NERC CIP Program Recovery

At a Glance

Challenge

A large electric utility had received an unfavorable audit that pointed to a significant programmatic breakdown and a lack of cultural understanding of NERC CIP standards. Significant gaps existed in the organization’s roles and responsibilities to provide governance and oversight for the standards and procedures needed to be better maintained or created to address gaps. The organization relied on manual methods to document and collect evidence. Operating and technical groups needed to understand the NERC CIP standards, requirements, and the implications of not complying. Enterprise and business unit leadership faced tight timelines to implement NERC Compliance Solutions and respond to audit findings and situations where the regulator or the board would not tolerate repeat issues.

Process

• Developed and updated NERC CIP compliance documentation, including seven technical program documents, 11 new CIP procedures, and more than seven updated procedures​
• Developed more than 25 PMs and entered them into the Maximo work management tool for recurring CIP requirements; allowed management visibility to oversee ongoing CIP tasks​
• Developed eight template job plans with work instructions​
• Delivered CIP technical instructor-led training at medium-impact facilities, providing direct training to more than 350 workers​
• Provided initial training to compliance managers and compliance analysts