By - Jon Brown

NERC Fundamentals and Compliance
October 15-16, 2019 | Atlanta, GA

Download PDF

 

Overview

If this event is of interest you may also be interested in this related event

NERC CIP: A Deeper Dive, October 16-17, 2019 in Atlanta, GA

Entities registered with the North American Electric Reliability Corporation (NERC) continue to address the complexities of NERC reliability standards implementation, on-going compliance and enforcement. Full audit schedules ensure the stakes remain high (as evidenced by the recent $10 million fine imposed on a Registered Entity). Critical Infrastructure Protection (CIP) standards involve an added level of complexity.

With an increasing number of generation and transmission projects being proposed and built, it’s important to understand the implications of being a NERC registered entity and the complicated and, often, costly compliance process.  A host of important factors can significantly impact operations. One of the key tenets supporting compliance, or which can mitigate a penalty, is having a robust compliance program.  To demonstrate a culture of compliance, a registered entity must show an enterprise-wide commitment to the process. 

This course is an overview of NERC standards, compliance, and monitoring and will provide the necessary background for staff with compliance responsibilities to understand the concepts and complexities of NERC compliance to build a culture of compliance and reliability and prepare for audits. The course will help registered entities understand the background for the NERC standards, proven methods of compliance and how to best organize evidence to demonstrate compliance during an audit.

Learning Outcomes

  • Define the role of FERC, NERC and Regional Entities
  • Review the background for the NERC standards and discuss major recent revisions
  • Explain how violations are determined and identify which standards are the most violated
  • Define a culture of compliance and its importance in the compliance monitoring and enforcement process
  • Examine strategies to build an internal compliance program
  • Examine the NERC CIP requirements: Current version and upcoming revisions 
  • Analyze the audit process and demonstrate strategies for success before, during, and after an audit
  • Discuss emerging trends in NERC compliance including CIP Version 5, the Risk Based CMEP, the new and emerging standards on Physical Security, Geomagnetic Disturbances, Distributed Energy Resources, etc.

Credits

AP_Logo

EUCI has been accredited as an Authorized Provider by the International Association for Continuing Education and Training (IACET).  In obtaining this accreditation, EUCI has demonstrated that it  complies with the ANSI/IACET Standard which is recognized internationally as a standard of good practice. As a result of their Authorized Provider status, EUCI is authorized to offer IACET CEUs for its programs that qualify under the ANSI/IACET Standard.

EUCI is authorized by IACET to offer 1.2 CEUs for this event.

 

Requirements for Successful Completion of Program

Participants must sign in/out each day and be in attendance for the entirety of the course to be eligible for continuing education credit.

Instructional Methods

This course will use PowerPoint presentations and group discussions.

Agenda

Tuesday, October 15, 2019

8:00 – 8:30 a.m. :: Registration and Continental Breakfast

8:30 a.m. – 5:00 p.m. :: Course Timing

12:00 – 1:00 p.m. :: Group Luncheon


Overview of NERC Reliability Standards and Requirements

  • NERC as the ERO
  • Overview of entity registration
  • Standards background and drafting process
  • Trajectory of standards
    • Results based standards
    • Regional standards
  • Compliance and enforcement
  • Analysis of most violated non-CIP standards: Hot spots for current versions as well as status of revisions
    • PRC 005
    • FAC 008/009
  • NERC compliance in practice
  • Define “culture of compliance” and strategies to build, communicate and demonstrate a culture of compliance, as mandated by NERC
  • The role of a culture of compliance in mitigation
  • Preparing for an audit: What to do before, during and after an onsite compliance audit:  successful   strategies and avoiding common pitfalls
  • Discuss the settlement process that occurs after a violation has been found
  • Recognize how NERC compliance fits with other enterprise compliance needs and risk management
  • Managing documentation and evidence
  • Demonstrating a culture of compliance to auditors
  • Risk Based CMEP and what it means to you

Wednesday, October 16, 2019

8:00 – 8:30 a.m. :: Continental Breakfast

8:30 a.m. – 12:00 p.m. :: Course Timing


NERC Critical Infrastructure Protection (CIP)

This session will provide an overview of the NERC CIP Reliability Standards and provide insight into what it takes to comply with the same on an ongoing basis.

    • Introduction
    • History and background of the NERC CIP reliability standards
    • Common assumptions and mistakes
    • Prevalent NERC CIP compliance challenges
    • A word about CIP v5/v6
    • Overview of the NERC CIP reliability standards
    • NERC CIP v5/v6
      • Overview of Version 5 NERC Cyber Security Standards
      • Notable differences between Version 3 and Version 5 NERC CIP reliability standards
    • Tools and resources
      • A few words about “tools” and NERC CIP compliance
      • Active vulnerability assessment tools
      • Danger: Active scanning of ICS environments is risky business!
      • Resources
    • Emerging issues and new standard

Instructors

Ryan Carlson, CISSP, PSP, Vice President – Critical Infrastructure Protection Services, Proven Compliance Solutions

Ryan has over 25 years of experience in Cyber Security, IT project management, network system engineering, and network/server system administration.  Ryan’s career has been devoted exclusively to assisting clients with their NERC Critical Infrastructure Protection (CIP) compliance program needs since 2008.  Ryan has conducted hundreds of CIP mock audit/gap analysis projects over the last 10 years and participated in dozens of regional CIP audits as an expert advisor, observer, and embedded Subject Matter Expert.  Ryan is actively involved in monitoring the CIP Standards development process by attending NERC Critical Infrastructure Protection Committee (CIPC) meetings, as well as numerous NERC/regional CIP user group meetings and conferences.  Ryan is an active member of the NERC Compliance Input Working Group (CEIWG) and the NERC Supply Chain Working Group.  Ryan is a Certified Information Systems Security Professional (CISSP) and Physical Security Professional (PSP) and holds a Bachelor’s Degree in Economics, International Relations and Marketing from the University of Minnesota.


Mitchell E. Needham, P.E.  Vice President – NERC Consultation Services O&P, Proven Compliance Solutions

Mitchell’s industry experience spans over 40 years in the electric power industry, including 28 years with the Tennessee Valley Authority prior to working for NERC. Mitchell is both a former NERC Readiness Auditor and Regional Compliance Oversight Liaison for two NERC Regions and received NERC and FERC training in reliability compliance auditing.  He has extensive experience conducting actual and mock audits of BES O&P and CIP Reliability Standards with expertise in protective relaying, process development, power system operations, reliability benchmarking, and compliance management. Mitchell is a registered Professional Engineer in the State of Tennessee, holding license #15926 and holds a Master of Science, Electrical Engineering (University of Tennessee – Chattanooga), & Bachelor of Science in Electrical Engineering (University of Tennessee – Knoxville).

Location

Hyatt Regency Suites Atlanta Northwest

2999 Windy Hill Rd SE

Marietta, GA 30067

Reserve your room:

please call 1-770-956-1234

Room Block Reserved For:

Nights of October 14 – 16, 2019

Room rate through EUCI:

$151.00 single or double plus applicable taxes
Make your reservations prior to September 14, 2019.

Register

Please Note: Confirmed speakers do not need to register and are encouraged to participate in all sessions of the event. If you are a speaker and have any questions please contact our offices at 1.303.770.8800

EventEarly Bird Before
Friday, September 27, 2019
Standard RateAttendees
NERC Compliance FundamentalsUS $ 1195.00 US $ 1395.00

This event has the following related events:

NERC CIP: A Deeper DiveUS $ 1195.00 US $ 1395.00

Take advantage of these discounts!

  • Attend the Course and NERC CIP: A Deeper Dive and pay US $ 1,995.00 per attendee (save US $ 395.00 each)

Register 3 Send 4th Free!

Any organization wishing to send multiple attendees to these conferences may send 1 FREE for every 3 delegates registered. Please note that all registrations must be made at the same time to qualify.

Cancellation Policy

Your registration may be transferred to a member of your organization up to 24 hours in advance of the event. Cancellations must be received on or before September 13, 2019 in order to be refunded and will be subject to a US $195.00 processing fee per registrant. No refunds will be made after this date. Cancellations received after this date will create a credit of the tuition (less processing fee) good toward any other EUCI event. This credit will be good for six months from the cancellation date. In the event of non-attendance, all registration fees will be forfeited. In case of conference cancellation, EUCIs liability is limited to refund of the event registration fee only. For more information regarding administrative policies, such as complaints and refunds, please contact our offices at 303-770-8800

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. more information

By clicking Accept or closing this message, you consent to our cookies on this device in accordance with our cookie policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. We use cookies during the registration process and to remember member settings.

Close