to the reliability
of the BPS.7 An IRA considers factors such as assets, systems, geography, interconnectivity, prior compliance
history, and overall unique entity composition. In considering such factors, an IRA is not limited by the risk
elements and associated areas of focus identified in the 2016 ERO Enterprise CMEP IP. Rather, the IRA considers
multiple factors to focus oversight to entity-specific risk and results in the identification of the standards and
requirements that should be monitored.
When developing more specific monitoring plans for registered entities in their footprints, the REs also take into
account any information obtained through the processes outlined in the Internal Control Evaluation (ICE) Guide.8
The ICE guide describes the process for identifying key controls, testing their effectiveness, and documenting the
conclusions of the ICE, allowing a further refinement of the compliance oversight plan. As a result of the ICE, the
REs may further focus compliance monitoring activities for a given entity, and may, for example, change the depth
and how thoroughly a particular area is reviewed.9 Registered entities may elect not to participate in an ICE. In
that case, the RE will use the results of the IRA to determine the appropriate compliance oversight strategy,
including areas of focus and tools within the determined scope.
Ultimately, the RE will determine the type and frequency of the compliance monitoring tools (e.g., offsite or onsite
audits, spot checks or self-certifications) that are warranted for a particular registered entity based on reliability
risks; therefore, the RE may modify the set of core NERC Reliability Standards or pursue compliance assurance
through any monitoring considerations. The determination of the appropriate CMEP tools will be adjusted, as
needed, within a given implementation year.
Coordinated Oversight of Multi-Region Registered Entities
In 2014, the ERO Enterprise initiated the process of developing a comprehensive coordinated oversight program
of multi-region registered entities (MRREs).10 The Coordinated Oversight Program for MRREs is designed to
streamline risk assessment, compliance monitoring and enforcement, and event analysis activities for the
registered entities that use, own, or operate assets in areas covering more than one RE territory.
Under the Coordinated Oversight Program for MRREs, REs will coordinate their oversight responsibilities over
MRREs by designating one Lead RE (LRE) to each MRRE or a group of MRREs.11 The LRE is selected based on BPS
reliability considerations and the registered entitys operational characteristics. The selected LRE works
7
ERO Enterprise Inherent Risk Assessment Guide, available at

http://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/ERO_Enterprise_Inherent_Risk_Assessment_Guide_20141010.pdf
ERO Enterprise Internal Control Evaluation Guide, available at

http://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/ERO%20Enterprise%20Internal%20Control%20Evaluation%20Guide.pdf
For example, if a registered entity demonstrates effective internal controls for a given Reliability Standard during the ICE, the Regional
Entity may determine that it does not need to audit the registered entitys compliance with that Reliability Standard as frequently, or the
RE may select a different monitoring tool.
10
Coordinated Oversight of MRRE Program Development and Implementation, available at
http://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/MRRE%20FAQ%20with%20Notice%201-12-15.pdf
and Compliance Monitoring and Enforcement for Entities Registered in Multiple Regions Webinar June 23, 2015, available at
http://www.nerc.com/pa/comp/Pages/RAI-Workshops-and-Webinars.aspx.
11
The intent of the Coordinated Oversight Program of MRREs is to have a single LRE. However, although not anticipated, if needed there
may be multiple LREs.
5
collaboratively with the remaining REs, known as Affected REs, and informs NERC of activities as appropriate. The
Coordinated Oversight Program is flexible and voluntary for MRREs.
Compliance Assessments for Events and Disturbances
An important component of the ERO Enterprises risk-based approach to compliance monitoring is voluntary
participation in the Compliance Assessment (CA) Process by registered entities after an event or disturbance.
Through the Event Analysis Process, the ERO Enterprise promotes a culture of reliability excellence that
encourages an aggressive and critical self-review and analysis of operations, planning, and critical infrastructure
performance.
The CA Process is a complementary review of the event focused on the evaluation of compliance with Reliability
Standards. A registered entity completes a CA by reviewing the facts and circumstances of an event or disturbance,
identifying relevant Reliability Standards and Requirements, evaluating compliance with these standards and
requirements, and self-reporting any potential noncompliance. RE compliance staff also assess significant events
and disturbances to increase awareness of reliability risks that may guide further compliance monitoring activities.
Registered Entity Responsibilities in CA Process

The ERO Enterprise encourages registered entities to perform a voluntary, systematic CA in response to all system
events and disturbances. Registered entities are also encouraged to share the CA with the RE for all Category 2
and above events. The ERO Event Analysis Process describes the categories for events.12 Registered entities should
use the Sample Compliance Assessment Report template (Appendix 3 of this document) when performing a CA.
In addition to the completed CA template, registered entities should provide to the RE sufficient event
information, such as the Brief Report or Event Analysis Report, so the RE may thoroughly understand the event.
Registered entities that follow the process above to systematically evaluate their own compliance performance,
self-report potential noncompliance, and address reliability issues demonstrate the effectiveness of their internal
controls and their commitment to a culture of compliance. Registered entities that are able to demonstrate strong
internal controls and a robust culture of compliance that mitigates risk may be afforded some recognition by way
of reduced levels and frequency of compliance monitoring activities. Mitigating credit for these actions is also
considered during the enforcement of a noncompliance. Such credit is available to the registered entity for
comprehensive CAs that clearly demonstrate a systematic review of applicable standards and, as appropriate, selfreporting.
RE Responsibilities in CA Process
REs will review system event reports and CA reports provided by registered entities and may use a risk-based
approach to prioritize these evaluations. However, the REs will conduct a Regional Compliance Evaluation (RCE)
for all Category 2 and above events. By exception, the RE may also examine lower category events that indicate
the need for closer examination. As part of its independent evaluation of the CA, the RE may request additional
information from the registered entity if it is needed to better understand the event. This process, while informal,
may be used to recommend a formal compliance monitoring method, such as a spot check, or be used to
recommend a modification to the scope of an upcoming audit.
The scope of RCEs and the manner in which the REs and NERC evaluate, process, and respond to these reviews
should reflect the significance of the event. The registered entity can greatly assist the RE by providing a thorough
and systematic self-evaluation in its CA. The RE will share the RCE and CA with NERC staff.
12
http://www.nerc.com/pa/rrm/ea/EA%20Program%20Document%20Library/ERO_EAP_V3_final.pdf
6
Risk-Based Enforcement
The ERO Enterprises risk-based enforcement defines, communicates, and promotes desired entity behavior in an
effort to improve the reliability of the BPS. Specifically, risk-based enforcement allows the ERO Enterprise to focus
on higher risks to the reliability of the BPS while maintaining the ERO Enterprises visibility into potential
noncompliance issues, regardless of the level of risk they pose. With this in mind, the ERO Enterprise developed
Compliance Exceptions and the self-logging program to resolve instances of minimal-risk noncompliancein
particular, those that are self-identifiedin a more streamlined manner.
Compliance Exceptions
Beginning in November 2013, the ERO Enterprise began identifying minimal-risk noncompliance that does not
warrant a penalty and that would be recorded and mitigated without triggering an enforcement action. This type
of noncompliance, which is not pursued through an enforcement action by the ERO Enterprise, is called a
Compliance Exception.
Compliance Exceptions build on the success of the Find, Fix, Track and Report (FFT) program, which was the first
step in implementing a risk-based strategy that recognizes that not all instances of noncompliance require the
same type of enforcement process. The use of this streamlined mechanism is informed by the facts and
circumstances of the noncompliance, the risk posed by the noncompliance to the reliability of the BPS, and the
deterrent effect of an enforcement action or penalty, among other things. These considerations are very similar
to the considerations that have been used since 2011 to determine whether a noncompliance should be processed
as an FFT. Only a noncompliance posing minimal risk to the reliability of the BPS is eligible for Compliance
Exception treatment.
Self-Logging Program
Through the self-logging program, the ERO Enterprise encourages registered entities to detect, accurately assess
the risk of, and adequately mitigate minimal-risk noncompliance with Reliability Standards. In evaluating whether
a registered entity is eligible for the program, an RE reviews the internal controls the registered entity uses to selfassess and address its noncompliance. In this sense, the evaluation of eligibility for self-logging is distinct from an
ICE conducted for the purposes of tailoring the specific monitoring activities of a CEA for a particular registered
entity.
Registered entities found eligible by the CEA to participate in the self-logging program, after a formal review of
internal controls, may be granted approval by the CEA to log noncompliance for subsequent review in lieu of
submitting a self-report. In determining eligibility for self-logging, the Regional Entities consider whether a
registered entity is capable of self-identifying and mitigating minimal risk noncompliance on its own, as
demonstrated by, among other things: 1) the registered entitys history of initiative and recognition of compliance
obligations; 2) the registered entitys reliable and accurate self-reporting of noncompliance to the Regional
Entities; 3) the registered entitys history of mitigating its noncompliance in a timely and thorough manner; 4) the
quality, comprehensiveness, and execution of the registered entitys ICP; 5) the registered entitys cooperation
with the RE during enforcement actions, compliance monitoring activities, and RE outreach; and 6) the registered
entitys performance during Regional Compliance Audits. The log is limited to noncompliance posing a minimal
risk to the reliability of the BPS unless otherwise authorized by an applicable governmental authority. Approved
registered entities maintain a log with a detailed description of the noncompliance, the risk assessment, and the
mitigating activities completed or to be completed. There is a rebuttable presumption that minimal-risk
noncompliance logged in this manner will be resolved as a CE. The CEA periodically reviews the logs and provides
the resulting CEs to NERC for posting on the NERC website.
The self-logging program also encourages the development and communication of management practices by
registered entities and rewards registered entities for implementing demonstrated, effective controls to detect
and correct issues as they arise.
7
Risk-Based Compliance Oversight Plan

Process for Risk Elements and Associated Areas of Focus
The ERO Enterprise continues to identify risks to the reliability of the BPS, as well as mitigating factors that may
reduce or eliminate a given reliability risk, and the ERO Enterprise will continue to do so under the Framework
referenced above. As such, NERC identifies risk elements using data including, but not limited to: compliance
findings; event analysis experience; data analysis; and the expert judgment of NERC and RE staff, committees, and
subcommittees (e.g., NERC Reliability Issues Steering Committee). NERC uses these risk elements to identify and
prioritize interconnection and continent-wide risks to the reliability of the BPS. These identified risks, as well as
risks to the reliability of the BPS identified by each RE for its footprint, will be used by REs to focus monitoring
activities in the upcoming year, and they become inputs for developing oversight plans for individual registered
entities.
For the purpose of the Implementation Plan, areas of focus highlight ERO Enterprise-wide and RE-specific risks
that merit increased focus for compliance monitoring, which becomes a part of an individual registered entitys
compliance oversight plan. The areas of focus do not represent the exclusive list of important or relevant
Reliability Standards or Requirements, nor are the areas of focus the entirety of the risks that may affect the
reliability of the BPS. Rather, REs will consider the risk elements and areas of focus to help prioritize compliance
monitoring efforts.
When developing entity-specific compliance oversight plans, REs consider local risks and specific circumstances
associated with individual registered entities. They focus on a complete picture of reliability risks to determine
the appropriate compliance monitoring tool for registered entities. As a result, a particular registered entitys
scope of monitoring may include more, fewer, or different Reliability Standards than those outlined in the ERO
and RE CMEP IPs. The determination of the appropriate CMEP tools may be adjusted, as needed, within a given
implementation year. Additionally, NERC and the REs have the authority to monitor compliance with all applicable
Reliability Standards whether they are identified as areas of focus to be considered for compliance oversight in
the annual Implementation Plan or are included in an REs oversight plan for a registered entity.
NERC followed the risk element development process outlined in the Risk Elements Guide for Development of the
2015 ERO Enterprise CMEP Implementation Plan to review and reassess the 2015 risk elements to determine
applicability for 2016.13 Although the Implementation Plan identifies NERC Standards and Requirements for
consideration for focused compliance monitoring, the ERO Enterprise recognizes by using the Framework and riskbased processes that REs will develop a focused list of NERC Reliability Standards and Requirements specific to
the risk a registered entity poses. Therefore, a particular area of focus under a risk element does not imply (1) that
the identified NERC standard(s) fully addresses the particular risk associated with the risk element, (2) that the
identified NERC Standard(s) is only related to that specific risk element, or (3) that all requirements of a NERC
standard apply to that risk element equally. Subject to NERC monitoring, REs will consider the ERO Enterprise risk
elements, along with RE risk elements, when conducting compliance monitoring activities and assessing
compliance with identified NERC standards and requirements.
Risk Element Results
For 2016, NERC refined the nine 2015 risk elements down to eight. Specific refinements include combining some
risk elements into broader categories, with more specified areas of focus under each risk element, and revising
the risk element names to more accurately reflect the risk involved. Table 2 compares the 2015 risk elements to
the new, refined 2016 risk elements.
13
Risk Elements Guide for Development of the 2015 CMEP IP, available at
http://www.nerc.com/pa/comp/Reliability%20Assurance%20Initiative/Final_RiskElementsGuide_090814.pdf.
8
Table 2: Critical Comparison of 2015 and 2016 Risk Elements

2015 Risk Elements
2016 Risk Elements
Cybersecurity
Critical Infrastructure Protection
Extreme Physical Events
Infrastructure Maintenance
Maintenance and Management of BPS Assets
Monitoring and Situational Awareness
Protection System Misoperations
Protection System Failures
Uncoordinated Protection Systems
Event Response/Recovery
Long-Term Planning and System Analysis
Planning and System Analysis
Human Error
Human Performance
Workforce Capability
(N/A for 2016)
2016 Risk Elements

The eight risk elements below are not a comprehensive list of all risks to the reliability of the BPS. Standards,
requirements, and associated functions for each area of focus may be updated throughout the year to reflect new
versions of the standards that become effective. Where issues are being addressed through other mechanisms,
they are not included herein for compliance assurance activities.
The protection of critical infrastructure remains an area of significant importance and is addressed in the RISCs
ERO Priorities: RISC Updates and Recommendations report14, the Cyber Attack Task Force Final Report15, and in
NERCs ERO Top Priority Reliability Risks 2014-2017 report.16 The risk includes threats and vulnerabilities that
result from (1) system downtime, (2) unauthorized access, and (3) corruption of operational data. The areas of
focus for Critical Infrastructure Protection are outlined in Table 3.
While Critical Infrastructure Protection is identified as a separate risk element, the CIP standards themselves are
also linked to other risk elements identified in this document. The CIP standards address protection of the BES;
thus, errors in identifying and categorizing the appropriate BES components could lead to ineffective or missing
security measures. There are also situations in which Operations and Planning standards could affect CIP risk
elements (e.g., CIP-008 and CIP-009 deal with response planning and recovery from cyber events and as such
could have been included as part of the Events Response/Recovery risk element).
System Downtime
NERC has analyzed data and identified that outages of tools and monitoring systems are fairly common
occurrences. Events involving a complete loss of SCADA control, or monitoring functionality for 30 minutes or
more, are the most common grid-related events since 2012 and limit the situational awareness of operators. Lessthan-adequate situational awareness has the potential for significant negative reliability consequences and is
often a precursor event or contributor to events. Additionally, insufficient communication and data regarding
neighboring entities operations could result in invalid assumptions of another systems behavior or system state.
14
ERO Priorities: RISC Updates and Recommendations available at

http://www.nerc.com/comm/RISC/Related%20Files%20DL/RISC_Priority_Recommendations-Jul_26_2013.pdf
15
Cyber Attack Task Force Final Report available at
http://www.nerc.com/docs/cip/catf/12-CATF_Final_Report_BOT_clean_Mar_26_2012-Board%20Accepted%200521.pdf
16
ERO Top Priority Reliability Risks 2014-2017 available at
http://www.nerc.com/comm/RISC/Agenda%20Highlights%20and%20Minutes/ERO%20Top%20Priority%20Reliability%20Risks%202014
.pdf
9
Furthermore, with the transition to CIP Version 5 in 2016, entities are to use a rigorous criteria to determine the
BCSs that will be subject to the technical security requirements. With such a major shift in this key aspect of
entities CIP and security programs, it is important to perform the analyses early so that critical BCSs are identified
and potential gaps in the security controls used to protect BCSs is minimized.
Unauthorized Access
Unauthorized access can lead to BCSs being compromised and is a major risk to systems that are used to monitor
and control the BES. The RISC report describes the implementation of mandatory CIP standards and the
establishment of the E-ISAC as substantial risk mitigation measures, but cyber-attack is a constantly evolving
threat. Any communication gaps between cyber experts and industry operators could lead to vulnerabilities. Also,
the fast-paced rate of changes in technology with increased reliance on automation, remote control technology,
and grid sensors that enable the close monitoring and operations of systems means that advanced tools are
needed to counter those threats.
Corruption of Operational Data

Misconfiguration of BES Cyber Assets, which often results from gaps in change management processes, can make
the devices used to monitor and control the BPS subject to more attacks.
Areas of Focus17
Standard
CIP-002-5.1
CIP-005-5
CIP-006-6
CIP-007-6
17
Table 3: Critical Infrastructure Protection

Requirements
Entities for Attention
Asset Types
Balancing Authority
Control Centers
Generator Operator
Backup Control Centers
Generator Owner
Data Centers
R1, R2
Reliability Coordinator
Substations
Transmission Operator
Generation Facilities
Transmission Owner
Balancing Authority
Control Centers
Generator Operator
Generator Owner
Data Centers
R1, R2
Substations
Generation Facilities
Transmission Owner
Control Centers
Balancing Authority
R1, R2, R3
Data Centers
Substations
Transmission Owner
R1, R2, R3, R5
Balancing Authority
Transmission Owner
Control Centers
Data Centers
While Table 3 lists the CIP Version 5 Reliability Standards, the ERO, through release of its Cyber Security Reliability Standards CIP Version
5 Transition Guidance, actively encourages and supports registered entities transitioning from compliance with the Version 3 Reliability
Standards directly to the Version 5 Reliability Standards. As stated in that guidance, NERC and the Regional Entities will take a flexible
compliance monitoring and enforcement approach for the CIP Reliability Standards prior to the Enforceable Date of the Version 5
Reliability Standards, recognizing that the details of implementing a Version 3 to Version 5 transition may cause a significant impact on
certain compliance monitoring activities.
10

Extreme physical events can include acts of nature or man-made events that cause extensive damage to
equipment and systems. NERC identified this concern as a significant risk in its ERO Top Priority Reliability Risks
20142017 report as well as in the RISCs ERO Priorities: RISC Updates and Recommendations report. As concluded
in the RISC report, the potential consequences of such events are high enough to warrant increased focus to
properly address the risk. The areas of focus for extreme physical events are outlined in Table 4.
Acts of Nature
The RISC report identifies severe weather events (e.g., hurricanes, tornadoes, polar vortices, GMDs, etc.) as
physical events that, at the extreme, can cause equipment damage that is interconnection-wide, lead to fuel
limitations, and disrupt telecommunications. Because of the long lead time needed to manufacture and replace
some BPS assets, an extreme physical event that causes extensive damage to equipment could result in degraded
reliability for an extended period of time.
Man-Made
The second component of extreme physical events is those that are man-made. As stated in the RISC report,
coordinated sabotage such as localized physical attacks of significance or electromagnetic pulse (EMP) attacks are
physical events that, at the extreme, can cause extensive interconnection-wide equipment damage and disrupt
telecommunications. As previously mentioned, the lead time for manufacturing and replacing some BPS assets
could result in degraded reliability for an extended period of time.
Areas of Focus
Table 4: Extreme Physical Events
Standard
Requirements
EOP-010-1
R1, R3
CIP-014-2
R1, R2, R3
Transmission Owner

As the BPS ages, lack of infrastructure maintenance is a reliability risk that continues to grow. NERC identified this
concern in its ERO Top Priority Reliability Risks 2014-2017 report as well as the RISCs ERO Priorities: RISC Updates
and Recommendations report. The RISC report identifies that the failure to maintain equipment is a reliability risk
exacerbated when an entity either does not have replacement components available or cannot procure needed
parts in a timely fashion. Deficiencies in maintenance strategies create additional pressure on sparing programs
and the ability to replace aging infrastructure. Another risk, highlighted by NERCs 2010 Facility Ratings Alert to
industry, involved the misalignment between the design and actual construction of BPS facilities. The areas of
focus for maintenance and management of BPS assets are outlined in Table 5.
Additionally, compliance data analysis shows that PRC-005 has the highest number of reported noncompliance
and serious or moderate risk filings in the past four years.
Transmission outages related to inconsistent vegetation management pose an ongoing reliability risk to the BPS.
The 2015 Vegetation Report published by NERC shows a slight increase in growin vegetationrelated outages.18
As a result, NERC has added vegetation management as an Area of Focus in 2016. FAC-003-3 addresses the risk of
18
2015 Vegetation-Related Transmission Outages

11
transmission outages, and associated potential for cascading events, due to vegetation growth in the transmission
Right-of-Way.
Areas of Focus
Table 5: Maintenance and Management of BPS Assets
Standard
Requirements
Generator Owners
FAC-008-3
R6
Transmission Owners
Distribution Providers
PRC-005-2(i) R3, R4, R5
Generator Owners
Transmission Owners
FAC-003-3
R1, R2, R6, R7
Generator Owners
Transmission Owners
Without the right tools and data, operators can make decisions that may or may not be appropriate to ensure
reliability for the given state of the system. NERCs ERO Top Priority Reliability Risks 2014-2017 notes that stale
data and lack of analysis capabilities contributed to the blackout events in 2003 (August 14, 2003 Blackout) and
2011 (Arizona-Southern California Outages). Certain essential functional capabilities must be in place with upto-date information available for staff to use on a regular basis to make informed decisions. The areas of focus for
monitoring and situational awareness are outlined in Table 6.
An essential component of Monitoring and Situational Awareness is the availability of information when needed.
Unexpected outages of tools, or planned outages without appropriate coordination or oversight, can leave
operators without visibility to some or all of the systems they operate. While failure of a decisionsupport tool is
rarely the cause of an event, such failures manifest as latent risks that further hinder the decisionmaking
capabilities of the operator. One clear example of this is the August 14, 2003 Blackout
NERC has analyzed data and identified that outages of tools and monitoring systems are fairly common
occurrences. The RISCs ERO Priorities: RISC Updates and Recommendations report and NERCs ERO Top Priority
Reliability Risks 2014-2017 report recognize this concern.
Areas of Focus
Table 6: Monitoring and Situational Awareness
Standard
Requirements
IRO-005-3.1a R1, R2
Balancing Authority
TOP-006-2
R1, R2, R7
Protection systems are designed to remove equipment from service so it wont be damaged when a fault occurs.
Protection systems that trip unnecessarily can contribute significantly to the extent of an event. When protection
systems are not coordinated properly, the order of execution can result in either incorrect elements being
removed from service or more elements being removed than necessary. This can also occur with Special
Protection Systems, Remedial Action Schemes, and Underfrequency Load Shedding and Undervoltage Load
Shedding schemes. Such coordination errors occurred in the Arizona-Southern California Outages (see
12
recommendation 19)19 and the August 14, 2003 Blackout (see recommendation 21).20 The areas of focus for
protection system failures are outlined in Table 7.
Additionally, a protection system that does not trip or is slow to trip may lead to the damage of equipment (which
may result in degraded reliability for an extended period of time), while a protection system that trips when it
shouldnt can remove important elements of the power system from service at times when they are needed most.
Unnecessary trips can even start cascading failures as each successive trip can cause another protection system
to trip. The NERC 2015 State of Reliability report concludes that protection system misoperations can severely
increase risk to reliability. According to the report, 68 percent of the transmission-related events meeting a
category description in the ERO Event Analysis Process have protection system misoperations associated with
them that either initiated the event or caused it to be more severe.21
Both the RISCs ERO Priorities: RISC Updates and Recommendations report and NERCs ERO Top Priority Reliability
Risks 2014-2017 report recognize protection systems as a significant risk based on analysis contained in the state
of reliability reports from 2012, 2013, and 2015.
Areas of Focus
Table 7: Protection System Failures
Standard
Requirements
Generator Operator
PRC-001-1.1(ii) R3, R4, R5
Distribution Provider
PRC-004-2.1(i)a R1, R2
Generator Owner
Transmission Owner
Event Response/Recovery
When events occur, the safe and efficient restoration of transmission service to critical load in a timely manner is
of utmost importance. As the RISC identifies in its ERO Priorities: RISC Updates and Recommendations report, the
effect of poor event response and recovery is far reaching and not only causes safety, operational, or equipment
related risks during restoration activities, but also contributes to prolonged transmission outage durations,
thereby increasing the duration of BPS unreliability. The areas of focus for event response/recovery are outlined
in Table 8.
An additional risk to event response and recovery is the unavailability of generators. Extreme weather conditions,
severe cold, heat, and drought create significant stress on maintaining overall BPS reliability and present unique
challenges for electric system planners and operators. These conditions can significantly increase residential and
commercial electricity demand and consumption, at the same time imposing adverse RE generation impacts and
fuel availability issues. Extreme weather conditions can also vary the amount of wind and clouds (fuel for variable
energy resources) that impact the expected amount of available renewable generation in some areas.
When combined, the heightened electricity demand, increased potential for failure of power plant components,
limitations on fuel supply availability, and competing use of certain fuels can lead to increased risks of adverse
reliability impacts, including simultaneous forced outages, de-ratings, and failures to start of multiple generating
units. When these severe conditions are present over large geographic areas, the combined impacts on the fuel
19
See Arizona-Southern California Outages on September 8, 2011.

See Final Report on the August 14, 2003 Blackout.
21
See ERO Event Analysis Process V2.1
20
13
supply, power plant operations, generation unavailability, and heightened electricity demand can lead to severe
reliability impacts.
These extreme conditions occur beyond the extent of planned stress conditions, anticipated severe operation
conditions, or fuel supply availability expectations. Further, the conditions can lead to imprecise forecasts of
residential and commercial electricity demand, which is the baseline for planning the BPS and operators
determining the amount of electric generation needed during critical periods. When the combination of some, or
all, of these conditions occurs during these extreme incidents, the end result can be operations under severe
unanticipated scenarios or a shortage of generation, prompting operators to implement curtailments or shed load
in local areas to maintain reliability in the overall grid.
Both the RISC in its ERO Priorities: RISC Updates and Recommendations report and NERCs ERO Top Priority
Reliability Risks 2014-2017 report recognized this concern.
Areas of Focus
Table 8: Event Response/Recovery
Standard
Requirements
Balancing Authority
EOP-001-2.1b R1, R2, R3
TOP-007-0
R1, R2, R3, R4
Human Performance
Human performance remains a key focus for the ERO Enterprise. Poor human performance generally refers to
situations in which a human being makes a decision that contributes to operational errors. Stronger management
and organizational support greatly contribute to the reduction and prevention of operational errors. Included in
this subset are communication errors that can pose a significant potential risk to BPS reliability. Human
performance was identified as a key issue by the RISC in its ERO Priorities: RISC Updates and Recommendations
report. The areas of focus for human performance are outlined in Table 9.
Areas of Focus
Standard
COM-002-2
PER-005-1
Table 9: Human Performance

Requirements
R2
Balancing Authority
R2, R3
Balancing Authority

Planning and system analysis is encompasses several areas (such as increased use of demand-side management,
integration of variable generation, changes in load and system behavior, smart grid, increased dependence on
natural gas, fossil requirements and retrofit outage coordination, nuclear generation retirements and outages,
and resource planning). In addition, uncoordinated planning can lead to cases where generation or transmission
resources, or information concerning those resources, may be inadequate to ensure firm demand is served. This
is particularly the case since a changing resource mix, deployment of new technologies, etc., can increase the risk
14
to reliability if not properly considered in local planning cases. Planning and system analysis has been highlighted
as a concern in RISCs ERO Priorities: RISC Updates and Recommendations report and NERCs ERO Top Priority
Reliability Risks 2014-2017 report. NERCs annual Long-Term Reliability Assessment22 forms the basis of NERCs
assessment of emerging reliability issues. The areas of focus for planning and systems analysis are outlined in
Table 10.
Areas of Focus
Table 10: Planning and System Analysis
Standard
Requirements
EOP-002-3.1 R4
Balancing Authority
Planning Coordinator
TPL-001-4
R1, R2, R3, R4
Transmission Planner
FAC-014-2
R1, R5
Regional Risk Assessments

When considering risk elements, REs will perform a Regional Risk Assessment to identify risks specific to their
Region and footprint that could potentially impact the reliability of the BPS. After determining Region-specific
risks, REs will also identify the related NERC Reliability Standards and Requirements associated with those risks
used to focus monitoring activities. The standards and requirements identified for RE risk elements are not
intended to be a static list that must be examined during all compliance monitoring activities (e.g., scoping for a
Compliance Audit). Rather, the risk elements identified by the RE will serve as input when conducting an IRA for a
registered entity and ultimately in determining the scope of the entitys compliance oversight plan.
In the process of reviewing ERO risk elements to compile Regional Risk Assessments, REs are expected to:
Gather and review RE-specific risk reports and operational information (e.g., interconnection points and
critical paths, system geography, seasonal/ambient conditions, etc.);
Review and prioritize potential RE-specific risks; and
Identify associated Reliability Standards and Requirements for IRAs, ICEs, and ultimately the compliance
oversight plan.
The RE Implementation Plans will describe the process and results for how the RE considered and identified
Region-specific risks. The RE Implementation Plans should explain how REs identified risks their footprints,
including reasons why any ERO risk elements identified above are not included or applicable to the RE footprint.
Although each RE will consider risk elements, and may use similar risk considerations, the output of the Regional
Risk Assessments may differ as a result of RE characteristics and the uniqueness of each REs footprint. REs are
encouraged to align their RE risk elements with the ERO risk elements as much as possible as RE risk elements
should be viewed as incremental to the ERO risk elements.
Regional Compliance Monitoring Plan

Based on RE consideration and assessment of risk elements (ERO and/or Regional) and Regional Risk Assessments,
each RE will develop a compliance monitoring plan, which in 2016 will include, at a minimum, the list of planned
audits for Reliability Coordinators, Balancing Authorities, and Transmission Operators that are in the three-year
audit cycle, per the ROP. REs may also identify other registered entities that it will monitor through appropriate
CMEP tools based on risk elements, Regional Risk Assessments, and the application of IRAs and ICEs.
22
http://www.nerc.com/pa/RAPA/ra/Reliability%20Assessments%20DL/2014LTRA_ERRATA.pdf.
15
2016 ERO Enterprise CIP Version 5 and CIP-014 Monitoring Approach

For 2016, the ERO Enterprise will take a focused approach to monitoring initial compliance with CIP Version 5 and
CIP-014. The goals of the 2016 monitoring approach include understanding program effectiveness, supporting CIP
Version 5 transition and CIP-014 implementation, identifying successes and challenges, and tailoring monitoring
to appropriate risks. 23
CIP Version 5
For all registered entities, the ERO Enterprise will coordinate a self-certification related to CIP-002-5.1s
identification of assets with high, medium, and low impact BES Cyber Systems. The self-certification will be ERO
Enterprise-wide, but executed by each RE.24 On or about, February 1, 2016, REs will contact each registered entity
in its region with notice of the self-certification. The notice will include instructions for completing the selfcertification, which will be due on or about July 15, 2016. In order to streamline registered entities responses, a
straight forward and standardized spreadsheet will be provided with the self-certification notification to report
the number of BES assets (e.g., control center, substation, generation plant, etc.) identified in CIP-002-5.1s
Requirement R1 (as of July 1, 2016) with high, medium and low impact BES Cyber Systems. Each response will be
tied to the impact rating criteria as listed in CIP-002-5 Attachment 1. Note: a list of individual BES Cyber Systems
will not be requested.
Physical Security
For all Transmission Owners (TOs), the ERO Enterprise will coordinate a self-certification related to CIP-014-2,
Requirements R1 through R3. The self-certification will be ERO Enterprise-wide, but executed by each RE.25 On or
about March 15, 2016, REs will contact each TO in their regions with notice of the self-certification. The notice will
include instructions and the questions to be answered as part of the self-certification. The due date for responses
will be on or about May 2, 2016. The questions in the self-certification are intended to be straight forward, mostly
yes or no in nature, and related to the following:
Is CIP-014 applicable to the TO (i.e., the registered entity owns facilities that meet one or more of the criteria in
Applicability Section 4.1.1)? (If no, no additional answers are needed)
Did the registered entity perform a risk assessment and verification/notification activities as required by
Requirements R1, R2, and R3?
Does the registered entity have any stations, substations or primary control centers identified as critical by the
standard?
If the registered entity answered yes to question C, how many stations and substation did it identify as critical?
Did the registered entity notify any TOP under Requirement R3, as applicable?
If the registered entity answered yes to question 6, which TOP(s)?
NERC is sensitive to the critical and confidential nature of many details that pertain to CIP-014-2 compliance, and
the self-certification will not ask for specific information such as names or locations of specific assets.
23
In addition to the ERO Enterprise monitoring identified in this section, REs will conduct audits based on their 2016 audit schedules and
consider the ERO Enterprise and Regional risk elements and areas of focus when conducting risk-based activities throughout the year.
IRA results may identify Reliability Standards and requirements, beyond those identified within the ERO Enterprise and Regional CMEP
Implementation Plans, for inclusion in the registered entitys compliance oversight plan based on the risk the entity poses to the BES.
24 The LRE will provide notice for the CIP-002-5.1 self-certification and instructions for registered entities participating in the Coordinated
Oversight Program for MRREs.
25 The LRE will provide notice for the CIP-014-2 R1 through R3 self-certification and instructions for registered entities participating in the
Coordinated Oversight Program for MRREs.
16
NERC Oversight of RE Compliance Monitoring

NERC collects and reviews the RE Implementation Plans prior to posting the final version of the ERO CMEP
Implementation Plan. NERC oversight of the RE Implementation Plans will focus on how the REs conducted
Regional Risk Assessments and how the assessments results serve as an input into the overall compliance
monitoring plans for registered entities.
The RE should document all processes, conclusions, and results used to develop a registered entitys oversight
plan and will not need to obtain prior approval from NERC on oversight plans. However, REs should maintain
supporting documentation to supplement NERCs review.
The application of the Framework by the REs will reflect RE-specific circumstances including, as noted above,
varying stages of conducting IRAs and ICEs. NERC oversight and regular training will ensure that all processes
discussed herein are implemented in a consistent manner throughout the ERO Enterprise.
17
Appendix A1 - Florida Reliability Coordinating Council (FRCC)

2016 CMEP Implementation Plan
This Appendix contains the CMEP Implementation Plan (IP) for FRCC as required by NERC Rules of Procedure.
Compliance Monitoring and Enforcement

1.1 CMEP IP Highlights and Material Changes
The FRCC will continue its practice, which began in 2015 to include a Management Review prior to the
completion of each Compliance Audit and Spot Check with a possible noncompliance finding. In order to
facilitate the Management Review, the final audit exit briefings will be conducted remotely, following onsite activities. However, the audit team will present a summary briefing to the entity prior to concluding
the on-site portion of the audit.
In addition to above, FRCC will also continue to conduct Management Reviews of a sample of completed
audits and spot checks that did not have a non-compliance finding. These Management Reviews will be
focused on process implementation and will consider quality assurance and risk reduction in the approach
to the reviews.
FRCC will implement the use of a new software tool to assist with the review and verification of firewall
rulesets.
FRCC will continue to participate in Coordinated Oversight of registered entities that are registered in
multiple Regions (MRREs). Currently there are three (3) FRCC registered entities that are participating in
coordinated oversight with Regional Entities other than the FRCC are performing the Lead Regional Entity
(LRE) role.
FRCC will continue its CIP Version 5 Outreach as identified in the Compliance Outreach section below.
1.2 Other Regional Key Initiatives and Activities
FRCC enforcement staff will continue to use the risk based enforcement methods that began in late 2014
and early 2015. This includes the use of Compliance Exceptions as an option for disposition of minimal risk
non-compliances and the use of FFT as an option for minimal and moderate risk non-compliances.
FRCC will continue to evaluate registered entities for potential inclusion into the Entity Self-Logging
program which allows those registered entities that have demonstrated effective management practices
to keep track of minimal risk non-compliances (and associated mitigation) on a log that is periodically
reviewed by FRCC.
For those registered entities scheduled for an audit or spot check in 2016, FRCC will re-evaluate the
existing initial IRA and COP prepared in 2015. The re-evaluation will be based on the Risk Elements
identified the 2016 Implementation Plan.
Due to the lengthy implementation plan timelines for PRC-005, FRCC will include PRC-005-1.1b in any
monitoring engagements that include PRC-005-2(i), PRC-005-3(i) or PRC-005-4.
Internal Control Evaluations (ICE) may be performed for controls submitted by the entity for high risk
Requirements from IRA output
18
Appendix A1 - Florida Reliability Coordinating Council (FRCC) 2016 CMEP Implementation Plan
Regional Risk Assessment Process

The FRCC has reviewed the eight ERO identified Risk Elements and associated Areas of Focus and concurs with the
specified Standards/Requirements in all the Areas of Focus with the following additions documented below in the
Regional Risks and Associated Reliability Standards section.
The FRCC initiated a new annual process in 2015 to receive input from registered entity subject matter experts for
FRCC compliance staff consideration on areas that they believe may contribute additional risk to the FRCC Region.
Input was received in June 2015 which was also considered as part of our risk assessment process in developing
our 2016 FRCC CMEP Implementation Plan.
FRCC considered the following local risk factors and identified additional Standards/Requirements for monitoring
as detailed below in the Regional Risks and Associated Reliability Standards section.
Number and type of registered functions
As of September 28, 2015, FRCC has fifty-two (52) registered entities. The registered functions are further defined
below:
Balancing Authority
Distribution Provider
Generator Operator
Generator Owner
Load Serving Entity
Planning Authority
Resource Planner
Reserve Sharing Group
Transmission Owner
Transmission Planner
Transmission Service Provider
The FRCC (Member Services division) is registered as a Reliability Coordinator and Planning Coordinator. The SERC
Regional Entity is the Compliance Enforcement Authority for these FRCC registered functions.
The FRCC has not identified any region-specific risks associated specifically with the number and type of registered
functions within the FRCC, and therefore has not included additional Reliability Standards due to registered
functions.
Geographic location, seasonal/ambient conditions, terrain and acts of nature
The area of the State of Florida that is within the FRCC Region is peninsular Florida east of the Apalachicola River.
Areas west of the Apalachicola River are within the SERC Region. The entire FRCC Region is within the Eastern
Interconnection and is under the direction of the FRCC Reliability Coordinator.
The FRCC considers factors such as its susceptibility to tropical storms and hurricanes when considering additional
Reliability Standards for inclusion in its monitoring activities. Such storms increase the probability of the Region
experiencing transmission line vegetation contact, significant imbalances in generation and load, the need to
19
evacuate control centers, and the need to implement restoration plans. As a result, requirements of the Reliability
Standards for System Restoration from Blackstart Resources, Loss of Control Center Functionality, Transmission
Vegetation Management, and Automatic Underfrequency Load Shedding have been added.
BPS transmission lines (circuit miles, voltage levels, IROL flowgates)
The FRCC has not identified any region specific risks associated with the BPS transmission lines located in the FRCC
region, and therefore has not included additional Reliability Standards due to BPS transmission line concerns.
BPS generation facilities
The FRCC has not identified any region specific risks associated with the BPS generation facilities located in the
FRCC region, and therefore has not included additional Reliability Standards due to BPS generation facility
concerns.
Blackstart Resources
Requirements of the Reliability Standard for System Restoration from Blackstart Resources are already included
in the geographic location section above.
Interconnection points and critical paths
The FRCC region only connects to the Eastern Interconnection on the north side of the region due to its peninsular
geography. Therefore, the FRCC considers factors such as susceptibility to system separation when selecting
additional Reliability Standards for inclusion in its monitoring activities. As a result of the FRCCs limited
interconnection points, and as also mentioned for geographic location previously, requirements of the Reliability
Standard for Automatic Underfrequency Load Shedding have been added.
Special Protection Schemes
The FRCC considers factors such as any major Special Protection Schemes (SPS) installed in the FRCC region when
considering additional Reliability Standards for inclusion in its monitoring activities. As a result of a major SPS in
the FRCC region, and as also mentioned for geographic location and interconnection points previously,
requirements of the Reliability Standards for Automatic Underfrequency Load Shedding, Special Protection
System Misoperations, and Special Protection System Maintenance and Testing have been added.
System events and trends
The FRCC considers system events within the FRCC region when considering additional Reliability Standards for
inclusion in its monitoring activities. External events are reviewed and considered in NERCs Risk Elements. As no
major internal events have occurred recently, FRCC has not included additional Reliability Standards due to system
events and trends.
Compliance history trends
The FRCC considers historical compliance trends within the region when considering additional Reliability
Standards for inclusion in its monitoring activities. No significant compliance trends have been identified in the
FRCC Region to justify the addition of any Reliability Standards.
20
Regional Risks and Associated Reliability Standards

The table below contains the Regional risk focus areas identified during the Regional Risk Assessment process.
The table also contains associated Reliability Standards/Requirements with identified risks that will be considered
in the development of registered entity compliance oversight plans.
Expanded ERO Risk Elements
Risk Area
Justification
Extreme Physical
Events
The FRCCs peninsular geography along with its

susceptibility to hurricanes and limited connections to
the Eastern Interconnect increases the risk of an event
occurring resulting in system restoration from
Blackstart Resources.
Extreme Physical FRCCs susceptibility to hurricanes increases the risk of
Events
a control center becoming inoperable.
Maintenance and Lack of access to the transmission system, along with
Management of
environmental regulations make accessing the
BPS Assets
transmission corridors difficult for maintenance crews.
Extreme Physical FRCCs susceptibility to hurricanes and frequent
Events
storms, along with an extended growth season,
increases the risk of vegetation related outages.
Extreme Physical The FRCCs peninsular geography along with its
Events
susceptibility to hurricanes, limited connections to the
Eastern Interconnect and the existence of a significant
SPS that could result in islanding increase the risk of an
island event occurring.
Extreme Physical The FRCC region has SPS separation schemes that could
Events and
impact a major portion of the FRCC if they do not
Protection System operate as planned.
Failures
Associated Standard and

Requirement(s)
EOP-005-2 R10
EOP-008-1 R6
FAC-003-3 R5
FAC-003-3 R6 and R7
PRC-006-2 R8 and R9
PRC-008-0 R1 and R2
PRC-016-0.1 R1 and R2
PRC-017-0 R1

By the end of 2015, FRCC will have completed initial Inherent Risk Assessments (IRAs) for all registered entities in
the Region. In 2016, FRCC will update the IRA for each registered entity scheduled for an audit, a spot check, or a
self-certification. This includes registered entities required to self-certify under the ERO Enterprise monitoring
plan for CIP Version 5 and physical security. For all other registered entities an IRA may be updated at any time.
The following list includes potential triggers that may initiate a partial or complete IRA update.
Three years since the last update;
210 days prior to a scheduled Compliance Audit;
Applicable additions or reductions to the ERO or FRCC identified Risk Elements;
Functional Registration changes of the registered entity;
Events/disturbances/exceedances/misoperations associated with, or significant to, a registered entity;
Compliance history review (Self-Certifications, Violations, Mitigations, etc.) of a registered entity;
Significant changes to the registered entitys asset (Transmission, Generation, Distribution, SCADA/EMS,
CIP, etc.) portfolio(s);
21
Significant changes in the registered entitys organizational structure; or
Any other changes to a registered entitys risk profile identified by FRCC Compliance staff.
Periodic Data Submittals

FRCC has identified the Reliability Standards and requirements listed in the table below that require Periodic Data
Submittals. The Monthly data submittals are due by the 10th of the month for the previous months data and the
Quarterly data submittals are due by the 15th of the month following the previous quarter. All data submittals are
to be submitted via the Compliance Tracking and Submittal system (CTS).
For Quarterly submittals for FAC-003-3 R1 and R2, if an entity does not have any Sustained Outage(s) during a
respective quarter, they are not expected to submit a quarterly report. In turn, FRCC will advise NERC that there
were no Sustained Outages within the quarter. However, entities are expected to submit a FAC-003-3 Event form
for ALL Sustained Outages within the quarter in which the event occurs, as specified in the standard. Again, while
not specifically required by FAC-003-3, FRCC strongly encourages and appreciates entities reporting, within 48
hours, all Sustained Outages for Categories 1A and 1B, 2A and 2B and 4A and 4B using the FAC-003-3 Event form.
FRCC will be notified when an event is reported by the CTS system and will follow-up accordingly with the
submitting entity and NERC.
2016 Periodic Data Submittal Plan
Standard and
Requirement
BAL-001-1 R1, R2
BAL-002-1 R4, R5
FAC-003-3 R1, R2
Justification
CPS 1 and CPS 2 data submitted monthly by applicable registered entities
DCS 2 data submitted quarterly by applicable registered entities
Sustained Outage data submitted quarterly by applicable registered entities
Self-Certifications
For 2016 compliance monitoring, FRCC will use the Self-Certification process with a more focused risk based
approach. FRCC will use Self-Certification in a coordinated approach with the other compliance monitoring
methods to address the Standards and requirements that represent the greatest risk to the reliability to the Bulk
Power System (BPS) based on the results of the registered entities overall Inherent Risk Assessments (IRA) and
the addition of new Standards/Requirements that become enforceable during the 2016 year. FRCC will use SelfCertification for registered entities to Self-Certify compliance with those Standards and Requirements identified
through the IRA process. The registered entity should provide the method and other documentation used for selfassessment to determine the compliance status for those requirements. This approach will include more
information on the expectations of what the registered entity should consider and include in their response to the
FRCC. The results of these Self-Certifications will aid in the determination of whether any additional compliance
monitoring methods may be necessary for registered entities.
Spot Checks
The table below, identifies the registered entities scheduled for a Spot Check in 2016 for which the specific
requirements to be checked will be based on their IRA and their compliance oversight plan.
NCR #
NCR00464
NCR11363
NCR00035
NCR00069
2016 Compliance Spot Check Plan

Registered Entity
Florida Reserve Sharing Group (FRSG)
Gainesville Renewable Energy Center (GREC)
Hardy Power Partners Limited (HPS)
NAES Corporation Shady Hills (NCSH)
22
Registered BA, RC or TOP

No
No
No
No
Compliance Audits
The table below, identifies the registered entities scheduled for an On-Site Audit
individual registered entities IRA.
2016 Compliance Audit Plan
NCR #
Registered Entity
NCR00063
Duke Energy Florida, LLC (DEF) Coordinated Oversight
audit with SERC as the Lead Regional Entity (LRE)
NCR00024
Florida Power & Light Co. (FPL); will be coordinated with
SERC as the CEA for the FRCC RC
NCR00042
Kissimmee Utility Authority (KUA)
NCR00044
Lakeland Electric (LAK)
NCR00052
Utilities Commission of New Smyrna Beach (NSB)
in 2016 and is based on the
Registered BA, RC or TOP

Yes
Yes
Yes
Yes
Yes
Compliance Outreach
Compliance Outreach Activities
Outreach Activity
Spring Compliance Workshop
CIP Compliance Workshop
Fall Compliance Workshop
Reliability Standard Webinars
CIP Compliance Newsletter
CIP version 5 Outreach
Anticipated Date
April 1115, 2016
May 913, 2016
November 711, 2016
Periodic
Periodic
TBD
CIP Version 5 Outreach

FRCC will continue its CIP Outreach Program for the FRCC registered entities to educate and provide transparency
on outstanding CIP Version 5 issues. The main area of focus for the 2016 CIP Version 5 Outreach will be the Low
impacted entities. The outreach program may involve NERC staff support and FRCC personnel.
23
Appendix A2 - Midwest Reliability Organization (MRO) 2016

CMEP Implementation Plan
This Appendix contains the CMEP Implementation Plan (IP) for the MRO as required by the NERC Rules of
Procedure.

CMEP Scoping Process

Over the last year, MROs process to scope Compliance Monitoring activities has evolved to align with the ERO
Inherent Risk Assessment (IRA), Internal Control Evaluation (ICE), and CMEP Tools modules within the ERO RiskBased Compliance Oversight Framework. This evolution has resulted in revisions to MRO processes that focus on
each of these three areas.
In addition, MRO updated its internal IRA process to line up with the revised 2016 ERO CMEP Implementation Plan
and Risk Elements.
Mitigating Activities for Compliance Exceptions

As part of the Annual Implementation Plan, MRO staff will periodically sample Compliance Exceptions, including
those submitted through Self-Logging, to verify that the mitigating activities have been completed. The sample
will come from only those Compliance Exceptions that have been identified by a registered entity as already
mitigated or Compliance Exceptions that have a planned mitigation date that has passed. Also, the Compliance
Exceptions sampled are not restricted to the registered entities that have an Inherent Risk Assessment performed
on them for 2016.
The periodic sampling may occur at any time, and will be reviewed through informal means, Spot Checks, or during
a normally scheduled Compliance Audit. MRO staff are required to document the results regardless of whether a
formal or informal review process is used.
All mitigation activities relating to enforcement matters that are filed with regulators will be verified for
completion.

MRO's regional risk assessment process consists of a broad assessment of all known risks at the regional level
along with a careful analysis of all current and future enforceable standards. During this process, an initial scope
of standards and requirements is identified for monitoring within the MRO region. Generally, an entity's oversight
scope consists of a subset of the requirements identified during the regional risk assessment process so it is
important that all requirements that address significant risks to the BPS are identified during this process. In order
to facilitate the analysis of standards and ensure that significant risks are addressed, MRO has organized these
requirements into Performance Areas. Looking at groups of related performance criteria from across the various
standards helps to simplify the identification of those requirements that should be monitored in order to
effectively address the risks that are known to exist.
Those requirements that have a material impact on performance areas form the input to the IRA process for each
entity. Each of these requirements is mapped to one or more risk factors, which are used to measure an entitys
24
Appendix A2 - Midwest Reliability Organization (MRO) 2016 CMEP Implementation Plan
inherent risks and determine which requirements are to be monitored for that entity. The final result of the IRA
process is an entity-specific risk level for each requirement based on the entitys unique characteristics. This
output, along with results of an Internal Control Evaluation (ICE) and compliance history, is the input into the
development of an entity's compliance oversight plan and scope.
A list of the 2016 MRO Performance Areas, described above, is available on MROs website.26 The posted
document includes the name of each Performance Area along with a description of the associated risks and a list
of mapped requirements that address those risks.

This section includes regional risk-based CMEP activities. The following is an overview of MRO s currently known
IRA, audit, spot check, periodic data submittals, and self-certifications.
Inherent Risk Assessments

In 2015 MRO began taking the steps necessary in order to perform an IRA for each registered entity within the
region by the end of 2016.
The outcome from these IRAs will be used to drive Internal Control Evaluation (ICE) work and Compliance
Oversight Plan (COP) development. The outcome from the COPs will be used, among other things, to determine
which other entities not currently on the 2016 Compliance Audit schedule should also receive a 2016 Compliance
Audit, based on risk. These audits will target specific standards/requirements identified through the risk
assessment process.
Once an IRA is created for a registered entity it will be updated no less than once every three years in order to
assure that the information contained within the related output remains accurate. In addition, an IRA could be
updated more frequently if unique situations occur related to a registered entity. Some examples of unique
situations include, but are not limited to:
Changes in registered functions
Substantial changes in standards (e.g. CIP v3 to CIP v5)
Entity changes their Planning Coordinator or Reliability Coordinator
Major changes to topology (e.g. new EHV line)
Baseload unit added or retired
Blackstart unit added or retired
Company divesture, merger, or acquisition
Compliance Audits
The following list of registered entities have been identified as being on the 2016 Compliance Audit schedule. As
described in the Inherent Risk Assessment section, additional registered entities, at the discretion of MRO, will
also be subject to IRAs. Based on IRA results and any subsequent ICE, these additional registered entities may also
be subject to a Compliance Audit in 2016.
26
https://www.midwestreliability.org/MRODocuments/2016 MRO Performance Areas.pdf
25
NCR #
NCR01023
NCR00860
NCR01036
NCR00967
NCR01013
NCR01015
NCR01027
NCR01143
NCR01018
NCR00685
NCR00961
NCR00962
2016 Compliance Audit Schedule

Registered Entity
Otter Tail Power Company
Omaha Public Power District
Western Area Power Administration - Upper Great Plains East
Muscatine Power & Water
NCR00967Power Cooperative, Inc.
Minnkota
NCR01013
Montana-Dakota
Utilities Company
Rochester Public Utilities
Southwest Power Pool
Nebraska Public Power District
American Transmission Co. LLC
Alliant Energy East
Alliant Energy West
Spot Checks
There are no planned Spot Checks for 2016. However, as IRAs continue to be performed, and if unique situations
and/or unforeseen risks arise, Spot Checks may be used by MRO in 2016.

The following requirements are scheduled to be subject to periodic data submittal monitoring in 2016.
Reliability Standards Subject to Periodic Data Submittals
BAL-001-1
FAC-003-3
MOD-016-1.1
PRC-004-2.1(i)a
BAL-002-1
MOD-010-0
MOD-032-1
PRC-021-1
EOP-004-2
MOD-012-0
PRC-002-1
Self-Certifications
For 2016, MRO will continue with the use of guided Self-Certifications, which focus more on risk and supporting
evidence than the previous annual Self-Certifications. As part of the guided Self-Certification process, registered
entities will provide MRO with supporting evidence to substantiate determinations.
These guided Self-Certifications are intended to provide MRO with reasonable assurance of compliance based
upon the results of the registered entitys assessment. When appropriate, the guided Self- Certification can be
used instead of Compliance Audits or Spot Checks as the monitoring tool for specific Reliability Standards and
Requirements. The guided Self-Certification process helps improve the effectiveness of oversight and increase
efficiency by relying on the work of registered entities in meeting compliance requirements.
Part of the process of relying upon the work of others includes MRO performing a review of the work and evidence
supporting the guided Self-Certification results. MRO may re-perform the work, in part, in order to verify the
accuracy of the Self-Certification determinations. In the event that further substantiation is needed, MRO staff
may conduct a random Spot Check of the work or include the applicable Standards and Requirements in a
subsequent Compliance Audit. The overall goal of the guided Self-Certification process is to provide reasonable
assurance that the entity meets compliance with the applicable Standards and Requirements.
Guided Self-Certifications will be performed over the implementation period (January 1 to December 31) on a
quarterly basis for an identified baseline set of Reliability Standards that have been identified through the Regional
Risk Assessment process. The intent of the quarterly frequency is to disperse the workload assuring sufficient time
for completion and review, and to promote continuous self-monitoring of compliance.
26
2016 Guided Self-Certification Schedule

Standard
CIP-014-2
EOP-008-1
CIP-002-5.1
PRC-006-2
PRC-019-2
Requirement
R1
R2
R3
R1
R7
R1
R9
R10
R1
Functions Subject to
Self-Certification
TO, TOP
TO, TOP
TO, TOP
BA, RC, TOP
BA, RC, TOP
BA, GO, GOP, RC, TO, TOP
DP, TO
TO
GO, TO
Quarter
1
1
1
1
1
2
2
2
4
Unless unique concerns are identified that MRO determines warrant a deeper look as part of a Compliance Audit,
registered entities that receive a 2016 quarterly Self-Certification should not expect to get audited on the same
requirement(s) in 2016.
In addition to the quarterly guided Self-Certification schedule, guided Self-Certifications may also be used for
compliance monitoring as a result of IRAs, and for events that could or did negatively impact the reliable operation
of the region or systems within the region.
Compliance Outreach
Outreach Activity
MRO Newsletter
MRO Hot Topics
MRO Webinars
MRO Operations Conference
MRO Security Conference
MRO Compliance and Enforcement Conference
Registered entity-specific conferences and meetings
27
Anticipated Date
Six times a year
Periodically as needed
Summer 2016
Fall 2016
Fall 2016
Appendix A3 - Northeast Power Coordinating Council (NPCC) 2016 CMEP Implementation Plan
Appendix A3 - Northeast Power Coordinating Council (NPCC)

This Appendix contains the CMEP Implementation Plan (IP) for the NPCC as required by the NERC Rules of Procedure.

In January 2015, NPCC formed an Entity Risk Assessment group within the Compliance Audit and Investigations
Program Area to support the NERC risk-based CMEP effort. This group performs Inherent Risk Assessments (IRA) and
Internal Control Evaluations (ICE) that are used in determining the scope of the monitoring engagement. Procedural
documents for IRA and ICE were developed and approved by NPCCs Compliance Committee. The scope of 2016 audits
will be based on NPCCs Internal Rick Assessments (IRA) and Internal Control Evaluations (voluntary ICE) of each
registered entity performed by the NPCC Entity Risk Assessment (ERA) staff.
NPCC will continue to implement the risk-based approach to compliance monitoring and enforcement as described
in the 2016 ERO CMEP Implementation Plan, including conducting IRAs and ICEs, exercising enforcement discretion
through Compliance Exceptions, and implementing the self-logging program.
NPCC specific information regarding the IRA and ICE process is located here:
Instructions for registered entities interested in self-logging in NPCC are located here:
NPCC will continue to do the following:
Implement its coordinated oversight responsibilities (MRRE) as described in the 2016 ERO CMEP
Implementation Plan.
Participate in the Events Analysis Process as described in the 2016 ERO CMEP Implementation Plan.
Implement a cyber-security outreach program that consists of NPCC Subject Matter Experts visiting critical
facilities owned by participating entities (participation is voluntary) and assessing the cyber security posture
of the control systems that support the operation of these facilities.
Implement the physical security outreach program in 2016 (participation is voluntary) and NPCC staff will hold
a Security Information Exchange session, which will include entity presentations, at the spring and fall
Compliance Workshops.
In the 3rd quarter of 2015, NPCC began conducting guided Self-Certifications in lieu of traditional Self-Certifications.
This process will continue in 2016. NPCC will select one or more Reliability Standards for a guided Self-Certification
each quarter. NPCC will use the Standards and Requirements identified in the 2016 ERO CMEP Implementation Plan,
including the Standards and Requirements identified in this Appendix A3 as the initial basis for selecting the Reliability
Standards and Requirements that will be subject to a guided Self-Certification. A further description of the guided
Self-Certification Process in NPCC is located here:
In 2016, NPCC will issue a Notice of Preliminary Screen for each potential noncompliance discovered through any
means. The Notice of Preliminary Screen notifies the registered entity that the potential noncompliance is being
processed by enforcement and serves as official notice to preserve all documentation pertaining to the potential
noncompliance.
28
NPCC will continue to verify the completion of all mitigation activities for potential noncompliance and possible
violations processed by NPCC enforcement, including potential noncompliance processed as Compliance Exceptions.
A separate implementation plan will apply to entities registered in New Brunswick with the New Brunswick Energy
and Utilities Board.
A separate implementation plan will apply to entities registered in Qubec with the Rgie de lnergie.
NPCC will continue to support all ERO Enterprise committees, subcommittees, working groups, task forces, and other
teams to improve compliance monitoring and enforcement within the ERO Enterprise.
NPCC has developed various regional specific tools to assist in audits, spot checks, guided self-certifications, IRAs, and
ICEs.
Evidence tracking sheet (audits, spot checks)
Guided Self-Certification worksheet
IRA entity worksheet
ICE worksheet
ICE summary report

NPCC coordinated with the other Regional Entities to obtain information regarding risk elements and areas of focus
that other Regional Entities have included and/or plan to include in each of their regionally specific appendices to the
ERO-wide Implementation Plan.
NPCC also developed a team of seven subject matter experts that reviewed each requirement and provided an
opinion, with justification, on whether each requirement should be an area of focus in NPCC.
The previous steps served as an initial screen as to how likely it would be that each requirement should be an area of
focus in NPCC. NPCC then examined the Violation Severity Levels of each requirement and eleven other factors to
determine whether each requirement should be an area of focus in NPCC. The justification provided by the subject
matter experts also shaped the requirements that should be an area of focus in NPCC. The 11 other factors were:
Conditions/equipment/capability to perform the functions can change as technology changes.
NERC/NPCC reliability area of focus in 2014/2015.
Basic capability required to manage reliability during emergency conditions.
Process is critical to maintaining the power system equipment capability/reliability.
Nuclear Plant Interface Requirements in area.
Auditing to NPCC requirements.
Important to reliability and also used to determine if audit needs to be expanded.
Entity has had issues with this requirement in past audits.
New responsibility for entity.
Prior violation or selfreport. Monitor for mitigating actions.

29
Canadian Provincial Regulator required.
In applying these factors, NPCC found that based on the application of the revised definition of the BES in the NPCC
Region, it is very likely that a significant number of Elements and Facilities within the NPCC Region will be subject to
the NERC Reliability Standards for the first time. To address these new responsibilities for entities across several
different standard families, NPCC created a new regional risk element, Revised BES Definition, to address this
regionally specific difference. The standards and requirements related to this regional risk element are identified in
the Regional Risk Elements table in Section 3 of this Appendix A3.
The remainder of the requirements added as an area of focus in NPCC fit within one of the existing ERO-wide risk
elements. The specific justification for each additional Standard and requirement is described in the Expanded ERO
Risk Elements table in Section 3 of this Appendix A3.
In a similar manner, NPCC also analyzed whether any requirements included in the ERO-wide Implementation Plan
should be removed from the NPCC specific implementation plan. There were also factors that were analyzed that
could justify such removal, but NPCC determined that none of the requirements could be removed.
Regional Risk Elements and Areas of Focus

The table below contains the Regional risk focus areas identified during the Regional Risk Assessment process. The
table also contains areas of focus to identified risks that may be considered in the Regional compliance oversight plan.
The FERC Approved BES (Phase 2) Definition became effective on July 1, 2014 with compliance obligations beginning
on July 1, 2016 for newly identified Elements. NPCCs U.S. element pool that must meet NERC Standards will increase.
Newly identified BES elements in NY require a TOP to be assigned, therefore 7 NY TOs will be certified and registered
as TOPs. TP registration will also be needed.
NPCC Canadian entities subject to the new BES definition are determined by Provincial Authority with RC input. The
IESO, NB, and NS are using Revised BES 100 kV bright-line as a basis with a Provincial specific exception request
process. Quebec is not using revised BES bright-line but is using a tiered approach that is based on performance and
reliability criteria.
In practice, each province has its own BES list. NPCCs regional risk element is needed because under the new
definition of the BES, these standards requirements will be a new responsibility for certain NPCC registered entities.
30
Regional Risk Elements

Regional Risk
Element
Revised BES
Definition
Justification
The FERC approved revised definition of BES becomes
effective on July 1, 2016. The revised definition includes
bright-line core criteria, including a general 100kV threshold,
with various enumerated inclusions and exclusions. As a
result of the application of these BES definition provisions, all
Elements and Facilities necessary for the reliable operation
and planning of the interconnected bulk power system will be
included as BES elements.

Requirement(s)
EOP-001-2.1b R4, R5
EOP-002-3.1 R6, R7, R8
EOP-005-2R1, R5, R6, R9,R10, R11,
R12, R13
EOP-006-2 R1, R2, R3, R4, R5, R6, R7,
R8, R9, R10
EOP-008-1 R1, R2, R3, R4, R5, R6, R7,
As a result of the new application of the revised definition in R8

the NPCC Region, NPCC expects that a significant number of
Elements and Facilities within the NPCC Region will be subject FAC-003-3 R1, R2, R3, R4, R5, R6
to the NERC Reliability Standards for the first time. Therefore,
NPCC created a new regional risk element, Revised BES FAC-008-3 R2, R3
Definition, to address this regionally specific difference.
FAC-011-2 R1, R2, R3
FAC-014-2 R1, R2, R3, R4, R5, R6

IRO-004-2 R1
PER-001-0.2 R1
PER-005-1(inactive 6/30/16)
R1, R3
PER-005-2 (effective 7/1/16)
R1, R2, R6
PRC-004-2.1a (inactive 6/30/16)
R3
PRC-004-4i (effective 7/1/16)
R5, R6
TOP-002-2.1b R1, R2, R4, R11, R17,
R19
TOP-004-2 R1, R2, R3, R4, R5,R6
TOP-006-2 R3, R4, R5, R6
31
Expanded ERO
Risk Element
Event Response/
Recovery
Extreme Physical
Events

Justification

Requirement(s)
EOP-003-2
NPCC is expanding this risk element due to identified regional
R1, R3, R5, R8
deficiencies in manual load shed plans and operator response.
Also, for increased reliability, NPCC professes shedding load to
prevent equipment damage that would disconnect more load
for a longer time period. Any part of a power system
(transformers, power lines) will begin to deteriorate if there is
an excess of load over available capability. These elements can
overload and become permanently damaged as they attempt
to supply the excess load. This combination of events can also
cause various parts of the systems to separate due to power
swings and resulting instability. The result can be large blocks
of load lost for extended periods of time (due to transformer
replacement, etc.). Load shedding is a last resort to prevent the
collapse of the system.
EOP-010-1
The ability to mitigate the effects of geomagnetic disturbance
R2
(GMD) events is a focus area within the NPCC Region because
Northern US and Canadian terrain has more potential for a
GMD event. Earth surface potential is highest in igneous rock
areas and where transmission lines terminate near water.
Upstate NY and NE have large areas of igneous rock. Also, due
to the Earth Surface Potential being greater at higher latitudes,
areas with close proximity to the Earth's magnetic north pole
typically experience greater effects of GMDs.
Past history also deems this to be an expanded risk element. A
significant GMD occurred on March 13, 1989 and resulted in a
blackout of the power system in Qubec due to the tripping of
shunt reactive devices.
Monitoring and
Situational
Awareness
Human
Performance
NPCC is expanding this risk element due to regional deficiencies

in identifying and operating to the most limiting parameter,
and in the RCs issuing alerts to all impacted Transmission
Operators and Balancing Authorities in its area without delay
when foreseeing a transmission problem. Also, each Reliability
Coordinator who foresees a transmission problem (such as an
SOL or IROL violation, loss of reactive reserves, etc.) within its
Reliability Coordinator Area is required to issue an alert to all
impacted Transmission Operators and Balancing Authorities in
its area without delay.
Having adequate communication and appropriate staffing of
such communication capabilities to address a real-time
emergency condition is essential. NPCC is expanding this risk
element due to identified regional deficiencies in entities
ensuring that communications shall be staffed and available
for addressing a real-time emergency.
IRO-005-3.1a
R10, R12
COM-002-4 (effective 7/1/16)

R1, R3, R5, R6
32

This section includes regional risk-based CMEP activities. Following is an overview of the years currently known IRA,
audit, spot check, periodic data submittals, and self-certifications.
IRA
NPCC began completing IRAs for registered entities in 2015. The priority was to perform IRAs for entities scheduled
for audits and then move to remaining entities. NPCC intends to complete IRAs for every registered entity by the end
of 2016.
Results of an entitys IRA are used to scope the CMEP engagement for entities on the onsite audit schedule for RCs,
BAs and TOPs. IRAs will also be completed for those registered entities that were previously under the Six-year cycle.
The results of an IRA may shift the monitoring engagement of a registered entity from an audit to a guided selfcertification or spot check, or some combination.
IRAs outside of the normal protocol can be triggered by a system event in the NPCC area, a NERC alert, results of a
spot check or results of a guided self-certification.
Audits
NPCC will continue to audit BAs, RCs and TOPs every three years but uses the IRA (and ICE) to scope the audit
requirements. As explained above, an IRA (and ICE) will determine whether other registered entities are subject to an
audit or to alternative compliance monitoring activities.
The audit schedule is also located on the NPCCs website.
Spot Check
NPCC will conduct a spot check program that will be guided by the results of the IRAs and ICEs.
Self-Certifications
NPCC will use guided Self-Certifications in 2016. Each quarter, NPCC will select one or more Reliability Standards for
a guided Self-Certification. The guided Self-Certifications will target selected risk elements across several registered
functions. NPCC does not plan to require traditional self-certifications in 2016.
NCR #
NCR07112
NCR07203
NCR07176
NCR07178
NCR07181
NCR07176
NCR07186
NCR07160
NCR07178
NCR07046
NCR07028
NCR07186
NCR07181
NCR07112
NCR07203

Registered Entity
Hydro-Qubec TransEnergie
Public Service Company of New Hampshire
Eversource Energy Service Company
Nova Scotia Power Inc.
Consolidated Edison Company of New York, Inc.
Central Hudson Gas & Electric Company
Orange & Rockland Utilities
New York Independent System Operator
Nova Scotia Power Inc.
Consolidated Edison Company of New York, Inc.
Central Hudson Gas & Electric Corporation
Orange & Rockland Utilities, Inc.
Orange & Rockland Utilities
Hydro-Quebec TransEnergie
Public Service Company of New Hampshire
Compliance Activity
Onsite O&P
Onsite O&P
Onsite O&P
Onsite O&P
Onsite O&P
Onsite O&P
Onsite O&P
Onsite CIP
Onsite CIP
Onsite CIP
Onsite CIP
Onsite CIP
Onsite CIP
Onsite CIP
Onsite CIP
33
NCR #
NCR07176
NCR07028
NCR11387
NCR11559
NCR11500
NCR11488
NCR11436
NCR11535
NCR11160
NCR11536
NCR11405
NCR00983
NCR11504
NCR11514
NCR11340
NCR11341
NCR11408
NCR07227
NCR11487
NCR11534
NCR07134
NCR00130
NCR10351
NCR10353
NCR10354
NCR10355
NCR10382
NCR11341
NCR10357
NCR10358
NCR11111
NCR10359
NCR10360
NCR10361
NCR10362
NCR10363
NCR00364
NCR07143
NCR07150
NCR07128

Registered Entity
Eversource Energy Service Company
Central Hudson Gas & Electric Company
Allegany Generating Station LLC
Berlin Station, LLC
Binghamton BOP LLC
CAMS - New York, LLC
Kendall Green Energy Holdings, LLC
NAES Corporation - Beaver Falls
NAES Corporation - Berkshire
NAES Corporation - Syracuse
Plainfield Renewable Energy, LLC
PSEG Fossil LLC
Purenergy Operating Services LLC Selkirk
ReEnergy Livermore Falls
ReEnergy Lyonsdale
Roseton Generating LLC
Stony Creek Energy LLC
Vermont Public Power Supply Authority
Danskammer Energy, LLC
SBF New York, L.L.C.
Maine Electric Power Company
Neptune Regional Transmission System LLC
Berkshire Power Company, LLC
Caithness Long Island, LLC
Carr Street Generating Station, LP
Carthage Energy, LLC
Castleton Power, LLC
CCI Roseton LLC
CMEEC - Alfred L. Pierce Power Station
Erie Boulevard Hydropower, LP
GenConn Middletown, LLC
Great Lakes Hydro America - ME
Indeck - Corinth, LP
Indeck - Olean, LP
Indeck - Oswego, LP
Indeck - Yerkes, LP
Indeck Energy Services of Silver Springs, LP
Milford Power, LLC
Montville Power, LLC
National Grid Generation, LLC
Compliance Activity
Onsite CIP
Onsite CIP
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Spot Check
Off-Site O&P
Spot Check
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
Off-Site O&P
34
NCR #
NCR10352

Registered Entity
ReEnergy Stratton
Compliance Activity
Off-Site O&P
1. Compliance Outreach
Outreach Activity
Spring and Fall Workshops NPCC holds semi-annual workshops as a primary
mechanism for outreach to registered entities.
Introduction to NPCC for beginners NPCC provides an introductory class for those
new to CMEP activities prior to its spring and fall workshops
Physical Security outreach program This will focus on Transmission Owners and
Transmission Operators transition to the new CIP-014 Physical Security standard.
Emphasis will be placed on the unique challenges and characteristics of facilities
affected by the new Standard.
Physical Security Information Exchange Sessions - The sessions, which will coincide
with the fall and spring workshops, will address NPCC Awareness Programs, Security
Strategies, and subjects such CIP-014 implementation and evolving physical threats
to the electric industry.
Cyber Security outreach program This will provide guidance to NPCC registered
entities during their transition to CIP Version 5. NPCC will also publish general
guidance in order to help registered entities successfully complete the transition.
One on one meetings with registered entities NPCC will meet with registered
entities for specific CMEP related issues if requested and warranted.
CDAA CDAA will issue announcements informing registered entities regarding
updates to NPCCs Compliance Portal.
Compliance Wiki - NPCCs compliance wiki provides outreach specific to CDAA and
other related issues and questions.
Webinars NPCC will hold various webinars on an as needed basis
FAQs NPCC will post FAQs on an as needed basis
Compliance Guidance Statements Although rarely used, NPCC may issue
Compliance Guidance Statements to offer clarification on the compliance approach
associated with the NERC Rules of Procedure, NERC Reliability Standards, or NPCC
Regional Reliability Standards.
Registered entity surveys NPCC will issue surveys to registered entities on an as
needed basis. Such surveys have included acquiring registration data, BES element
data, workshop content preferences, etc.
Website the NPCC website provides information in the areas of Standards,
Registration, Compliance Monitoring, and Compliance Enforcement.
35
Anticipated Date
May 2016,
November 2016
May 2016,
November 2016
May 2016,
November 2016
Appendix A4 - ReliabilityFirst Corporation (ReliabilityFirst)

This Appendix contains the CMEP Implementation Plan (IP) for ReliabilityFirst as required by the NERC Rules of
Procedure.
1. Compliance Monitoring and Enforcement

1.1 CMEP Implementation Plan Highlights and Material Changes
ReliabilityFirst will follow and perform the ERO Risk-based Compliance Oversight Framework described in the ERO
CMEP Implementation Plan. The 2016 ERO CMEP Implementation Plan identifies a number of risk elements and
areas of focus, which provide a starting point for ReliabilityFirsts risk analysis and Compliance Oversight Plan.
However, the 2016 ERO CMEP Implementation Plan recognizes that it does not include the complete set of the
risks that may affect the BPS, and that Regional Entities are expected to consider local risks and specific
circumstances associated with individual registered entities within their footprint when developing their
compliance oversight plans.
As such, as set forth in more detail in Section 3, ReliabilityFirst performed its Regional Risk Assessment (RRA),
which identified risks within the ReliabilityFirst region. ReliabilityFirst may monitor the Reliability Standards
(Standards) and Requirements associated with these risks, which are referred to as the 2016 ReliabilityFirst Risk
Elements, in 2016. ReliabilityFirst also has the discretion to add, subtract, or modify Standards and Requirements
in its compliance oversight plans for individual registered entities as it deems necessary based on the individual
registered entity Inherent Risk Assessments (IRA). The ReliabilityFirst RRA is discussed in further detail in Section
2 of this document.
ReliabilityFirst monitors FERC and NERC activities, system events, and events in the ReliabilityFirst region. Based
on these monitoring activities, ReliabilityFirst may modify its CMEP Implementation Plan throughout the year to
address and mitigate situational awareness and reliability issues as they arise.
2. Other Regional Key Initiatives and Activities
Guided Self-Certifications
ReliabilityFirst will perform guided self-certifications in 2016. The guided self-certifications for a registered entity
will be based upon the specific compliance oversight plan resulting from the registered entitys IRA and
identification of any potential ERO-wide or regional risks. Guided self-certifications focus on specific risks and/or
issues, and will require the registered entity to submit substantiating evidence to support its determination.
Risk-based Enforcement
ReliabilityFirst will continue to use a risk-based enforcement approach consistent with the ERO Enterprise.
Specifically, ReliabilityFirst will exercise enforcement discretion by processing qualified minimal risk issues as
Compliance Exceptions. Compliance Exceptions will effectively supersede the Find, Fix, Track and Report (FFT)
disposition method for most minimal risk noncompliances. However, ReliabilityFirst will continue to use the FFT
disposition method for moderate risk issues or minimal risk issues that ReliabilityFirst determines are otherwise
inappropriate for compliance exception treatment.
The main difference between compliance exceptions and FFTs is that compliance exceptions do not aggravate a
penalty for a future noncompliance by creating a formal violation history. There are two ways in which a minimal
risk noncompliance may qualify for compliance exception treatment: (1) on a case-by-case basis and (2) via selflogging privileges that ReliabilityFirst grants to a registered entity based on the registered entitys demonstrated
ability to identify, assess, and correct noncompliances in addition to other factors. Case-by-case compliance
36
Appendix A4 - ReliabilityFirst Corporation (ReliabilityFirst) 2016 CMEP Implementation Plan
exceptions are based on the facts and circumstances of a particular noncompliance. Self-logging privileges allow
the presumption of compliance exception treatment for self-identified minimal risk issues for which the registered
entity has earned the presumption.
Self-Logging
Self-logging allows qualified registered entities to keep a log of minimal risk noncompliances that ReliabilityFirst
periodically checks in lieu of submitting individual self-reports and corresponding mitigation plans for each
noncompliance. For each logged noncompliance, the registered entity records a detailed description of the facts
and circumstances, the basis of the minimal risk assessment, and the associated mitigating activities. The
registered entity submits the log to ReliabilityFirst for review and approval every three months. ReliabilityFirst
checks the log to ensure that the noncompliance is sufficiently described, the minimal risk determination is
justified and reasonable, and the mitigation is appropriate and adequate. After ReliabilityFirst approves the log
entries, they are processed as compliance exceptions.
Logging privileges are awarded based on ReliabilityFirsts historic interactions with the registered entity, combined
with ReliabilityFirsts evaluation of the registered entitys current ability to identify, assess, and correct
noncompliances (an evaluation that is scaled based on the risk posed by the particular registered entity). With
respect to historic interactions, ReliabilityFirst will consider: (1) the registered entitys compliance history and level
of cooperation in prior compliance matters, (2) the registered entitys history of self-assessment, self-reporting,
and timely and thorough mitigation, and (3) the quality, comprehensiveness, and execution of the registered
entitys internal compliance program. For most registered entities, this is information that is already available to
ReliabilityFirst.
A registered entitys current practices to identify, assess, and correct noncompliances is important to the analysis
because self-logging relies on the registered entitys ability to properly arrive at its minimal risk determinations.
In a traditional self-reported enforcement action, ReliabilityFirst does its own risk analysis and makes its decision
about how to treat the violation based on that analysis. For ReliabilityFirst to allow the presumption of compliance
exception treatment for minimal risk issues for which a registered entity is awarded self-logging privileges,
ReliabilityFirst must have adequate assurance that the registered entity has processes in place to identify, assess
and correct noncompliances. In some circumstances, this information may already be available to ReliabilityFirst
through prior dealings with a registered entity. If it is not already available, ReliabilityFirst may request that
information through interviews and documentation. One way to provide that information, and also potentially
reduce audit scope, is to have ReliabilityFirsts Entity Development team conduct an internal controls evaluation
focused on risk management. However, an internal controls evaluation is not required for ReliabilityFirst to award
self-logging privileges.
ReliabilityFirst also requires self-logging entities to undergo training in Risk Harm Assessment and Estimating
Uncertainties. This is a training that is offered periodically on-site at ReliabilityFirst, or ReliabilityFirst staff
members can conduct training at the registered entitys facilities. This training provides an overview of how
ReliabilityFirst makes its risk assessments. A registered entity is not required to adopt this method, but
ReliabilityFirst has found that this training is a key component to ensuring justified and reasonable risk
assessments on the registered entitys log. It is also helpful for resolving noncompliances that do not qualify for
self-logging, because it creates a common understanding between the registered entity and ReliabilityFirst
regarding risk analysis.
3. Regional Risk Assessment Process
The Regional Risk Assessment

The RRA identifies risks within the ReliabilityFirst Region that could potentially impact the reliability of the BPS. To
accomplish the RRA, ReliabilityFirst uses a cross-functional team of internal Subject Matter Experts (the RRA Team)
to review and analyze information and data to determine the highest-priority risks to the ReliabilityFirst Region.
37
The types of region-specific information and data the RRA Team reviews includes, but is not limited to: US
Population and Census Data, Severe Weather Related Outages (e.g., OE-417 reports, Outages), Generation
Availability Data System (GADs), Transmissions Availability Data System (TADS), Misoperations, Event Analysis,
Load Analysis, Locational Marginal Pricing, System Operating Limits (SOL), Interconnection Reliability Operating
Limits (IROL), TIER Power Line Ranking, Interconnection Points, Cyber Security data, Physical Security data, and
data on Threats and Vulnerabilities. After a period of information gathering, analysis and decision making, the RRA
team develops the results of the RRA in the form of ReliabilityFirst Risk Elements.
The 2015 ReliabilityFirst RRA identified the following 2016 ReliabilityFirst Risk Elements (in no particular order or
ranking), which align with the 2016 ERO Risk Elements and therefore constitute Expanded ERO Risk Elements.
Event Response / Recovery
Human Performance
Section 3 of this document contains additional detail on the ReliabilityFirst risk elements and their associated
Standards and Requirements, which ReliabilityFirst may include in the 2016 registered entity -specific compliance
oversight plans.
The RRA is performed annually, but may be updated more frequently as necessary. As new and emerging threats
and risks are identified, system events take place, and compliance monitoring activities are performed,
ReliabilityFirst will update the RRA to keep current with potential issues, threats, and risks.
ReliabilityFirst reviews the potential risks to the reliability of the BPS posed by an individual registered entity by
using the IRA Inherent Risk Assessment guide and the associated internal IRA procedure, which were developed
as part of the Risk Based Compliance Oversight Framework implementation resulting from the Reliability
Assurance Initiative. This assessment helps identify the areas of focus and the level of compliance oversight
required for each registered entity.
The output from an IRA yields a compliance oversight plan (containing the scope of Standards and Requirements,
monitoring frequency, and CMEP tools audit, spot check, or self-certification), which is shared with the
registered entity via the IRA Summary Report included within the ReliabilityFirst Compliance Engagement
notification package. Going forward, ReliabilityFirst will perform an IRA for each registered entity on the annual
CIP and Operations and Planning compliance monitoring schedules. However, an IRA may also be completed in
response to new emerging risks or if a registered entity undergoes changes that may impact its risk to the BPS.
In addition to the Risk Elements and focus areas identified in the RRA, ReliabilityFirst considers the following risk
factors when conducting an IRA (set forth in Appendix C to the Inherent Risk Assessment Guide): functional
registered responsibilities, system geography, peak load and capacity, BPS exposure, interconnection points and
critical path/IROLs, special protection systems/UVLS/UFLS, SCADA and EMS, System restoration responsibilities,
system events and trends, compliance history and trends, culture of compliance, and overall composition.
38
ReliabilityFirst also considers the information attributes set forth in Appendix B of the Inherent Risk Assessment
Guide when conducting an IRA.
The tangible information attributes ReliabilityFirst considered during the IRA include the following:
Population and Geographic Location The ReliabilityFirst region includes three of the most populated
areas in the United States (Chicago, Philadelphia, and Washington DC). The ReliabilityFirst region also
contains many medium-sized urban areas such as Baltimore, Cleveland, Pittsburgh, Indianapolis,
Cincinnati, and Toledo. Maintaining and ensuring reliable service to these areas of the country is critical
to the overall well-being of the nation and national security. Any registered entity serving the load in these
areas and those registered entities responsible for operating and maintaining reliability of the BPS
supplying these areas, or in close proximity to these populated areas, may pose a higher risk.
Entity Make-up and Diversity The ReliabilityFirst region is a summer peaking region, with several
registered entities serving peak loads or operating an individual resource in excess of 500 MWs.
Maintaining and ensuring reliable service to these areas of the country is critical to the well-being of the
people and in some cases to national security.
Entity Registration ReliabilityFirst takes into account Entity Registration during the assessment of
registered entities. For example, Reliability Coordinators, Balancing Authorities, and Transmission
Operators have the authority to issue operating orders, instructions, and directives and ultimately may
play a larger role in safeguarding the reliability of the BPS than other registrations.
Transmission Assets The transmission network in the ReliabilityFirst region consists of 765kV; 500kV;
345kV; 230kV; 138kV and 115kV lines. The majority of transmission facilities are overhead, with large
urban areas serviced by underground transmission cables. Overall asset ownership (lines, transformers,
generators, voltage, size of units, fuel type, flowgates, SOL, IROL, etc.) are also considered as part of the
IRA. These assets form the backbone of the system and may be assessed with a higher risk due to their
importance to maintain the reliability of the BPS. A registered entity that owns these types of facilities
may have their audit scope adjusted to address owning and maintaining these types of equipment.
Misoperations The number of protection system misoperations within the ReliabilityFirst region has
been an issue of focus over the last few years. There is a proportionately higher risk to the BPS if
misoperations due to controllable and avoidable circumstances occur. Registered entities having these
types of misoperations may have their audit scope adjusted to address resolving these misoperations.
Special Protection Schemes and Relay Protection Registered entities in the ReliabilityFirst region use
special protection schemes to mitigate system constraints until transmission reinforcements can be
planned and built. In some cases, these special protection schemes are left in place indefinitely. Special
protection schemes can present a high risk to the BPS when they are not properly implemented,
coordinated, or operated as intended.
Emergency Operations and Blackstart Facilities There are multiple facilities designated as blackstart
units in the ReliabilityFirst region. Registered entities are required to regularly test these blackstart units
and submit results to ReliabilityFirst annually. There is a potential risk that there may be insufficient
blackstart resources designated for an area, or that blackstart resources may not be available if they are
not properly tested.
Generation Assets ReliabilityFirsts generation mix is made up of units that are nuclear, coal, gas, hydro,
wind, solar, and refuse power assets. The asset mix for the next few years is expected to change, with a
decrease in coal generation and an increase in renewable resources such as wind generation and solar
generation. There is a risk that generating capacity and available resources may not be available to meet
demand on a real-time, near-term and long-term time horizons. Registered entities owning these
39
resources may be monitored to ensure the availability and proper maintenance of these resources is
retained.
EMS and Monitoring Tools Availability Keeping monitoring tools available and operational for system
operators use is imperative to maintaining a reliable grid. Registered entities with these types of
monitoring tools may have additional Standards and Requirements in their audit scope to ensure these
monitoring tools are maintained and available to the system operator.
The intangible information attributes ReliabilityFirst considered during the IRA include the following:
Operating Performance ReliabilityFirst analyzes data from the GADS and TADS reports and information
from reviewed system events. Since 2008, there have been various system events ranging from local load
drop to interconnection frequency excursions. There is always some risk that a system event could cause
a large scale blackout, but it is more probable that a series of smaller system events will occur and if
undetected, could manifest into a larger system event. This information can help to pinpoint problems or
identify trends for a registered entity and help to focus the scope of an audit to deter future events from
occurring.
Compliance History Assessing the violation history, audit performance, self-certification, and self-report
performance of a registered entity shows past performance trends and a registered entitys behavior
towards compliance and performance of its compliance program. Registered entities with a history of
compliance issues may have their audit scope adjusted to ensure that their mitigating measures achieve
full compliance and prevent recurrence.
Normal System Performance The flow of power across the ReliabilityFirst region is normally from west
to east, to supply the beltway of the mid-Atlantic region and northeast (including the New York City area).
There are instances when this normal power flow is disrupted and system constraints are realized. These
system constraints rely on operator intervention for resolution. A registered entitys system events
(involvement, impact to BPS, significance, availability of operators tools, EMS, etc.), their operational
performance (use of emergency procedures), and their overall situational awareness all play a role in their
system performance.
System Maintenance Upkeep and Replacement - Continued maintenance of equipment, systems, and
facilities is essential to a reliable BPS. As equipment gets older, system maintenance may increase and
facility availability may decrease.
Additionally, where ReliabilityFirst has confidence in a registered entitys internal compliance program as a result
of an Internal Control Evaluation (ICE), ReliabilityFirst may narrow the audit scope and audit periodicity to reflect
the compliance maturity of the registered entity. To support a strong culture of compliance and to demonstrate
robust internal controls, registered entities are encouraged to continually perform self-assessments of their
compliance programs and internal controls on an ongoing basis.
ReliabilityFirst will notify registered entities of the Reliability Standards and Requirements for which they will be
monitored via posting of the Compliance Monitoring Schedule for Data Submittals, the audit notification letter,
the guided Self-Certification notification, and the IRA report which serves as the registered entitys tailored
compliance monitoring plan.
4. Regional Risk Elements and Areas of Focus

The table below contains the Regional risk elements that ReliabilityFirst identified during the RRA process. Also,
as a result of ReliabilityFirsts review of the NERC risk elements and the ReliabilityFirst risk elements, ReliabilityFirst
identified the associated Standards and Requirements, listed below, for increased compliance monitoring focus
in 2016. Thus, ReliabilityFirst justified the inclusion of these Standards and Requirements during the RRA. In the
40
table below, ReliabilityFirst provides additional justifications where applicable. These Standards and
Requirements will be considered as part of an Inherent Risk Assessment and may or may not be included in the
registered entity -specific compliance oversight plan.
NOTE: Standards and/or Requirements in BLUE denote their inclusion in both the ReliabilityFirst CMEP IP Appendix
A4 and 2016 ERO Enterprise CMEP IP.
Expanded ERO Risk
Element(s)
Extreme Physical
Events:
- Acts of Nature
Event Response /
Recovery
Justification
ReliabilityFirst is expanding the ERO risk element(s) as a
result of strained operating conditions in RFs footprint
during unusually hot and extreme cold weather
conditions.
The 2015 winter marked the second consecutive year
during which extreme cold weather conditions affected
the ReliabilityFirst footprint. Importantly, system
performance during the 2015 cold weather events of
January 7 and 8 and February 19 and 20 showed
improvements from the 2014 winter as a result of
registered entities actions, which they took in response to
analyses, lessons learned, and recommendations from the
2014 winter conditions. However, generation outage rates
during the 2015 winter remained above historical norms.
Thus, generation performance, particularly during peak
winter demand periods, continues to be a key area where
registered entities should continue focus on improved
performance.
As a result of cold weather events in the ReliabilityFirst
footprint, the following are important considerations for
winter preparedness activities: (1) ensure processes are
adequate for unit testing and preparation of resources in
advance of winter operations, including testing dual-fuel
capability; (2) review operator communications with
respect to fuel-limited generation commitment decisions
for accuracy and consistency; (3) make process changes as
necessary to allow adjustment of start times based on
changes in fuel used; (4) ensure requirements are met for
generation units for which primary fuel may not be natural
gas but that require gas to operate; (5) review emergency
procedures to ensure effective communication and
coordination of emergency procedures; (6) ensure
transmission owners understand their existing voltage
reduction capabilities (amount, time frame, etc.); and (7)
consider adjustments to the roles and responsibilities for
communications during emergency procedures other than
refining the training to reinforce processes and tools.
41
Associated Standard(s)
and Requirement(s)
EOP-001-2.1b R4
TOP-001-1a R4, R5
PER-005-1 R1 until
6/30/2016.

Expanded ERO Risk
Element(s)
Justification
Extreme Physical
Events:
- Acts of Nature
ReliabilityFirst is expanding the ERO risk element(s)

because, although entities made improvements, extreme
cold weather conditions continued to impact unit
performance.
Event Response /
Recovery
During site visits, ReliabilityFirst determined that while the

2015 generator winter performance improvements were
effective, some of the short-term measures that registered
entities implemented could be further improved to ensure
that long-term generation performance improvements are
sustained on a dependable basis. ReliabilityFirst found that
while short-term solutions worked in some instances, in
other instances, longer-term solutions are still necessary.
and Requirement(s)
EOP-001-2.1b R4
TOP-005-2a R2
TOP-002-2.1b R6,R7,R14
TPL-001-4 R2
Attachment 1-TOP-005 lists the types of data that

Balancing Authorities and Transmission Operators are
expected to share with other Balancing Authorities and
Transmission Operators:
Item 2. Other operating information updated as soon as
available.
Item 2.8. Severe weather, fire, or earthquake.
Extreme Physical
Events:
- Acts of Nature
Maintenance and
Management of BPS
Assets
Monitoring and
Situational Awareness
Event Response /
Recovery
Planning and System
Analysis
There is demonstrated need to ensure that the conditions

in Item 2.8 are met per R2.
ReliabilityFirst is expanding the ERO risk element(s) EOP-003-2 R1, R3, R5, R8
because extreme cold weather conditions could impact PER-005-1 R1, R2 until
the ReliabilityFirst Region as indicated below.
6/30/2016.
TOP-002-2.1b R5, R6, R7
Analysis of extreme cold weather events within TOP-006-2 R5
ReliabilityFirsts
footprint
identified
areas
for
improvement related to system modeling, system
operator training, technology changes, process
improvements, notifications and communication
protocols, which include:
1. Review facility limits on equipment on the border
of neighboring systems;
2. Review the approach for representing known
generation such as behind-the-meter generation
that is not dispatchable;
3. Review how communications tools are used
during controlled outages;
42

Expanded ERO Risk
Element(s)
Justification
and Requirement(s)
4. Review rules for Synchronized Reserves to

determine if they provide sufficient incentives to
obtain synchronized reserves needed in real time;
5. Review the current mechanism to confirm the
amount of reserve generation available to identify
methods to improving the quality of data being
reported;
6. Review demand response to improve operational
flexibility to include shorter lead time; subzonal
calls, calls outside of emergencies and shorter
minimum run times; and
7. Provide dispatchers with better visibility of the
location and amount of load relief from demand
response.
Extreme Physical
Events:
- Acts of Nature
Maintenance and
Management of BPS
Assets
Monitoring and
Event Response /
Recovery
Regarding hot weather conditions, the ReliabilityFirst

footprint experienced several days of unusual, extremely
hot weather in September 2013 that led to emergency
conditions in a Reliability Coordinator service area. During
this period, temperatures were approximately 20 degrees
above normal, and demand for electricity reached an alltime high. At the same time, some generation and
transmission facilities were scheduled out of service for
routine maintenance because lower system demand was
usually experienced during this period (SEE TOP-002-2.1b,
R5, R6 and R7). In order to avoid more serious impacts, the
Reliability Coordinator had to direct Transmission Owners
to implement controlled outages in a few contained areas
for limited time periods. Controlled outages such as these
are a last resort to prevent uncontrolled blackouts over
larger areas (SEE EOP-003-2, R1, R3, and R5 & R8).
ReliabilityFirst is expanding the ERO risk element(s) as a EOP-001-2.1b R2, R4
result of strained operating conditions in RFs footprint EOP-005-2 R1, R1.2
during unusually hot weather conditions.
FAC-014-2 R2
IRO-001-1.1 R8
An analysis of the September 2013 hot weather event NUC-001-3 R4
showed deficiencies in the following to reliability:
TOP-001-1a R4, R5
TOP-002-2.1b R7, R11
1. Emergency plan implementation;
TOP-004-2 R1
2. Issuing directives;
VAR-001-4 R2
3. Operating to first contingency;
4. Maintaining sufficient reactive resources;
5. Use of current-day analysis and changing
conditions system conditions;
6. Operating to IROLs and SOLs; and
7. Establishing SOLs.
43

Expanded ERO Risk
Element(s)
Planning and System
Analysis
Justification
During the 2012 Hurricane Sandy event, some TO and DP
entities, particularly those that were not on the coast,
experienced serious damage. For one entity, all service
areas were impacted. The majority of increased staffing
during this event occurred in the restoration area. Another
entity, a nuclear facility, experienced a temporary loss of
off-site power due to switchyard damage and a bushing on
a voltage regulator associated with a transformer. During
loss of off-site power at this facility, the reactor shutdown
cooling and spent fuel cooling was temporarily lost, but
was restored when emergency diesels started and loaded.
Fossil units were forced off both pre-storm (in anticipation
of potential flooding) and as the stations flooded. Five
potential lessons learned were identified for generation
stations during the storm:
1. Independent System Operators and Reliability
Coordinators should look for opportunities for
improvement with respect to communication with
generation plants during major events;
2. Independent System Operators and Reliability
Coordinators should look for opportunities for
improvement with respect to developing and
documenting alternate communications methods
when normal methods are lost;
3. Comprehensive weather preparation procedures need
to be developed or improved;
4. Improvements can be made for managing personnel
who remain on-site; and
5. Development of anticipated generation reductions is
necessary for the loss of one or more nearby
transmission elements.
In addition to the lessons learned, several generation
operation risks and challenges were identified during the
Hurricane Sandy, including:
1. Increased potential for loss of off-site power to nuclear
facilities;
2. Increased potential for loss of off-site power due to
switchyard damage, or loss of normal condenser
cooling and loss of availability of service water due to
high water;
3. Curtailments due to wet coal, which is normal with any
significant precipitator; and
44
and Requirement(s)

Expanded ERO Risk
Element(s)
Justification
and Requirement(s)
4. Potential lack of fuel due to damage to the fuel

providers facilities.
Event Response /
Recovery
Planning and System
Analysis
Event Response /
Recovery
Also, during Hurricane Sandy, the biggest challenge for the

Balancing Authority was coordinating load lost on the
distribution systems with lost generation, particularly the
loss of entire generating stations or the loss of multiple
units within close temporal proximity. Entities also
experienced challenges maintaining load/generation
balance during restoration as generation and/or load was
added back into the system.
ReliabilityFirst is expanding the ERO risk element(s) EOP-005-2 R6, R9
because Transmission Operators restoration plans and
their resiliency must be constantly monitored to assure
recovery plans are in place. ReliabilityFirst has identified
this need as unique to its footprint as a result of the nature
and size of the Transmission Operators in the
ReliabilityFirst footprint.
EOP-005-2, R6 and R9 focus on verifying that the
Transmission Operators restoration plan accomplishes its
intended function and that each Blackstart Resource is
capable of meeting the requirements of its restoration
plan. Overall, ensuring that large Transmission Operators
meet these Requirements is essential to maintaining
effective restoration plans.
ReliabilityFirst is expanding the ERO risk element(s) EOP-006-2 R1
because Reliability Coordinators restoration plans and
their resiliency must be constantly monitored to assure
recovery plans are in place. ReliabilityFirst has identified
this need as unique to its footprint as a result of the nature
and size of the Reliability Coordinators in the
ReliabilityFirst footprint.
EOP-006-2, R1 focuses on the Reliability Coordinator
having a Reliability Coordinator Area restoration plan that
includes various subcomponents. With two Reliability
Coordinators in the ReliabilityFirst footprint, evaluating
these Reliability Coordinators against this Requirement is
essential to ensuring effective coordination of the system
restoration process.
45

Expanded ERO Risk
Element(s)
Justification
and Requirement(s)
Extreme Physical
Events:
- Acts of Nature
ReliabilityFirst is expanding the ERO risk element(s) EOP-010-1 R1, R3 as of

because the ReliabilityFirst Region can experience 4/1/15
geomagnetic disturbance events.
TPL-007-1 R1-R7 - Effective
dates staggered over 5 year
Although the results of a geomagnetic disturbance are period.
reported under EOP-004-2, means of detection and
correction for these types of events will fall under EOP-010
as of April 1, 2015.
Planning and System

Analysis
ReliabilityFirst is expanding the ERO risk element(s) TPL-001-4 R2-R3

because, with the role of the Planning Authority, Planning
Coordinator, and Transmission Planner assuming more
responsibility and authority in order to maintain system
reliability, ensuring they are performing their role is critical
to system reliability.
Event Response /
Recovery:
Planning and System

Analysis
TPL-001-4 ensures that system performance requirements

are established for use by the Planning Authority and
Planning Coordinator and Transmission Planners.
ReliabilityFirst has determined that because of the nature
of its footprint, with two large Planning Authorities and
Planning Coordinators working in conjunction with the
Transmission Planners, and the compliance monitoring
history relating to TPL-001-4, evaluating these entities to
these Requirements is essential to ensure that the system
will operate reliably over a wide range of system
conditions and probable contingencies.
because coordinated operation and actions across the
ReliabilityFirst Region is critical due to the compact nature
of the grid in the ReliabilityFirst Region.
The emergency, interconnection, planning, transmission
and generator operations standards ensure that the
respective entities develop, maintain, and perform plans
to maintain reliable operation, mitigate emergencies, and
meet system performance requirements. The entities
within the ReliabilityFirst Region must be evaluated to
ensure they coordinate any actions with other entities
besides conducting next-day analyses for anticipated
normal and contingency conditions.
46
EOP-001-2.1b R1-R3, R4, R6

EOP-002-3.1 R1-R3, R4, R5
EOP-003-2 R1, R3, R7-R8
EOP-004-2 R2
IRO-003-2 R1-R2
IRO-004-2 R1
IRO-005-3.1a R5-R6, R9
PRC-006-1 R1-R5, R9-R10
PRC-022-1 R1
TOP-006-2 R2,R6-R7
TOP-007-0 R1-R4
TOP-008-1 R1-R4
TPL-001-4 R1-R3,R7
VAR-002-4 R2-R4

Expanded ERO Risk
Element(s)
Critical Infrastructure
Protection:
- Unauthorized Access
Extreme Physical
Events:
- Man-made
Protection:
- System Downtime
- Unauthorized Access
- Corruption of
Operational Data
Human Performance
Justification
because CIP-006 is a widely violated standard in the
ReliabilityFirst Region. Also, CIP-014 is a newly released
standard focused on protections of Transmission stations
and substations, and their associated primary control
centers. Thus, additional focus is needed to address and
minimize both the magnitude and duration of the
consequences of physical events or attacks. Furthermore,
physical access to cyber systems must be restricted and
appropriately managed to ensure the integrity of the cyber
systems within the Physical Security Perimeter.
Failure to comply with the requirements of these
standards can lead to threats in physical security space.
ReliabilityFirst is expanding the listed risk element(s)
because registered entities within the ReliabilityFirst
footprint have had varying issues with these Standards and
Requirements that warrant increased focus.
In CIP-002, CIP-005, and CIP-007, a failure to comply with
these Standards can lead to threats in the cyber security
space.
because human performance and human interaction with
critical elements on the BPS attributed to system operating
issues in the ReliabilityFirst footprint.
Due to human performance being a root cause of many
noncompliances in the ReliabilityFirst footprint, Entities in
the ReliabilityFirst region should understand that any
operating condition that has not been studied or analyzed
and where no valid operating limits exist is considered an
unknown operating state and could negatively impact the
reliability of the BPS.
As an example, in one case, due to reconfiguration at a
substation for breaker installation and relay replacement
by a Transmission Operator, a line outage resulted in
disabling of the primary and backup protection on an
energized bus. The implications of removing the 138 kV
line facilities and the change in protection status of the bus
was not recognized by field personnel. As a result, the
system operator was not informed of the disabling of bus
protection during the outage resulting in this information
not being communicated to the Reliability Coordinator.
47
and Requirement(s)
CIP-0066 R1-R3
CIP-014-2 R1, R2, R3
CIP-0025.1 R1-R2
CIP-005-5 R1-R2
CIP-007-6 R1-R3, R5
FAC-010-2.1 R2.2
IRO-010-1a R3
TOP-002-2.1b R6
TOP-004-2 R4

Expanded ERO Risk
Element(s)
Maintenance and
Management of BPS
Assets
Human Performance
Justification
and Requirement(s)
ReliabilityFirst is expanding the listed risk element(s) PRC-005-2(i) R3 as of

because Generator Owners in the ReliabilityFirst region 5/29/15
have had issues regarding maintenance and testing of
Protection System Devices such as potential transformers,
current transformers, and direct current (DC) control
circuitry, therefore warranting increased focus.
As an example, an oversight in a medium size entity's
Generator Protection System Maintenance and Testing
Program that required testing of relays that were changed,
associated control circuitry paths, and all other input paths
of the associated lockout relays resulted in these devices
not being tested.
Human Performance
Human Performance

because human performance was a root cause of many
noncompliances in the ReliabilityFirst region, therefore
entities in the ReliabilityFirst region should understand
that any operating condition that has not been studied or
analyzed and where no valid operating limits exist is
considered an unknown operating state and could
negatively impact the reliability of the BPS.
FAC-010-2.1 R2.2
IRO-010-1a R3
PER-005-1 R2 until
6/30/2016.
PRC-001-1.1(ii) R1
TOP-002-2.1b R6
TOP-004-2 R4
In one case, there was an unknown operating state as a

result of abnormal conditions at a substation.
ReliabilityFirst is expanding the listed risk element(s) VAR-002-4 R1-R3
because Generator Operators in the ReliabilityFirst region
continue to experience deviations in voltage schedules
and sometimes fail to notify the Transmission Operators.
The root causes of these deviations and notice failures
vary.
As an example, a large Generator Operator exceeded its
voltage schedules on numerous occasions at various
generating facilities due to lack of operator situational
awareness of the change in automatic voltage regulator
status. Also, a Generator Operator determined that the
Control Room Operator failed to recognize the elevated
voltage condition despite receiving alarms, operator aids,
and training. As another example, a small Generator
Operator was unaware of its obligation to notify the
Transmission Operator when its assigned voltage schedule
could not be met. As a final example, following a planned
outage, a Power System Stabilizer (PSS) status change was
not reported within the required 30 minutes. The exciter
48

Expanded ERO Risk
Element(s)
Event
Response/Recovery:
Human Performance
Maintenance and
Management of BPS
Assets
Protection System
Failures
Maintenance and
Management of BPS
Assets
Human Performance
Justification
and Requirement(s)
went through a control upgrade during the outage and

during the course of the project, the PSS was disabled. The
cause was determined to be an operator oversight due to
not verifying the PSS was in service during start up due to
past routine sequence.
because registered entities within the ReliabilityFirst
footprint have had varying issues with these Standards and
Requirements and there have been and continues to be
changes of restoration resources, which require
restoration plan updates. The following additional
justification is provided which warrant increased focus.
COM-002-2 R2 until
6/30/2016
EOP-001-2.1b R2, R3, R4
EOP-003-2 R8
EOP-005-2 R10-R11, R17
EOP-006-2 R9-R10
PER-005-1 R3 until
6/30/2016.
ReliabilityFirst is expanding the listed risk element(s) BAL-006-2 R4.3
because equipment failures or improper scheduling
operations, or improper AGC performance may contribute
to Area Interchange Error and ReliabilityFirst would like to
confirm this within its region and determine if the number
of equipment failures that impact AIE is presently known
for BAs in the its region.
Per the Compliance Monitoring Section of this standard,
each Balancing Authority shall perform an Area
Interchange Error (AIE) Survey as requested by the NERC
Operating Committee to determine the Balancing
Authoritys Interchange error(s) due to equipment failures
or improper scheduling operations, or improper AGC
performance.
because, as a result of the history of issues in the
ReliabilityFirst region relating to protection system
failures, registered entities in the ReliabilityFirst region
should understand that any operating condition that has
not been studied or analyzed and where no valid operating
limits exist is considered an unknown operating state. This
understanding, or lack of understanding, can potentially
be due to or can impact the listed risk elements and
therefore warrants increased focus.
49
FAC-010-2.1 R2.2
IRO-010-1a R3
PRC-001-1.1(ii) R2, R2.2
PRC-004-2.1(i)a R1, R2
TOP-002-2.1b R6

Expanded ERO Risk
Element(s)
Maintenance and
Management of BPS
Assets
Human Performance
Maintenance and
Management of BPS
Assets
Justification
because, as a result of the history of issues in the
ReliabilityFirst region relating to protection system
failures, registered entities in the ReliabilityFirst region
should understand that any operating condition that has
not been studied or analyzed and where no valid operating
limits exist is considered an unknown operating state. This
understanding, or lack of understanding, can potentially
be due to or can impact the listed risk elements and
therefore warrants increased focus.
and Requirement(s)
TOP-004-2 R4
FAC-010-2.1 R2.2
TOP-002-2.1b R6
IRO-010-1a R3
For example, a registered entity failed to recognize it had

entered an unknown operating state as a result of
intermittent loss of DC power which comprised the relay
protection at the substation. The condition was not
studied or analyzed to determine any possible impacts to
the reliability of the BES.
ReliabilityFirst is expanding the listed risk element(s) TOP-006-2 R1,R2
because registered entities in the ReliabilityFirst region
have experienced various issues with energy management
systems, Supervisory Control and Data Acquisition
systems, ICCP, Contingency Analysis or State Estimators.
Fourteen variations of these type of issues were reported
in 2014 and three in 2015 to date.
As an example, a registered entity experienced an energy
control system failure, which resulted in loss of monitoring
and control capabilities due to failure of its front-end
processors. Its Reliability Coordinator and neighboring
Transmission Operators were able to monitor the tie-lines.
In another case, during an energy control system outage
where the Transmission Operator asked a neighboring
Transmission Operators to monitor tie lines, the first
Transmission Operator could not monitor the applicable
transmission line status, real and reactive power flows,
voltage, and status of rotating and static reactive
resources.
50

Expanded ERO Risk
Element(s)
Justification
and Requirement(s)
Maintenance and
Management of BPS
Assets

because some entities in the ReliabilityFirst region have
experienced equipment failures, some of which are
maintenance related, and therefore increased focus is
warranted.
FAC-003-3 R1-R7
PRC-005-2(i) R3-R4 (as of
4/1/15)
PRC-008-0 R1-R2
PRC-011-0 R1
PRC-017-0 R1
Planning and System

Analysis

because, with the EPA Clean Power Plan resulting in the
retirement of a number of generating facilities within
ReliabilityFirsts footprint, additional focus is needed. The
following additional justification is provided.
BAL-002-1 R1.
EOP-002-3.1 R2, R4
IRO-005-3.1a R2
TPL-001-4 R-R2
VAR-001-4 R2
Protection:
- System Downtime
Event Response /
Recovery
(With a focus on
Resiliency
Unpreparedness)
The EPA Clean Power Plan may result in the retirement of

generating facilities within the ReliabilityFirst region that
cannot
meet
the
environmental
restrictions.
Understanding the possible impacts early in the process is
essential in order to inform decisionmaking and ensure
that grid reliability is maintained. The Regional
Transmission Operators and Independent System
Operators in the ReliabilityFirst footprint have conducted
reliability analyses to determine operating reserve and
transmission needs resulting from potential generator
retirements. With reserve margins in MISOs footprint
already in decline due to Mercury and Air Toxics Standards
and other factors, carbon-intensive generation retired for
the purposes of complying with the EPAs proposal will
need to be replaced fairly quickly.
because resiliency unpreparedness in the ReliabilityFirst
region continues to be of great importance to
ReliabilityFirst, therefore increased focus is warranted.
Within the region, there have been and continues to be
changes of restoration resources, which require
restoration plan updates. The following additional
justification is provided.
Per FERC's 2014-2015 Restoration Initiative focusing on
black start restoration efforts, drills, training,
ReliabilityFirst identified the Standards listed here.
As stated in NERC Severe Impact Resilience: Consideration
and Recommendations, 2012: By definition, a Severe
Event will present enormous challenges as entities within
51
EOP-005-2 R10-R11,R17
EOP-006-2 R9-R10
CIP-008-5 R1-R3
CIP-009-6 R1-R3

Expanded ERO Risk
Element(s)
Monitoring and
Maintenance and
Management of BPS
Assets
Justification
the electricity industry strive to restore and maintain
reliable operations under rapidly changing circumstances
never before experienced. It will not be possible to meet
all electricity consumers demands for rapid restoration of
service as entities prioritize their work with limited
resources. The recommendations from the SIRTF are
intended to prompt BPS entities to develop their own
approaches and flexible plans that would be applicable
under a wide variety of circumstances. These suggestions
are in the form of industry guidelines that describe
practices that may be used by individual entities according
to local circumstances, as opposed to standards. Page 2.
have had issues in this area as identified through the Event
Analysis process and noncompliance dispositions,
therefore warranting increased focus. This risk area
considers loss of remote terminal units, energy
management system outages, Supervisory Control and
Data Acquisition issues, and loss of contingency analysis
capabilities, ICCP, State Estimator, and Nonconvergence.
have had performance issues in this area, therefore
increased focus is warranted. PRC-005 has the highest
number of reported noncompliances and serious or
moderate risk filings in the past four years.
and Requirement(s)
EOP-004-2 R2
EOP-008-1 R1
TOP-004-2 R4
TOP-006-2 R1-R2,R5
PRC-005-2(i)
R1,R2,R3,R4,R5 as of
4/1/2015
PRC-005-3 R1,R2,R3,R4,R5
as of 4/1/2016
5. Regional Compliance Monitoring Plan

This section includes an overview of ReliabilityFirsts currently scheduled IRAs, audits, spot checks, periodic data
submittals, and self-certifications. The audit schedules are also located on the ReliabilityFirsts website:
https://www.rfirst.org/compliance/Pages/Schedules.aspx. ReliabilityFirst typically conducts on-site engagements
at Balancing Authorities, Transmission Operators, and Reliability Coordinators.
CIP Compliance Monitoring Plan
ReliabilityFirst intends to conduct ten on-site CIP Audits in 2016, but may conduct additional audits as necessary.
These ten audits are being conducted pursuant to the Rules of Procedure and include registered entities that must
be audited every three years. Four of the ten audits are Multi-Region registered entity (MRRE) engagements, and
ReliabilityFirst is the Lead Regional Entity for one of the audits. One of the ten audits will be conducted as a CIP
Version 3 - Version 5 Transition Audit and the other nine of the audits will be conducted as full CIP Version 5
audits. ReliabilityFirst is developing the scope for these audits through its IRA process. ReliabilityFirst has already
contacted the registered entities being audited in 2016 to arrange schedules and confirm the audit engagements.
52
Operations and Planning Compliance Monitoring Plan

ReliabilityFirst intends to conduct forty-two Operations and Planning audits in 2016, but may conduct additional
audits as necessary. These audits are being conducted pursuant to the Rules of Procedure and include registered
entities that must be audited every three years. Four of the 42 audits are MRRE engagements that will be led by
another Regional Entity. Five of the non-MRRE audits will be conducted on-site and thirty-three will be conducted
off-site. ReliabilityFirst has already contacted the registered entities being audited in 2016 to arrange schedules
and confirm the audit engagements.
ReliabilityFirst will schedule and perform IRAs for each registered entity based upon the CIP and Operations and
Planning audit schedules. However, this schedule and the IRAs themselves may be revised based on emerging
risks, a registered entitys performance that requires Regional attention, or any other changes to a registered
entity or otherwise that may impact a registered entitys risk to the Bulk Power System.
Once ReliabilityFirst completes an IRA, it establishes a registered entity -specific, customized compliance oversight
plan which addresses the compliance monitoring scope, frequency, and the CMEP tool(s) (e.g., audit, spot check,
or self-certification) that will be used to monitor the registered entity. Based on the results of the IRA, a registered
entitys monitoring frequency may be adjusted, and as such adjustments are made, ReliabilityFirst will update the
audit schedule. For registered entities for which ReliabilityFirst has not conducted an IRA, compliance monitoring
will be targeted based upon the ERO and Region risks previously discussed. ReliabilityFirst will follow the CMEP
timing and guidance found in Section 3 of Appendix 4C of Rules of Procedure to initiate this monitoring.
Self-Certifications
ReliabilityFirst will use guided self-certifications in 2016. The guided self-certifications will be based upon the
registered entitys specific compliance oversight plan resulting from its IRA, a regional identified risk or as directed
by NERC. Guided self-certifications will be focused on specific risks or issues and will require the registered entity
to submit substantiating evidence to support its determination.
Spot Checks
ReliabilityFirst may schedule additional Spot Checks in 2016, and reserves the option to initiate Spot Checks
throughout the year as needed. In addition, ReliabilityFirst may use the Spot Check process to verify mitigation
plans as needed.
Additionally, ReliabilityFirst will conduct the following Spot Checks for CIP Standards in 2016:
1. CIP Version 3-Version 5 Spot Check: ReliabilityFirst will conduct a Spot Check of one registered entity
pursuant to conditions specified in a 2015 Settlement Agreement. This Spot Check will be conducted in
the first quarter of 2016 and will provide assurance that the registered entity has returned to strict
compliance with the applicable CIP Standards and Requirements.
ReliabilityFirst will conduct the following Spot Checks for Operations and Planning Standards in 2016:
1. VAR-001-4: ReliabilityFirst will conduct a Spot Check of VAR-001-4 for all Transmission Operators in its
footprint that are not being audited in 2015 or 2016. The Spot Check will help ensure that voltage levels,
reactive flows, and reactive resources are monitored, controlled, and maintained within limits in real-time
to protect equipment and the reliable operation of the Interconnection. Audit engagements have
indicated that some Generator Operators are not aware or have not been informed by their Transmission
Operators of their voltage or reactive power schedules as required by this Standard. Without a proper
notification and schedule to adhere to, the system operator may not know or have the proper reactive
support needed to maintain voltage.
2. VAR-002-4: ReliabilityFirst will conduct a Spot Check of VAR-002-4 on a sample of Generator Owners and
Operators who have had possible violations of this Standard within the last two years and those entities
53
scheduled for audit in the years 2017 and 2018. The Spot Check will help ensure that medium and small
entities are following their voltage schedules and/or have implemented the necessary procedures
according to the Requirements of this Standard. Audit engagements have indicated that some Generator
Operators are unaware when their unit(s) are in Automatic Voltage Regulator mode. Without the units in
Automatic Voltage Regulator mode, continuous operator interaction is required and during a system
event, the system operator may not know or receive the proper reactive support needed to maintain
voltage.
3. PRC-005-2: ReliabilityFirst will conduct a Spot Check of PRC-005-2 on Transmission Owners, Generator
Owners, and Distribution Providers. The Spot Check will help ensure that these entities are prepared to
meet compliance requirements based upon the implementation plan for PRC-005-2, given the complexity
of the Standards implementation plan and changes to the Standard.
4. EOP-010-1: ReliabilityFirst will conduct a Spot Check of EOP-010-1 on Reliability Coordinators,
Transmission Operators, and a sample of Transmission Owner/Local Control Centers in the PJM footprint.
The Spot Check will help ensure that this new geomagnetic disturbance standard has been properly
addressed. With the possibility of increased geomagnetic disturbance going forward, registered entities
should be prepared to communicate and react to geomagnetic disturbances as they occur to help
minimize the effect on the BPS.
Compliance Monitoring Schedule for Data Submittals
ReliabilityFirst developed a Compliance Monitoring Schedule that contains the Standards and Requirements for
the Data Submittals scheduled for 2016. The Compliance Monitoring Schedule is based upon the NERC risk
elements set forth in the NERC 2016 ERO CMEP Implementation Plan and the ReliabilityFirst risk elements. Most
of these data submittals are associated with the monthly, quarterly, and or annual reporting requirements set
forth in the Requirements.
Monitoring of New or Revised Standards
ReliabilityFirst will include new or revised Standards in the IRA process based upon their implementation plans
and as required by NERC and FERC.
ReliabilityFirsts audit schedule will be posted on the ReliabilityFirst website, but is subject to change based upon
each registered entitys IRA. If a registered entity has a question concerning its audit schedule, please contact
ReliabilityFirst.27
NCR #
CIP Audits
NCR00685
NCR10337
NCR00740
NCR00761
NCR00794
NCR02611
27

Registered Entity
* American Transmission CO., LLC
* Aliant Energy East
Consumers Energy Company
* Duke Energy Company
Hoosier Energy REC, INC.
Northern Indiana Public Service Company
As mentioned above, for registered entities that have declared that they own no Critical Assets (CAs) or Critical Cyber Assets,
ReliabilityFirst will perform self-certifications and data submittals in lieu of conducting an off-site audit. This determination is based
upon Cyber Security Reliability Standards CIP V5 Transition Guidance provided by NERC.
For those registered entities that are also registered for functions that are audited on a six year cycle, ReliabilityFirst will evaluate and
determine the scope of those Registered Entity audits based upon the risk those functions pose to the BES (i.e. a Transmission Operator
that is also registered as a GO, etc.). There may be times when these audits are not conducted based upon the registered entity IRA.
54

NCR #
Registered Entity
NCR00857
Ohio Valley Electric Corporation
NCR00879
* PJM Interconnection, LLC
NCR00917
Southern Indiana Gas & Electric d/b/a Vectren Energy Delivery of Indiana, INC.
NCR00951
Wisconsin Electric Power Company
Operations and Planning Audits
NCR11498
Wisconsin Electric Power MIUP
NCR00951
Wisconsin Electric Power Company
NCR00211
Armstrong Power, LLC
NCR08005
City of Danville
NCR00713
City of Dover
NCR08007
City of Dover - Ohio
NCR11216
Constellation Maryland Peaker Fleet
NCR11366
Hudson Transmission Partners, LLC
NCR02710
City of Niles Light Department
NCR10282
Midland Cogeneration Venture, Limited Partnership
NCR00836
Municipal Light and Power - City of Anderson
NCR08031
South Central Power Co
NCR00744
Covanta Essex
NCR08054
High Trail Wind Farm LLC
NCR00935
UGI Utilities, Inc.
NCR11311
Mehoopany Wind Energy LLC
NCR00667
Alcoa Power Generating Inc. (APGI-AGC)
NCR00712
City of Cleveland, Dept. of Public Utilities, Division of Cleveland Public Power
NCR00798
Indianapolis Power & Light Company
NCR00911
Safe Harbor Water Power Corporation
NCR00925
T.E.S. Filer City Station Limited Partnership
NCR00689
Baltimore Gas and Electric Company
NCR11225
Butler Rural Electric Cooperative, Inc.
NCR00879
* PJM Interconnection, LLC
NCR10296
NAES Corporation - Covert
NCR10295
New Covert Generating Company, LLC [GO]
NCR08026
PECO Energy Company
NCR11144
Detroit Renewable Power
NCR11060
Holland Board of Public Works
NCR00912
Scrubgrass Generating Company, LP
NCR00742
Cordova Energy Company, LLC
NCR00685
* American Transmission Co. LLC.
NCR00761
Duke Energy Corp
NCR00762
Duquesne Light Co
NCR10337
* Alliant Energy East
Note: * Designates an MRRE engagement
55

Outreach Activity
Monthly Newsletter - The ReliabilityFirst Newsletter provides registered entities with
news and information relating to reliability activities.
Monthly Compliance Update Letter - The ReliabilityFirst Monthly Compliance Update
Letter provides registered entities with any changes made to the Compliance
Monitoring Schedule and the due dates for compliance submittals.
ReliabilityFirst Website - The ReliabilityFirst website provides compliance and
technical materials to support compliance program performance.
Workshops/Seminars/Webinars - ReliabilityFirst Compliance workshops/seminars or
webinars will be scheduled to assist the registered entities in the understanding of their
responsibilities to satisfy compliance to the Reliability Standards throughout the year.
CIP Version 5 Outreach and Awareness ReliabilityFirst will conduct CIP Version 5
outreach, including training and education engagements, to ensure that registered
entities have confidence in their implementation of the CIP Version 5 Standards and
Requirements. These engagements will primarily be conducted as Workshops and
Webinars.
Compliance Data Management System (CDMS) - ReliabilityFirst allows its registered
entities to report compliance via CDMS, an internet based application. The CDMS home
page provides informational announcements, updates, and newsworthy items of
interest to the registered entities.
Periodic Reports - ReliabilityFirst will provide Periodic Reports to its registered entities
identifying compliance related activities that the registered entities continue to
struggle with. These reports will be posted on the ReliabilityFirst website.
Open Compliance Calls - ReliabilityFirst has instituted a monthly conference call to
provide an open forum for registered entities to call and voice concerns, ask questions,
and to gain information about upcoming compliance items.
Assist Visits - ReliabilityFirst has instituted a program whereby a registered entity may
request a one-on-one or small group meeting where guidance on compliance related
activities can be provided. These Assist Visits can be in the form of a conference call,
web meeting, or on-site visit. Topics can range from helping a registered entity become
more familiar with compliance related material and activities, to special guidance and
education when either the registered entity or ReliabilityFirst believes the registered
entity needs special attention or additional help.
56
Anticipated Date
Bi-Monthly
throughout the year.
Updated throughout
the year as needed.
Monthly throughout
the year.
Semi-annual (March
and October).
Monthly throughout
the year.
Updated throughout
the year as needed.
Monthly throughout
the year.
Monthly throughout
the year.
As requested by our
registered entities.
Appendix A5 - SERC Reliability Corporation (SERC) 2016 CMEP

Implementation Plan
This Appendix contains the CMEP Implementation Plan (IP) for SERC as required by the NERC Rules of Procedure.

In 2015, SERC reorganized to better align with other ERO entities and to maintain consistency with other regions.
The reorganization included certain alignments in compliance management, including revisions in titles and
responsibilities of certain positions. Through these alignments, SERC will maximize its future growth, improve its
leadership, and create a renewed focus on obligations and services.
SERC will continue to support its Industry Subject Matter Expert (ISME) program, in which SERC audit teams
occasionally use volunteers employed by registered entities in the SERC Region as supplemental compliance audit
team members for both Operations & Planning (O&P) and Critical Infrastructure Protection (CIP) audits. The
program approach focuses on identification, qualification, and assignment of ISMEs to match the technical
resource needs of the specific compliance audits. Information about SERCs ISME program is available on the SERC
website.
During on-site CIP compliance audits, SERC will continue to include a CIP Version 5 outreach component within
these engagements. During the on-site week, the entity may engage SERC compliance audit staff to address CIP
Version 5 approaches and ask questions related to CIP Version 5 Standards.
Together with the other ERO regions, SERC continues to solidify its involvement in the Multi-Regional registered
entity (MRRE) program. As a Lead Regional Entity (LRE), SERC leads efforts related to compliance oversight of an
MRRE. The LRE coordinates and conducts the Inherent Risk Assessment (IRA) and Internal Controls Evaluation
(ICE), with input from each Affected Regional Entity (ARE). This coordinated oversight should eliminate
unnecessary duplication of compliance monitoring and enforcement activities.
To help prevent unintended redundancy and gaps in responsibilities within the Transmission Operator function,
consideration will continue to be given to local (transmission) control centers. Because local control centers could
perform some Transmission Operator tasks, compliance monitoring will focus on the aspects of system
restoration, protection system monitoring, operator training, and backup functionality. This consideration could
include an on-site visit to the local control center.
SERC continues to mature the regional risk-based CMEP. The IRA and ICE programs were implemented in 2015
and will continue to mature in 2016. SERC will focus on performing IRAs on the Reliability Coordinators, Balancing
Authorities, and Transmission Operators that did not receive IRAs in 2015. In addition, SERC will continue to
develop a registered entitys audit scope based on the risks identified during the IRA process.
During 2015, SERC developed an IRA tool to assist SERC staff to perform efficient IRAs and obtain consistent IRA
results. The tool captures the registered entitys assessed risk compared with the SERC Regions predefined risk
criteria. In addition, during the SERC IRA review process, Compliance Monitoring uses the tool to document a
three-year compliance oversight plan for each registered entity. SERC will continue updating and using the tool
throughout 2016.
The ERO risk-based enforcement CMEP introduced compliance exception processing for minimal-risk compliance
issues. Mitigating activities are required to be completed within one year of the public posting of the compliance
57
Appendix A5 - SERC Reliability Corporation (SERC) 2016 CMEP Implementation Plan
exception; however, no penalties or settlement agreements are required. In 2016, SERC will continue to ensure
that minimal-risk issues are considered for compliance exception processing.

Reliable operation of the bulk power system (BPS) is crucial. SERC recognizes that protecting the reliability of the
electric grid in the SERC Region is the responsibility of its members with SERCs support. Achieving a secure and
reliable grid requires registered entities to remain diligent about reliability and resiliency within their service areas.
SERC is responsible for assisting registered entities in identifying regional reliability risks and coordinating
reliability-related activities throughout the Region.
SERC has coordinated efforts with its stakeholders since 2012 to develop and implement a continuous program of
regional assessment of potential reliability risks to the SERC Region BPS. The SERC Regional Reliability Risk
Assessment program is a robust, centralized process for analyzing, prioritizing, addressing, and communicating
significant risks and risk-controlled initiatives.
The programs objective is to improve BPS reliability through a coordinated effort of a cross-functional
organization that identifies, analyzes, prioritizes, and addresses reliability risks. In conformance with the ERO riskbased CMEP, the SERC process consists of the following major activities:
Identify/nominate risks.
Determine time horizon (i.e., immediate, next-day, operational, seasonal, and long-term).
Assess and rank risk:
Determine the consequence or severity impact(s).
Determine the probability of occurrence.
Assign High, Medium, or Low from the Risk Assessment Matrix.
Prioritize risks.
Store the information in the Risk Registry.
Develop risk control initiatives.
Monitor and reevaluate risk impact.
SERCs Reliability Risk Team (RRT) is a major participant in the program. The RRT is responsible for identifying risks
based on the probability of occurrence and severity of impact. SERCs RRT identified three different areas of risk:
Operation Risk(s)
Engineering Risk(s)
Critical Infrastructure Protection (CIP)
SERC also identified risk elements within each group. These identified risk elements align with the 2016 ERO-wide
risk elements:
58
As new and emerging threats and risks are identified, system events occur, and compliance monitoring activities
are performed, SERCs RRT will update the regional Reliability Risk Assessment program to include current
potential issues, threats, and risks. In addition, as SERC performs IRAs of its registered entities, SERC will review
potential risks to BPS reliability posed by individual registered entities.
The coordination among the SERC registered entities, SERC technical committees, SERC staff, neighboring system
personnel, and other members of the ERO is vital to the understanding and analysis of potential major reliability
issues. In 2015, SERC implemented its Integrated Risk Management (IRM) program. The IRM process addresses
SERCs need to gather and analyze data to support risk-based techniques. SERC determined the best method to
support this initiative is through uninhibited sharing of data across SERC program areas. The objective of the IRM
is to support risk-based compliance monitoring and enforcement by defining and deploying sound business
policies, procedures, and process tools across all SERC departments to implement a comprehensive integrated
risk management program.
SERC, through its members and staff, is heavily engaged with NERC and its initiatives. SERCs risk management
programs enable it to focus compliance monitoring oversight activities on those Reliability Standards which, if
violated, would pose the greatest risk to the reliable operation of the SERC portion of the BPS. The Reliability
Standards listed in Section 3 are the programs recommendation for 2016 and are based on what is known at the
time of this submittal.
SERC has recognized one NERC Reliability Standard, PRC-006, as needing greater specificity to achieve successful
coordination of the registered entities within the SERC Region. PRC-006 has Requirements that identify the
Planning Coordinator (PC) as the registered entity responsible for developing Underfrequency Load Shedding
(UFLS) schemes within its PC area. However, the NERC Standard does not provide specific guidance regarding the
extent of cooperation with surrounding PCs. The lack of specificity may lead to inconsistent set points and other
regional inconsistencies for key UFLS parameters. In response, SERC created a Regional Reliability Standard, PRC006-SERC-01, to establish consistent and coordinated Requirements for the design, implementation, and analysis
of UFLS programs among applicable SERC registered entities. The Regional Reliability Standard adds specificity not
contained in the NERC Standard for the development and implementation of the UFLS scheme in the SERC Region.
PRC-006 effectively mitigates the consequences of an underfrequency event.

The table below lists the Regional risk focus areas identified during the Regional Risk Assessment process. The
table also lists areas of focus on identified risks that may be considered in the Regional compliance oversight plan.
Regional Risk
Element
Cold Weather
Impacts on
Transmission and
Generation
Associated Standard
and Requirement(s)
SERC is adopting this risk element based on operational risks, such BAL-001-2 R1, R2; BALas deficient entity responses and performance, identified during 002-1 R1; BAL-005-0.2b
the events summarized by the final and preliminary Polar Vortex R7; COM-002-2 R1, R2
reports
(until June 30, 2016);
COM-002-4 R5, R6, R7
(starting July 1, 2016)
Major Storm
Events such as
Hurricanes and
Tornados
The SERC Region historically has experienced severe weather

events, such as hurricanes and tornados. The most recent
noteworthy weather events were Hurricane Katrina and recurring
mass tornado events in 2008 and 2011. These events usually
create system contingencies beyond existing planning criteria;
Justification
59
COM-002-2 R1, R2 (until

June 30, 2016); COM002-4 R5, R6, R7
(starting July 1, 2016);
EOP-008-1 R1, R4, R7

Regional Risk
Element
Justification
Associated Standard
and Requirement(s)
however, emergency procedures and other operating standards

still apply. Over the years, the Region has identified this risk and
emphasized system preparedness through the 2012 Assessment of
SERC Performance Information for Identifying Potential Reliability
Risk, as well as through the NERC Reliability Assessment reporting
process.
Power
System The following can introduce risk to the reliable operation of the MOD-001-1a R6; FACCoordination and BPS in the SERC Region:
008-3 R6; FAC-014-2 R1,
Modeling
R2, R3, R4; IRO-003-2
Increased use of the BPS in a manner for which the system
R1, R2; IRO-004-2 R1;
was not originally designed
VAR-001-4 R1, R2; VAR Inadequate operating experience
002-4 R1, R2, R3
Insufficient coordinated studies
Insufficient coordinated operations
SERCs unique Planning Coordinator structure necessitates

coordination throughout the SERC Region. There are a large
number of Planning Coordinators in the SERC Region who
coordinate with multiple entities. Performing modeling without
appropriate coordination would risk the validity of SERC study
performance.
In addition, the NERC Arizona-Southern California Outages Report
highlighted potential areas of vulnerability. Significant changes in
generation dispatch, particularly if such changes are unstudied,
increase reliability risks. Such risks warrant additional focus on
registered entities impacted by these issues with respect to these
Standards. References to neighboring system coordination and
recommendations can be found in the NERC Arizona-Southern
California Outages Report.
UFLS Schemes
The SERC UFLS Regional Standard is to establish consistent and PRC-006-SERC-01

coordinated Requirements for the design, implementation, and R2, R3, R4, R5, R6
analysis of UFLS programs among applicable SERC registered
entities. The Regional Standard adds specificity not contained in
the NERC Standard for development and implementation of the
UFLS scheme in the SERC Region that effectively mitigates the
consequences of an underfrequency event.
R1,

Expanded ERO
Justification
Risk Element
Requirement(s)
Maintenance and The SERC footprint is in a geographic area that has dense FAC-003-3 R3, R6, R7; PRCManagement of vegetation. Right-of-way inspections are important to 005-2 R1, R2
BPS Assets
identify potential vegetation issues that could pose a risk
to the reliability of the transmission system.
60

Some Standards and Requirements could continue to require a data submittal, which could be on a monthly,
quarterly, or annual basis.
SERC will continue to perform an IRA for each registered entity based on its 2016 Compliance Monitoring schedule.
While SERC plans on completing IRAs for the remaining registered entities, the Entity Assessment and Mitigation
team will focus on the Balancing Authorities, Reliability Coordinators, and Transmission Operators in early 2016.
SERC may revise an entitys IRA for reasons that include, but are not limited to: new emerging risks; changes in
the registered entitys posture (e.g., asset acquisition or liquidation, reorganization, etc.); or any other registered
entity change that may impact the risk it poses to the BPS.
SERC Compliance staff will complete and coordinate a thorough review of each IRA. Based on risk, SERC
Compliance will create an entity-specific compliance oversight plan that addresses the compliance monitoring
tool, frequency, and compliance monitoring scope. Upon completion of the IRA review, Compliance Monitoring
may modify its 2016 Compliance Audit Plan as needed. During the IRA reviews, if SERC staff identify a registered
entity that poses a significant risk to the BPS, Compliance Monitoring will initiate an appropriate compliance
monitoring tool.
NCR #
NCR01321
NCR01168
NCR01169
NCR10203
NCR01290
NCR01265
NCR01177
NCR08087
NCR11066
NCR01180
NCR00026
NCR01151
NCR01196
NCR01320
NCR01319
NCR00063
NCR00761
NCR01219
NCR01298

Registered Entity
Southern Illinois Power Cooperative
Alcoa Power Generating, Inc. Tapoco
Alcoa Power Generating, Inc. Yadkin
PowerSouth Energy Cooperative
Owensboro, KY Municipal Utilities
Louisiana Generating
Associated Electric Cooperative, Inc.
Southwest Power Pool
Memphis Light, Gas and Water
Big Rivers Electric Corporation
Florida Reliability Coordinating Council, Inc.
Tennessee Valley Authority
City of Columbia, MO (CWLP)
Southern Company Services, Inc. Trans
Southern Company Services, Inc. Gen
Duke Energy Florida, Inc.
Duke Energy Corporation
Duke Energy Carolinas
Duke Energy Progress
Functions Audited
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
CIP
CIP and O&P
CIP
CIP
CIP and O&P
CIP and O&P
CIP and O&P
CIP and O&P
Outreach Activity
Outreach Events
Anticipated Date
61

Outreach Activity
SERC outreach events are planned throughout the year to accommodate the training needs
of registered entities. Planned events, listed here, with specific themes will also feature
compliance and reliability topics of importance at the time of the event. Event details are
posted on the Upcoming Events page of the SERC website, which can be accessed through
the Event Calendar on the home page or under the Outreach / Events Calendar. Outreach
events are promoted in the monthly SERC Transmission newsletter, and email notifications
and reminders are sent to primary and alternate compliance contacts for all registered
entities within the SERC Region footprint.
Open Forum (WebEx)
Open Forum (WebEx): SERC 101
Spring Compliance Seminar (Charlotte, NC and WebEx)
Small Entity Seminar (Charlotte, NC and WebEx)
Open Forum (WebEx)
Open Forum (WebEx)
CIP Compliance Seminar (Charlotte, NC and WebEx)
Fall Compliance Seminar (Charlotte, NC and WebEx)
Focused Workshops / Webinars
Supplemental focused events will be scheduled on an as-needed basis to provide outreach
and training for new or revised Reliability Standards, targeted groups of registered entities
based on functional registration, and ERO initiatives.
FAQ and Lessons Learned
Technical questions received from registered entities are addressed by SERC staff subject
matter experts and posted on the website along with lessons learned to share
information and best practices. Items are listed by topical categories and posted on the
SERC website under Outreach / FAQ and Lessons Learned.
Compliance Outreach Assistance
Upon receipt of a New Registration Application, a document containing links to
Compliance 101 files on the FERC, NERC, and SERC websites will be sent to the applicant
to provide basic compliance information in one convenient location. A sample of the links
includes information such as the Energy Policy Act (EPA) of 2005 on the FERC site, ROP
and Reliability Standards on the NERC site, and Acronym Reference Index and SERC Filing
Due Dates on the SERC site.
Anticipated Date
Jan 25, 2016

Feb 4, 2016
Mar 1-2, 2016
Mar 2, 2016
May 16, 2016
Aug 15, 2016
Sep 27-28, 2016
Oct 18-19, 2016
As needed
throughout the
year
As available
throughout the
year
Updated as
needed
throughout the
year
The SERC Transmission newsletter is distributed to registered entities within the SERC
Region each month and posted on the SERC website. Articles contain links to scheduled
outreach information for both SERC and NERC events, along with other topics helpful to
maintaining BPS reliability.
SERC Compliance Portal
SERC registered entities submit Self-Certifications, Self-Reports, Mitigation Plans, and
Data Submittals via the SERC Portal. Surveys are conducted for feedback to allow SERC to
incorporate enhancements based on the needs of the users, and outreach events include
training on upgrades and enhancements.
62
As needed
throughout the
year
Appendix A6 - Southwest Power Pool Regional Entity (SPP RE)

This Appendix contains the CMEP Implementation Plan (IP) for the SPP RE as required by the NERC Rules of
Procedure.

SPP RE budgeted for two open positions in 2016 the Compliance Director and a CIP Compliance
Specialist. The open CIP Compliance Specialist position was filled in 2015. Due to attrition, the
enforcement department has one open position at this time SPP RE will continue to use contractors or
consultants during 2016 to assist Staff during audits, investigations and/or enforcement activities.
SPP RE Compliance staff will complete Risk Assessment for the registered entities that are on the 2016
monitoring schedule prior to the end of 2015, and will complete Risk Assessments for all remaining
registered entities in 2016. Concurrent with each Risk Assessment the SPP RE Compliance Staff will
determine the monitoring oversight method and monitoring scope.
SPP RE CIP monitoring will focus on the high and medium impact registered entities.
Specific Reliability Standards require periodic data submittals. The SPP RE, SPP RTO, and MISO collect data
submittals on a monthly, quarterly, or annual basis. To fulfill the requirements, registered entities will
submit reports according to the 2016 periodic data submittal schedule as noted in the Notice to Registered
Entities of SPP RE 2016 Reporting Requirements Schedule. spp.org>Regional Entity Home>Compliance and
Enforcement>2016 Compliance Documents
The SPP RE identified requirements that will be monitored through self-certification on either a quarterly
or annual basis. The requirements and schedule are noted in the Notice to Registered Entities of SPP RE
2016 Reporting Requirements Schedule. spp.org>Regional Entity Home>Compliance and
Enforcement>2016 Compliance Documents
SPP RE will continue to engage the registered entities that request Internal Control Evaluations.
SPP RE will continue to engage the registered entities that request Self-Logging.
SPP RE will continue to modify processes based on the MRRE program.
SPP RE has developed new tools and templates to implement Risk Assessments and Internal Control
Evaluations for the registered entities.
SPP RE is developing internal guide documents for both compliance and enforcement activities.
SPP RE will continue to collaborate with NERC, Regional Entities and the registered entities to identify
changes to enhance the risk-based approach to monitoring and enforcement processes.
SPP RE CIP Staff will continue the CIP Version 5 Outreach Program that will assist the registered entities
in the transition to CIP Version 5.
63
Appendix A6 - Southwest Power Pool Regional Entity (SPP RE) 2016 CMEP Implementation Plan
SPP RE developed RE-specific risk elements based on compliance findings in the SPP RE footprint, regional
system events and SPP RE staffs professional judgement.
SPP RE has developed a Regional Audit Scope Plan that identifies the risk elements within the SPP RE
footprint. The SPP RE risk focus areas identified include the facility rating, restoration, frequency response,
voltage support, new standards for 2016, and Cyber Assets.
SPP RE will consider these Regional risk focus areas when following the ERO Risk-based Compliance
Oversight Framework described in the ERO CMEP. SPP RE will also consider the Regional risk focus areas
when conducting risk assessments to develop the audit scope for the registered entities that are
scheduled for audits during 2016.

The table below contains the Regional risk focus areas identified during the Regional Risk Assessment process. In
addition to the consideration and inclusion of the ERO Risk Elements and associated areas of focus, the table also
contains areas of focus to identified risks that may be considered in the Regional compliance oversight plan. The
expansion of the ERO Risk Elements by SPP RE is based on previous compliance findings, areas of concern, system
events, and SPP RE staff professional judgement.
Regional Risk
Element
Frequency
Response
Voltage Support
Justification
SPP RE identified this risk element due to a regional
deficiency in UFLS relay testing that has led to a
frequency response vulnerability. These risk elements
will ensure the established frequency response
programs are designed, implemented and coordinated
so that the BES will be able to arrest a frequency
decline event. Failure to implement the UFLS program
or a correct frequency bias setting according to design
may result in cascading outages of the BES.
SPP RE identified this risk element due to the number
of Self-Reports indicating failure to maintain reactive
support and voltage control. The purpose is to ensure
generators provide reactive support and voltage
control in order to protect equipment and maintain
reliable operation.

Requirement(s)
BAL -003-1 R1
Enforceable 7/1/2016
PRC-006-2 R8, R9
VAR-002-4 R1, R2

Expanded ERO Risk
Element
Human
Performance
Justification
SPP RE is expanding this ERO Risk Element in
response to a regional concern about maintaining
proper decision making and performance by system
operations. These risk elements will help ensure that
systems operators will continue to maintain a high

Requirement(s)
COM-002-4 R1, R5, R6
PER-005-2 R3, R4
64

Expanded ERO Risk
Element
Justification

Requirement(s)
level of competency in their decision making and job

performance so that system reliability is preserved
within the SPP RE footprint.
Maintenance and
SPP RE is expanding this risk element due to the
Management of BPS
historical deficiency of Protection System
Assets
Maintenance Programs in the region. These risk
elements will ensure that the registered entities have
developed and implemented a Protection System
maintenance and testing program to that supports
the reliability of the BPS. The failure to perform
testing and maintenance may result in increased
misoperations of the protection system.
SPP RE is expanding this risk element because of a
deficiency in facility ratings methodologies and the
impact of that deficiency on studies that rely on
facility rating data. These risk elements ensure that
Maintenance and
Facility Ratings are consistent with the registered
Management of BPS
entitys Facility Ratings methodology that is used in
Assets
the reliable planning and operation. SPP RE has
identified inconsistences with Facility Ratings in
operations and during monitoring engagements of
SPP RE is expanding this risk element in response to
historical blackstart testing issues and deficient
responses to loss of control centers. The purpose is
to ensure plans, Facilities and personnel are prepared
to perform System restoration through the training
Event
of personnel and testing of blackstart facilities.
Response/Recovery
Registered Entities failure to prepare may lead to a
prolonged restoration or inadequate performance by
personnel. While SPP RE has not experienced a
blackout in the footprint, there is experience with the
loss of primary control centers.
PRC-005-1.1b R1, R2
PRC-004-4 R1, R2
PRC-005-6 R1, R3, R4, R5
FAC-008-3 R1, R2, R3
COM-001-2 R3, R9
EOP-005-2 R6, R10
EOP-008-1 R4
TOP-002-2.1b R6, R11, R19
VAR-001-4 R2

This section includes regional risk-based CMEP activities. Following is an overview of the years currently known
IRA, audit, spot check, periodic data submittals, and self-certifications.
The monitoring schedule is also located on the SPP REs website:
SPP RE will perform an Inherent Risk Assessment for the registered entities to determine the monitoring activity
and the individual monitoring scope. The assessment criteria will consist of a review of the entities attributes as
identified in the ERO Enterprise Inherent Risk Assessment Guide.
On-Site Audits SPP RE will continue to audit the Transmission Operator and Balancing Authority entities
on a three year cycle in 2016.
65
In 2016, registered entities with high and medium BES Cyber systems will have on-site audits based upon
a three year cycle.
Off-Site Audits- SPP RE will conduct Operation and Planning audits of the registered entities that were
previously scheduled for an audit in 2016 based upon a six year audit cycle, and will audit registered
entities that have been registered within the last two years. Off-site CIP audits will not be performed in
2016 for registered entities with low impact BES Cyber systems.
Spot-Checks Spot-Checks may be used in lieu of Off-Site audits for registered entities that have been
identified as lower risk through the entity risk assessment. There are no mandatory Spot Checks listed in
the 2016 ERO Enterprise CMEP IP. However, SPP RE may initiate a Spot Check at any time to verify or
confirm Self Certifications, Self-Reports, Periodic Data Submittals or in response to operating problems or
system events.
Self-Certification SPP RE will continue to require SPP RE registered entities to perform a Self-Certification
to ensure that the registered entity is maintaining rigorous internal controls for ensuring compliance with
the Reliability Standards. SPP RE has identified Self-Certification requirements based on the ERO
Enterprise CMEP IP and Regional Assessment for the registered entities. Self-Certification will be
conducted using webCDMS. Entities will receive additional notice and instructions before each quarterly
reporting window.
Periodic Data Submittal - The 2016 ERO Enterprise CMEP IP does not identify Reliability Standards and
Requirements that require periodic data submittals. SPP RE will require period data submittals for the
specific Reliability Standards and Requirements that SPP RE, SPP RTO, MISO and Lead Regional Entities
collect operational data on a monthly, quarterly, or annual basis.
NCR #

Registered Entity
NCR01061
Board Of Public Utilities (Kansas City KS)
NCR11407
NCR11354
NCR01067
NCR06033
NCR01071
Buffalo Dunes Wind Project, LLC

Canadian Hills Wind, LLC
Carthage Water & Electric Plant
City Of Abbeville
City Of Clarksdale, Mississippi
NCR01083
Cleco Corporation
NCR01092
NCR11314
Eastman Cogeneration Limited Partnership

Flat Ridge 2 Wind Energy LLC
NCR01072
Independence Power & Light (Independence, Missouri)
NCR11329
KODE Novus Wind I, LLC
NCR01114
Lafayette Utilities System*
NCR01116
NCR06050
NCR11264
NCR01139
NCR06010
NCR11322
NCR11323
Louisiana Energy & Power Authority*

Mississippi Delta Energy Agency
Post Rock Wind Power Project, LLC
Public Service Commission Of Yazoo City
Rayburn Country Electric Cooperative, Inc.
Spearville 3, LLC
Spinning Spur Wind, LLC
66
Functions Audited
DP, GOP, GO, RP,
TOP,TO,TP
GOP, GO
GO
DP
DP, TO
DP, GOP, GO, TO
BA, DP, FOP, GO, RP, TOP,
TO, TP
GOP, GO
GOP, GO
DP, GOP, GO, RP, TOP,
TO, TP
GOP, GO
BA, DP, GOP, GO, TOP,
TO, TP
BA
RP, TO
GOP, GO
DP
DP, TO
GOP, GO, TO
GOP, GO, TO

Registered Entity
NCR #
NCR01148
Sunflower Electric Power Corporation*
NCR00658
Westar Energy, Inc.**
Functions Audited
TO, TP
TO, TP
*-CIP audit
**- CIP and O&P audit
Outreach Activity
Newsletters
SPP.org RE Webpages
2016 Spring Compliance Workshop
2016 CIP Workshop
2016 Fall Compliance Workshop
Webinars
Training Videos
Event Analysis Lessons Learned
67
Anticipated Date
Monthly
Updated as needed
March 15-16, Little
Rock, AR
May 24-25, Little
Rock, AR
September 20-21,
Oklahoma City, OK
Approx. 9 per year
As developed
As developed
Appendix A7 - Texas Reliability Entity (Texas RE) 2016 CMEP

Implementation Plan
This Appendix contains the CMEP Implementation Plan (IP) for the Texas Reliability Entity, Inc. (Texas RE) as
required by the NERC Rules of Procedure.

In 2015 Texas RE internally restructured to focus on reliability risks and the development of risk based compliance
monitoring. In 2016 Texas RE will be evaluating the risk based compliance monitoring implementation efforts of
Texas RE and its registered entities to facilitate improvements in effectiveness and efficiency. Every registered
entity selected for an engagement in 2016 will undergo an Inherent Risk Assessment to focus efforts on reliability
risks for the registered entity and focus Texas RE staff.
The approved Oversight Plan Development Framework does not require Texas RE to indicate which CMEP Tool
(e.g., audit, spot check, and self-certification) will be used in an engagement with registered entity candidates for
2016. Texas RE will follow the Rules of Procedure requirements for notifying candidates once a CMEP Tool, as
developed within the approved Oversight Plan Development Framework, is determined. The Rules of Procedure
still require that a Reliability Coordinator, Balancing Authority, or a Transmission Operator will have an audit
performed at least once every three years. Those Reliability Coordinators, Balancing Authorities, or
Transmission Operators meeting the at least once every three year designation will be listed in the Annual Audit
Plan.
Texas RE will evaluate ERO-wide and Region specific Risk Elements and apply compliance monitoring for Standards
and Requirements applicable to the risks selected. During the implementation year, Texas RE may update the
Implementation Plan. Updates can include, but are not limited to: changes to the compliance monitoring
processes, changes to regional processes, or updates resulting from a major event, FERC Order, or other matter.
When updates occur, Texas RE should submit updates to the NERC Compliance Operations group, which will
review and act on any proposed changes. NERC will be responsible for updating the ERO Enterprise CMEP
Implementation Plan (ERO IP) to reflect any Texas RE changes and will post the updated plan to the NERC website
and issue compliance communications. Texas RE will evaluate Operations and Planning Requirements and Critical
Infrastructure Protection Requirements concurrently during engagements rather than approaching Requirements
relative to the risks separately.
As part of risk-based Compliance Monitoring and Enforcement Program implementation, Texas RE developed an
Inherent Risk Assessment (IRA) tool. The tool uses processes described in the IRA Guide to create a focused scope
for a registered entity. In 2015 Texas RE demonstrated an initial IRA tool to registered entities to facilitate
transparency and develop better understanding in the region. The workshop demonstration provided another
opportunity for registered entities to understand the principles of the IRA Guide as applied by Texas RE. The IRA
tool was significantly updated based on the IRA Guide, NERC oversight feedback, lessons learned, registered entity
feedback, and the straightforward common sense approach by the Texas RE Risk group. During 2016 every
registered entity engagement will start with an IRA and the results, which will be provided to the registered entity
as an IRA Summary Report. Additionally, Texas RE will append the IRA Summary Report to the Non-Public
engagement report for a registered entity. This action will provide a bookend to the engagement process so a
registered entity, and any other participating party, can visualize key milestones in the engagement process.
68
Appendix A7 - Texas Reliability Entity (Texas RE) 2016 CMEP Implementation Plan

Texas RE will continue to engage in significant outreach associated with the transition to new Critical Infrastructure
Protection (CIP) Reliability Standards throughout 2016. As noted in the NERC Implementation Plan, Texas RE will
review entity compliance with CIP-014 to better understand physical security risks posed to the Interconnection.
Texas RE will continue its collaborative effort between NERC, the Regional Entities, and registered entities to
identify and implement changes that enhance the effectiveness of the Compliance Monitoring and Enforcement
Program.

The regional risk assessment process is a facet of Texas REs efforts to adequately plan effective compliance
monitoring in the Interconnect. The risk assessment process is used to determine compliance monitoring
objectives, compliance monitoring scope, and an initial entity oversight plan. Sub-processes of the risk assessment
process are: determining Risk Elements (Interconnection risks), conducting an Inherent Risk Assessment (entitylevel BES risks), completing an Internal Controls Evaluation (entity-level risk mitigation), and developing a
Compliance Oversight Plan (monitoring scope for an entity or class of entities). The work-product of the BES risk
assessment process is the determination of individual engagement type, individual engagement scope, and/or
development of a comprehensive oversight plan for an entity or class of entities.
The process of evaluating BES risk fully satisfies the concerns of significance and compliance monitoring risk. The
process work product is a BES risk-targeted scope. The risk assessment process may be used to perform both
comprehensive and highly targeted compliance monitoring activities. There is no requirement to address all BES
risks in a single, comprehensive checklist-style compliance monitoring activity. Monitoring of individual risks via
multiple engagements may be used as an alternate and more effective approach. The premise of the reliability
assessment process is that the amount of scrutiny a registered entity receives in terms of compliance monitoring
will be directly commensurate with the risk it poses to the reliability of the BES. For entities that pose a limited
reliability risk, minimum compliance monitoring activities may suffice. For entities that do pose a significant risk
to reliability, it will be necessary for those entities to undergo effective compliance monitoring such as additional
focused spot checks, a greater number of self-certifications, or broader and deeper audits of greater frequency.
To assist Texas RE in determining how much risk an entity poses to reliability, Texas RE uses dedicated staff to
review risk within the Interconnection. The staff relies heavily on feedback from other groups within Texas RE
such as Registration, Enforcement, Reliability Services, and Compliance to achieve an understanding of the risks
encountered or emerging within the Interconnection. Additionally, Texas RE reviews externally, both locally and
nationally, created reports and discussions focusing on reliability risks. The Risk Elements Guide provides basic
guidance for determining risks that may require some level of compliance monitoring. Texas RE will use the Risk
Elements Guide and enhance focus on risks within the Interconnection by involving local subject matter experts.
For example, the Texas RE Reliability Services department creates an annual state of reliability report.28 Some
aspects within the report correlate to the Risk Elements determined within the Risk Elements Guide but others
are corollaries, such as Declining system inertia as resource mix changes towards greater percentages of
renewable versus conventional resources a localized issue due to the influx of renewable resources requiring
localized focus. This localized focus could equate to a deeper review of the ERO IP Risk Elements such as, in this
case, Monitoring and Situational Awareness and Extreme Physical Events. The ERO IP only includes two
Standards for Extreme Physical Events (i.e., EOP-010-1 and CIP-014-2) which, as a focus area, does not clearly
capture the range of possible higher risks inherent to the Interconnection represented by a declining system
inertia. Effects of the declining system inertia may be evident is system event responses both in terms of human
responses and physical characteristics such as Primary Frequency Response. Primary Frequency Response has
been identified as a risk to the Interconnection. There is a local working group, the Performance, Disturbance,
28
http://www.texasre.org/CPDL/2014%20Texas%20RE%20Assessment%20of%20Reliability%20Performance.pdf
69
Compliance Working Group (PDCWG) that is responsible for reviewing, analyzing, and evaluating the frequency
control performance of the Interconnection. The PDCWG analyses generation loss events of 450 MW or greater
and system event frequency deviations of +/- 0.1 Hz or greater. The BAL-001-TRE Standard defines the updated
method for individual generator primary frequency response. As such, the Standard could be used in compliance
monitoring efforts for 2016.
Establishing knowledge of a new entity is important in determining risk associated with a new entity. Texas RE
carefully tracks new entities and will use registration input(s) as a way to help delineate the need to engage in
compliance monitoring. Risk-Based Registration, as discussed in the ERO IP, may shift focus onto some registered
entities and trigger review of their responsibilities, or of others as needed. The ERO IP states that monitoring of a
particular registered entity may include more, fewer, or different Reliability Standards than those outlined in the
ERO and RE CMEP IPs. Although the ERO IP and Regional IP identify NERC Standards and Requirements for
consideration for focused compliance monitoring, the ERO recognizes that the Framework and risk-based
processes will develop a more comprehensive, but still focused, list of NERC Reliability Standards and
Requirements specific to the risk a registered entity poses. Therefore, a particular area of focus under a risk
element does not imply: (1) that the identified NERC Standard(s) fully addresses the particular risk associated with
the risk element; (2) that the NERC Standard(s) is only related to that specific risk element; or (3) that all
Requirements of a NERC Standard apply to that risk element equally.
Texas RE will use determined risks to facilitate engagements with registered entities in such a way that prioritizes
the evaluation of compliance for the determined risks. Texas RE will apply the appropriate Risk Element or Risk
Elements and other clearly articulated factors to the appropriate registered entity to maintain a focus on
reliability. Each registered entity is subject to an evaluation of compliance for all Standards regardless of inclusion
within the Areas of Focus described in the ERO IP. That fact allows, as indicated by the ERO IP, for a more in-depth
review of additional Requirements associated with risks beyond those shown within the ERO IP. As each entity
represents a unique set of inherent risks to the Interconnection, Texas RE is committed to having each registered
entity understand how the risks were developed for compliance monitoring engagements. Additional Risk
Elements may be added as needed throughout the year.
3. Regional Risks and Associated Reliability Standards

In addition to the consideration and inclusion of the ERO Risk Elements and associated areas of focus, the table29
below contains Regional Risk Elements identified during the Regional Risk Assessment process. The table also
contains associated Reliability Standards and Requirements to identified risks that may also be considered in the
Regional compliance oversight plan.
Risk Element
Operational
Communication

Justification
This risk element highlights the various voice and data related
communications required to operate within the Texas
Interconnection.
Due to the unique interactions between entities within this
Interconnection, there are different process and
responsibilities that registered entities face when providing the
necessary voice and data related communications. As
evidenced in some events, proper communication efforts and
29

Requirement(s)
COM-001-2 R10, R11;
IRO-002-2 R8;
IRO-010-1a R1, R3;
PRC-001-1.1 (ii) R2;
TOP-002-2.1b R14, R15,
R16;
TOP-003-1 R1;
TOP-006-2 R1;
VAR-002-4 R3, R4, R5
As Standards are revised the most relevant Standard(s) and Requirement(s) managing the identified risk(s) will be used by Texas RE in
compliance monitoring efforts.
70
Risk Element

Justification

Requirement(s)
the results of the communication can affect the recovery

response. This risk element highlights those processes to
ensure that the necessary information is being requested and
provided by registered entities within the ERCOT
Interconnection.
The wholesale electricity market in the Interconnection is
regulated by the Public Utility Commission of Texas (PUCT). This
market structure requires balanced market rules that help
foster a stable electricity market. ERCOT market rules are
developed by participants from all aspects of the electricity
market in the ERCOT Interconnection. These market rules,
known as ERCOT Protocols and Operating Guides, are enforced
by the PUCT and have significant influence on the actions of
SPS Management
The ERCOT Protocols and Operating Guides include

communication requirements and processes between
registered entities and non-NERC registered entities that mirror
or enhance NERC Reliability Standards. The processes defined
within the ERCOT Protocols and Operating Guides provide very
specific processes and responsibilities to registered entities and
non-NERC registered entities within the Interconnection. This
risk element highlights those processes to ensure that
necessary data is being requested and provided by registered
entities within the Interconnection to support reliability and
meet the NERC Reliability Standards.
The standards selected by Texas RE highlight registered entity
responsibilities regarding effective operational communication.
Special Protection Systems (SPS) are used to provide an
automatic response in an effort to prevent damage to
equipment and loss of load based on very specific
predetermined conditions. The SPS responses include changes
in demand, generation, or system configuration in an effort to
alleviate the abnormal condition.
IRO-005-3.1a R1;
IRO-010-1a R1, R3;
PRC-001-1.1(ii) R1, R6;
PRC-005 R1, R2;
PRC-017-0 R1, R2
Failure to properly design and implement SPS could result in the

SPS not being deployed correctly, which could result in system
conditions exceeding device and facility limits. Failure to
maintain SPS devices could result in a misoperation of the SPS,
leading to the SPS failing to operate or operating prematurely.
As demonstrated by a Texas RE report,30 the arming of SPSs has
indicated a slight trend upward whereas the number of SPSs
has been trending downward. These trends are indicative of a
possible risk associated with the management and use of the
30
71
Risk Element

Justification

Requirement(s)
remaining SPSs within the reason. The significant change in

configuration which has, as indicated in the Texas RE report,
reduced the number of SPSs within the Interconnection may be
the catalyst for the increase in SPS arming. While there has not
been a misoperation of an SPS in the recent past, which may
illustrate adequate controls regarding the maintenance and
testing of SPS components beyond the Protection System
components, the increase in arming of SPSs is a reliability
concern.
UFLS Management
The standards selected by Texas RE highlight the planning,

coordination, implementation, and monitoring of SPSs. The
standards also highlight the maintenance and testing
requirements for SPS devices.
Under frequency load shedding (UFLS) systems are used as an PRC-005 R1, R2;
automatic response to deteriorating system conditions. As PRC-006-2 R1, R8, R9;
frequency drops the properly designed and implemented UFLS PRC-008-0 R1, R2
systems will automatically shed load in a coordinated effort to
stabilize system conditions. These systems are rarely used but
have high importance.
Failure to properly design, implement, and maintain UFLS could
result in the UFLS not being deployed correctly, which could
result in system frequency continuing to degrade. Continued
degradation could lead to frequency collapse. The ERCOT
Interconnection is an island relying on UFLS activation as one of
the last reliability related actions to thwart a complete collapse.
The change in configuration, in terms of transmission and
generation, of the ERCOT Interconnection could result in the
use of UFLS
Critical
Support

coordination, implementation, and monitoring of UFLS
systems. The standards also highlight the maintenance and
testing requirements for UFLS devices.
Voltage This risk element is based on existing and near-future system
conditions, generation resources (i.e., type, availability,
location, etc.), and voltage support capabilities in areas of the
Interconnection in which voltage stability of the Bulk Electric
System is a recognized risk.
TOP-002-2.1b R14;
TOP-004-2 R6;
TOP-006-2 R1, R2;
VAR-001-4 R1, R2, R5, R6;
VAR-002-4 R1, R2, R5
Historical events31 have highlighted the risks associated with

voltage stability and the need to monitor the system to ensure
that voltage variations are minimized to prevent outages and
damage to BES equipment. While voltage is generally a
31
72
Risk Element

Justification

Requirement(s)
localized concern there has been a change in the ERCOT

Interconnection that has facilitated the use of more dynamic
and static reactive devices in more areas. Additionally, there
are several load pockets where the management of reactive
sources plays a significant role in ensuring reliability.
SOL/IROL
Management
The standards selected by Texas RE highlight registered entity

responsibilities for providing, requesting, and ensuring that
voltage support is available when needed.
SOL and IROL management have been recognized by Texas RE
as a noteworthy issue32 to track. Additionally, the industry
determined that clarifications were needed regarding the
definition of SOLs.33 While IROL exceedances have trended
downwards, there have been configuration changes within the
Interconnection that have revealed new possible constraints.
FAC-008-3 R1, R2, R3, R6;

FAC-010-2.1 R1, R2, R3
FAC-011-2 R1, R2, R3, R4;
FAC-014-2 R5;
IRO-006-TRE-1 R1, R2;
PER-005-1 R3;
TOP-002-2.1b R11;
In the ERCOT Interconnection approximately 15% of tracked TOP-004-2 R6;
events have been loss of real-time monitoring or analysis tools.
The new constraints coupled with possible loss of monitoring
capability need thorough review to help ensure the reliability
of the Interconnection.
It is important to distinguish operating practices and strategies
from the SOL itself. An SOL is based on the actual set of Facility
Ratings, voltage limits, or Stability limits that are to be
monitored for the pre- and post-Contingency state. How an
entity remains within these SOLs can vary depending on the
planning strategies, operating practices, and mechanisms
employed by that entity. As indicated in other Risk Elements,
the nature of the ERCOT Interconnection requires unique
attention to the management of issues affecting the reliability
of the Interconnection. The configuration changes have
retired some IROLs and introduced new SOLs that impact the
operation of the BES.
The standards selected by Texas RE highlight the complete
management of SOLs starting with the planning perspective.
With the ERCOT Interconnection configuration continually
undergoing significant change, it is critical to have adequate
controls regarding management of SOLs in place to ensure the
reliability of the Interconnection.
32
33
http://www.nerc.com/pa/Stand/Prjct201403RvsnstoTOPandIROStndrds/2014_03_fifth_posting_white_paper_sol_exceedance_2015010
8_clean.pdf
73
Risk Element
UVLS Management

Justification
Under voltage load shedding (UVLS) systems are used as an
automatic response to deteriorating voltage conditions. As
voltage drops, locally or interconnection wide, the properly
designed and implemented UVLS systems will automatically
shed load to stabilize system conditions. These UVLS systems
are used in system events affecting the Interconnection.

Requirement(s)
EOP-003-2 R2, R3, R4;
PRC-005 R1, R2
PRC-010-0 R1;
PRC-011-0 R1;
PRC-022-1 R1
Failure to properly design, implement, and maintain UVLS could

result in the UVLS not being deployed correctly, which could
result in system voltage continuing to degrade. Continued
degradation could lead to voltage collapse.
coordination, implementation, and monitoring of UVLS
systems. The standards also highlight the maintenance and
testing requirements for UVLS devices.
4. Compliance Oversight Plan

The audit schedule is also located on the Texas REs website here: [Annual Audit Plan] and is consistent with the
three year audit cycle. Each registered entity selected for an engagement in 2016 will undergo an Inherent Risk
Assessment to focus efforts on reliability risks for the registered entity and focus Texas RE staff. The engagement
schedule will be dependent upon resource scheduling of registered entity staff and Texas RE CMEP staff. The
target date for a completed Inherent Risk Assessment (IRA) is no later than 105 days prior to a possible
engagement to allow for the 90 day notification requirement for a Compliance Audit per the Rules of Procedure.
The notifications for any engagement, as defined in the Rules of Procedure, shall be dependent upon the
completion of an IRA. If a different CMEP tool is selected during the IRA process the notification period required
by the Rules of Procedure specific to the tool will be followed. Texas RE and registered entities have been working
well together to accommodate schedule changes as needed.
Texas RE will perform IRAs on registered entities not shown on the Annual Audit Plan schedule below. The
approved Oversight Plan Development Framework does not require Texas RE to indicate which CMEP tool will be
used in an engagement with registered entity candidates for 2016 at this point of the process. Texas RE will follow
the Rules of Procedure requirements for notifying candidates once a CMEP Tool, as developed within the
approved Oversight Plan Development Framework, is determined. The Rules of Procedure still require that a
Reliability Coordinator, Balancing Authority, or a Transmission Operator will have an audit performed at least
once every three years. Those Reliability Coordinators, Balancing Authorities, or Transmission Operators meeting
the at least once every three year criteria shall be list in the Annual Audit Plan. Other registered entities that
will be considered candidates for a compliance monitoring engagement in 2016 will be listed on the Texas RE
website here [2016 Candidate List].
The format for the periodic data submittal schedule for 2016 is not expected to change significantly from the 2015
Data Submittal Schedule34 with the exception of PRC-004-4. PRC-004-4 removed the misoperation data reporting
obligation was after industry determined it was not optimal to establish consistent metrics for measuring
Protection System performance.35 The misoperation data reporting obligation is being developed under NERC
34
35
http://www.texasre.org/CPDL/2015%20Periodic%20Data%20Submittal%20Schedule.pdf
http://www.nerc.com/pa/Stand/Reliability%20Standards/PRC-004-3.pdf
74
Rules of Procedure, Section 1600 Request for Data or Information. NERC will analyze the data to: develop
meaningful metrics; identify trends in Protection System performance that negatively impact reliability; identify
remediation techniques; and publicize lessons learned for the industry. Because misoperations exacerbate events
and significantly impact reliability, Texas RE will continue to include a review of the data in the development of
IRAs for registered entities. If any changes other than due dates are made to the 2016 Data Submittal Schedule,
the schedule will be updated and affected entities would receive adequate notification of the change.
NCR #
NCR11114
NCR04109
NCR04124
NCR04091
NCR04056
NCR04049
NCR04033
NCR04029
NCR04028
NCR04006
2016 Compliance Oversight Plan

Registered Entity
Cross Texas Transmission, LLC
Oncor Electric Delivery Company, LLC
South Texas Electric Cooperative, Inc.
LCRA Transmission Service Corporation
Electric Reliability Council of Texas, Inc.
Denton Municipal Electric
City of Garland
City of Austin dba Austin Energy
CenterPoint Energy Houston Electric, LLC
American Electric Power Service Corp as agent for AEP Texas North Co, AEP Texas
Central Co, and Public Service of Oklahoma
Outreach Activity
Spring Compliance Workshop
Fall Compliance Workshop
Talk with Texas RE
Texas Review Newsletter
CIP Compliance Workshop(s)
75
Anticipated Date
Spring 2016
Fall 2016
Projected Monthly
(subject to change)
Projected Monthly
TBD
Appendix A8 - Western Electricity Coordinating Council (WECC)

This Appendix contains the CMEP Implementation Plan (IP) for WECC as required by the NERC Rules of Procedure.

Inherent Risk Assessment (IRA) and Internal Controls Evaluation (ICE)

In 2015, WECC continued to enhance its IRA process based on the feedback from the registered entities and NERC.
Based on the IRAs performed, WECC identified a risk-based monitoring strategy for 22 registered entities
scheduled for onsite audits in 2015. During the Phase I oversight performed by NERC in April 2015, WECC was
deemed fully aligned with the implementation of IRA and ICE processes. WECC will continue to work with NERC
and the other Regions in 2016 to improve and maintain consistency within the ERO for IRA and ICE processes.
In 2015, WECC implemented the ICE process which assessed the strength of performance based standards and
provided participating registered entities a detailed report refining the scope and depth of compliance monitoring
activities. WECC plans to improve its ICE process in 2016 by working with NERC, the other Regions and
incorporating appropriate feedback from registered entities.
Compliance Monitoring Strategy

In 2015, WECC created a Compliance Monitoring Strategy (CMS) tool to aid in the development and tracking of
WECCs Risk-Based Oversight Plans for monitoring activities including self-certifications, audits, spot-checks, IRAs,
and ICEs as directed in the NERCs Rules of Procedure, Compliance Monitoring Enforcement Program (CMEP), and
the annual WECC and ERO Enterprise CMEP Implementation Plans (IP). In accordance with the CMS, on a quarterly
basis each year WECC staff will conduct an analysis of certain criteria to strategically develop, schedule and
execute WECCs oversight activities based on the risks posed to the Bulk Power System (BPS). WECC will leverage
information from IRAs, ICEs, lessons learned, ERO best practices, and other information to focus appropriate
monitoring and enforcement efforts.
CIP v5 Implementation
WECC continued to provide guidance in a timely manner throughout the CIP v5 transition and will ultimately
facilitate full compliance by the effective date for registered entities throughout the Western Interconnection.
WECC CIP auditors served as technical experts and actively participated in the ERO CIP v5 Transition Advisory
Group to further the development of both CIP v5 Frequently Asked Questions (FAQs) and Lessons Learned. These
documents, once completed, will be posted to the NERC website to educate and inform registered entities in their
transition efforts. CIP v5 FAQs include over 100 common questions and answers, and several detailed Lessons
Learned.
The WECC CIP team prepared and delivered significant CIP v5 outreach sessions covering all of the new CIP
standards in 2015, with additional efforts in support of low impact entities. The onset of required controls for Low
Impact Systems identified in CIP-003-6 R2 will impact the majority of WECC registered entities. With this in mind,
WECC identified four registered entities to participate in a Low Impact Case study. The Case study team will work
closely with WECC CIP Auditors to identify potential hurdles and lessons learned that can be shared with the
broader industry. The WECC CIP staff will continue to develop and support NERC technical discussions to further
strengthen CIP Version 5 transition guidance in 2016.
76
Appendix A8 - Western Electricity Coordinating Council (WECC) 2016 CMEP Implementation Plan

In 2015, WECC focused efforts to support and implement the ERO Risk-based Compliance Oversight Framework
described in the ERO Enterprise CMEP Implementation Plan. The 2016 ERO Enterprise CMEP IP identifies Risk
Elements and Areas of Focus, which provide foundation for WECCs Regional Compliance Oversight Plan. The 2016
ERO Enterprise CMEP IP does not constitute a comprehensive list of risks that may affect the BPS, so WECC
considered regional and local risks along with the specific circumstances associated with individual registered
entities within WECCs footprint when developing its Regional Compliance Oversight Plan. WECC also considered
the WECC 2015 State of the Interconnection report in our Regional Risk Assessment.
Risk Factors and IRA
To identify inherent risks, WECC considered risk elements identified in the 2016 ERO Enterprise CMEP IP. In
addition, WECC will consider factors on an individual basis for each registered entity, including its footprint,
generation and transmission profile, interconnections, geographical locations, system events, compliance
violation trends, CIP BCS and impact, etc.

In an effort to maintain consistency, WECC adopted the Risk Elements and Areas of Focus identified in the 2016
ERO Enterprise CMEP IP. In addition to that list, the table below contains four Areas of Focus identified by WECC
during the Regional Risk Assessment process.
Risk Element
Justification
Maintenance and i. This is the same Risk Element as specified in the NERC
Management of CMEP.
BPS Assets
ii. WECC has additional standard requirements related
to Maintenance and Management of BPS Assets.
Areas of Focus
FAC-003-3 R1
FAC-003-3 R2
FAC-003-3 R6
FAC-003-3 R7
Iii. FAC-003-3 addresses the risk of transmission outages

due to vegetation growth in the transmission Right-ofWay. This is an ongoing risk in the WECC region due to
the existence of extremely long EHV transmission lines
which pass through remote and sparsely populated
areas of forest.

In addition to the ERO Enterprise monitoring approach for CIP Version 5 and physical security, during 2016, WECC
will use the ERO Risk-based Compliance Oversight Framework described in the 2016 ERO Enterprise CMEP IP to
determine the scope and method for conducting compliance activities. WECC will focus on identifying, prioritizing,
and addressing risks to the BPS, thereby allowing WECC to focus resources where they are most needed. WECC
will conduct IRAs and develop preliminary Compliance Oversight Plans (COP) for registered entities subject to 3year audit engagements listed in the 2016 audit schedule. At the conclusion of an audit for a given entity, WECC
may revise the entitys COP. In doing so, WECC would consider factors such as footprint, generation and
transmission profile, interconnections, geographical locations, system events, CIP BCS, impact and on-site audit
observations. Any revisions to a COP will be shared with the registered entity.
77

WECC will continue to monitor a number of Standards and Requirements that require data submittals on a
monthly, quarterly, and/or annual basis. The list of Standards and Requirements is located on WECCs website.
Self-Certifications
Self-Certifications will be based on guidance in the 2016 ERO Enterprise CMEP IP and the NERC Rules of Procedure.
WECC will further determine the scope of self-certifications based on the quarterly CMS reviews, compliance
history and/or results of IRA and ICE. Self-Certification requests will be posted at the Standard Requirement level.
WECC will validate registered entity responses and may issue data requests to collect evidence to validate
compliance.
Compliance Audits
The 2016 audit schedule is located on WECCs website.
NCR #
NCR05329
NCR05447
NCR11118
NCR05368
NCR05097
NCR11094
NCR05020
NCR05338
NCR05032
NCR05126
NCR05155
NCR11039
NCR05304
NCR11078
NCR11360
NCR05344
NCR11372
NCR11103
NCR03049
NCR03050
NCR11393
NCR05169
NCR02552
NCR10395
NCR11382
NCR05372
NCR05016
NCR05195
2016 Compliance Audit Plan*

Registered Entity
Talen Montana, LLC
Valley Electric Association, Inc.
Balancing Authority of Northern California
Sacramento Municipal Utility District
City of Tacoma, Department of Public Utilities, Light Division
Coolidge Power LLC
Avista Corporation
Public Utility District No. 1 of Chelan County
Bonneville Power Administration
Deseret Generation & Transmission Co-operative
Farmington Electric Utility System
Hatchet Ridge Wind, LLC
PacifiCorp
Vantage Wind Energy LLC
MATL LLP
Puget Sound Energy, Inc.
Gila Bend Operations Company
Idaho Wind Partners 1, LLC
Arlington Valley, LLC - AVBA
Griffith Energy, LLC
Gridforce Energy Management, LLC
Sundevil Power Holdings, LLC
New Harquahala Generating Company, LLC - HGBA
NaturEner Power Watch, LLC (GWA)
NaturEner Wind Watch, LLC
Salt River Project Agricultural Improvement and Power District
Arizona Public Service Company
Imperial Irrigation District
* WECC will use the approved ERO Enterprise Risk-based Compliance Oversight Framework, as described in the
ERO Enterprise CMEP IP and will determine the schedule and scope of each audit based on the quarterly CMS
reviews, compliance history and/or results of IRA and ICE.
78
Information for workshops and seminars (and others as they are finalized) and the dates on which they are
scheduled to occur will be posted on the WECC website.
Monthly Open Webinars
Since many of the questions the WECC Compliance Staff receives are very similar, WECC answers questions in an
open forum for greater efficiency. WECC Compliance Subject Matter Experts participate on this webinar and
respond to questions. In fairness to everyone on the call, WECC does not address entity- specific questions and
issues.
Compliance User Group (CUG)
The CUG meeting provides in-depth, in-person, and detailed training and education through structured lecture
and presentation, panels of experts, interactive dialog in an open forum, direct question and answer sessions and
invaluable networking opportunities. Workshops cover the entire compliance sphere with focus reflecting the
attendees and industries issues. These meetings provide direct access to the WECC Compliance management
team, staff, and Subject-Matter Experts. Participants may also attend telephonically or via video webinar.
Critical Infrastructure Protection User Group (CIPUG)
The mission of the CIPUG is to provide an open forum for the exchange of information regarding the WECC
Compliance Program's enforcement of mandatory CIP Standards in the Western Interconnection. Its meetings are
structured similarly to those of the Compliance User Group, and it is a forum for WECC to provide information
regarding NERC and WECC CIP activities and related training and workshops for registered entities on an asneeded basis.
Outreach Activity
Anticipated Date/Location
WECC Open Webinar
Third Thursdays of most months
Compliance 101 Webinar
Video Tutorial
March 22-24, 2016
San Diego, CA
May, 2016
CIP 101 Low Impact Assets Seminar
TBD
September 27-28, 2016
CIP Workshop
Salt Lake City, UT
October 25-27, 2016
Phoenix, AZ
79
Appendix B Compliance Assessment Report

Compliance Assessment Process for Events and Disturbances
The ERO Enterprise encourages registered entities to perform an initial compliance assessment (CA) concurrent
with the registered entitys event review and analysis. When completing a CA, the registered entity should follow
these steps:
1. Refer to the causes and contributing factors of the event as determined by the registered entitys events
analysis process.
2. Identify all applicable NERC Reliability Standards and Requirements that may have been implicated by the
causes and contributing factors of the event.
3. After reviewing the facts and circumstances of the event, develop conclusions that are relevant to step 2
above as they apply to the applicable NERC Reliability Standards and Requirements.
4. Self-report any findings of noncompliance to the RE per the CMEP procedures.
5. Provide a copy of the CA report to the RE compliance organization. The CA should be accompanied by the
separate Event Analysis Report, Brief Report, or similar document that provides sufficient information for
the RE to understand the event.
Sample Compliance Assessment Report Template

Event Cause or
Contributing Factor
CauseExample 1
Applicable Reliability
Standards and
Requirements
AAA-000-0 R 1
Details of CA Efforts
1. Identify the process

used to assess
compliance with this
Requirement.
Findings
Finding conclusion
2. Identify any evidence

that demonstrates
compliance
Equipment failure of a
high-side transformer
cleared along with two
transmission lines.
3. Identify any evidence

that suggests
noncompliance
TOP-002-2a
Established transfer limits
R6. Each BA and TOP shall were followed such that
plan to meet
the event did not result in
unscheduled changes in
instability. The limit for
system configuration and operating across this
generation dispatch (at a internal interface is
minimum N-1
established in the RC. XYZ
contingency planning) in
Interface All Lines In
accordance with NERC,
Stability Guide
Regional Reliability
(document provided)
Organization, subregional and local
reliability Requirements
80
No findings of
noncompliance

Reliability Assurance Initiative-2016 CMEP IP - V - 2 5 - 071116 - POSTED

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Reliability Assurance Initiative-2016 CMEP IP - V - 2 5 - 071116 - POSTED

Hochgeladen von

Copyright:

Verfügbare Formate

2016 ERO Enterprise

NERC | Report Title | Report Date

Compliance Outreach .................................................................................................................................. 35

Appendix A4 - ReliabilityFirst Corporation (ReliabilityFirst) 2016 CMEP Implementation Plan ............................. 36

Error! No text of specified style in document.

Compliance Monitoring and Enforcement .................................................................................................. 36

Other Regional Key Initiatives and Activities............................................................................................... 36

Regional Risk Assessment Process .............................................................................................................. 37

Regional Risk Elements and Areas of Focus ................................................................................................ 40

Regional Compliance Monitoring Plan ........................................................................................................ 52

6. Compliance Outreach ...................................................................................................................................... 55

Compliance Monitoring and Enforcement .................................................................................................. 57

Regional Risk Assessment Process .............................................................................................................. 58

Regional Risk Elements and Areas of Focus ................................................................................................ 59

Regional Compliance Monitoring Plan ........................................................................................................ 61

Compliance Outreach .................................................................................................................................. 61

Compliance Monitoring and Enforcement .................................................................................................. 63

Regional Risk Assessment Process .............................................................................................................. 64

Regional Risk Elements and Areas of Focus ................................................................................................ 64

Regional Compliance Monitoring Plan ........................................................................................................ 65

Compliance Outreach .................................................................................................................................. 67

Compliance Monitoring and Enforcement .................................................................................................. 68

Regional Risk Assessment Process .............................................................................................................. 69

Regional Risks and Associated Reliability Standards ................................................................................... 70

Compliance Oversight Plan.......................................................................................................................... 74

Compliance Outreach .................................................................................................................................. 75

Compliance Monitoring and Enforcement .................................................................................................. 76

Regional Risk Assessment Process .............................................................................................................. 77

Regional Risk Elements and Areas of Focus ................................................................................................ 77

Regional Compliance Monitoring Plan ........................................................................................................ 77

Compliance Outreach .................................................................................................................................. 79

Appendix B Compliance Assessment Report ........................................................................................................ 80

Removed key enforcement date table due to dependency of

Expanded information on self-logging on page 7, and

Added ERO Enterprise 2016 monitoring approach for CIP

November 24, 2015

Removed duplicate requirements in the Regional Risk Elements

June 17, 2016

Changed NCR01321 within SERCs 2016 Compliance Audit Plan

Changed the footnote reference on page 55 from LSE to GO.

Removed reference to LSE from the audit schedule on pages 68

Added vegetation management as area of focus

Changed CIP V5 effective dates

Edits to MRO, NPCC, RF, and SPP RE Regional IPs

Table 3 updated: Critical Infrastructure Protection page 10.

Florida Reliability Coordinating Council

Midwest Reliability Organization

Northeast Power Coordinating Council

SERC Reliability Corporation

Southwest Power Pool Regional Entity

Texas Reliability Entity

Western Electricity Coordinating Council

Details on Regional Risk Assessment processes and results;

Other key activities and processes used for CMEP implementation.

Significant Initiatives Impacting CMEP Activities

Risk-Based Registration Initiative

Critical Infrastructure Protection Reliability Standards, Version 5

Significant Initiatives Impacting CMEP Activities

Physical Security NERC Reliability Standard CIP-014-2

Number of assets critical under the Standard;

Defining characteristics of the assets identified as critical;

Scope of security plans (types of security and resiliency contemplated);

Timelines included for implementing security and resiliency measures; and