270 likes | 463 Views
NERC Compliance Manager Application Overview Andre Chon, Vice President AUS Consultants Steve Rossi, Managing Director Flexnova. Executive Summary.
E N D
NERC Compliance ManagerApplication OverviewAndre Chon, Vice PresidentAUS ConsultantsSteve Rossi, Managing DirectorFlexnova
Executive Summary NERC Compliance Manager coordinates and manages the monitoring of enterprise wide compliance to NERC and regional reliability standards for the electric utility industry. As such, the application acts as a centralized task and information coordinator between the various organizations within a utility. NERC Compliance Manager provides easy to use and repeatable task assignment, communication and reporting processes. In order to minimize disruption and complexity and ensure quick adoption, the application does not replace existing data repositories or applications within existing organizations. Instead, the application serves as a central repository of compliance forms and documents for the purpose of proactive assignment, tracking, and capturing of compliance activities. This provides compliance managers the information they need to be auditably compliant and gives them and auditing authorities convenient access to underlying compliance related data.
Application Overview Based on our understanding of the Electric Utility industry’s needs, we designed NERC Compliance Manager with the following attributes in mind: • Ability to store and manage the compliance, responsibility, accountability and audit-readiness of a holding company’s various legal entities for appropriate time periods relative to their functional roles as detailed by the NERC and regional standards • Enables proactive planning and delegation of tasks to address announced compliance schedules • Easy to use and manage • Capability to manage all compliance activities for approved standards, standards under development and retired standards • Pre-loaded with all NERC and applicable regional standards, requirements and measures • Automates the process of demonstrating “Auditably Compliant” status • Configurable to suit varying needs across multiple operating units • Appropriate visibility available to different levels of management as needed • Ability to manage all reliability related standards (NERC, RRO, ISO) • Rapid deployment within and across operating units • Leverages proven off-the-shelf technology • Reasonable investment in terms of cost and effort required
Features The following is a brief overview of some of the key features of the application: • Coordinated management of compliance across all legal entities and functional roles • Relational database which serves as system of record for legal entities, functional roles and corresponding NERC and regional standards, requirements and measures • Compliance dashboards • Look-back function showing which standards and requirements were applicable to each legal entity based on functional roles • Ability to produce electronic and hard copy documents for audit purposes • Compliance calendars and planning • Task assignment, tracking and escalation • Workflow • Automated audit preparation • Document indexing, storage and retrieval • Reports
Features (cont.) The following is a brief overview of some of the key features of the application: • Ability to effective date the addition and deletion of functional roles and legal entities as they relate to the NERC standards and applicable regional standards • Robust Search capabilities • Ability to automatically populate workspaces and repositories with template forms, documents and folder structures • Ability to view compliance information by approved or mandatory standards • Event based notification • Ability to add/modify/delete navigational elements of the application to suit business needs • Ability to expand and collapse standard requirement sections and sub-sections for granular or aggregated delegation and reporting
Application Scope • The application makes the interaction required by end users in general, and in particular, those in line of business functions, streamlined and accessible via commonly used mechanisms like email and SharePoint “MySite” or similar personalized web content. • The application stores standards and maps to entities by function such that standards applicable to each entity are easily identified. • The application captures attributes about standards and associated data including RRO’s, audit options and functions. • The application generates and maintains collaborative workspace areas based on the standards and entities that have been identified, entered and assigned (to leaders and assigned line of business employees). • The application captures “triggering” events and dates for each standard that initiate automated ongoing communication with identified responsible parties (to leaders and assigned line of business employees). • The application enables the capture and maintenance of various dates related to standards, entities, functions or other elements such that a historical “look back” capability exists where the status of compliance can be determined from a historical perspective. • The application has a configurable reporting mechanism that collates supporting data points and report on the status of compliance for a given standard.
Application Scope (cont.) • The application captures the approval of line of business employees who are responsible for adherence to designated standards. Captured approval can be recorded using electronic signatures applied to approval documents. • The electronic approval process can be integrated with Active Directory records and encrypted for security and integrity. • If electronic signatures are used, the application cost and end user impact will be greater in that more interaction will be required from the end users than a non-electronic signature based approval mechanism. • The application coordinates and reports but does not necessarily contain underlying data that may prove or disprove actual compliance to a given standard. (For example, in the case of tracking whether required training has occurred, the existing system used to schedule and manage training will capture and manage the actual training activities.) • The application enables systematic notification and approval gathering processes such that a central status mechanism is in place tied to the standards. • Keeping the application independent from various departmental record keeping systems minimizes the overall complexity of systems integration as well as the level of process change required within the assigned reporting organizations. (For example, if a specific training schedule for a given class is required, the existing training system will provide such detail.)
Approach and Background Information • The NERC Compliance Manager application was developed in close consultation with various electric utilities. Our prospects and advisors include AEP, PHI, ConEdison, Constellation Energy, KCP&L and Sempra Energy. • The NERC Compliance Manager application leverages the already proven regulatory compliance framework (CaseWorks) we developed to help Utilities manage their rate case and regulatory activities. Current CaseWorks customers: PHI, Constellation Energy, ConEdison, AEP, CenterPoint Energy, Kansas City Power and Light, APS, Washington Gas, Otter Tail Power. • We combine extensive utility industry experience (AUS’s 40 years in the business) and technology expertise (Flexnova) to deliver an application which can be configured and deployed with minimal customization and effort. • The software license cost includes training for all users. • The software maintenance agreement entitles you to take advantage of all subsequent enhancements we make to the application for other customers. Example: Constellation Energy, our first CaseWorks customer, has benefited from the addition of more new features and functions than those that were part of the original application. • We have an excellent reputation for being easy to reach and responding quickly to customer questions and issues.
Approach and Background Information (cont.) • Users Group Conference - As we have done with CaseWorks, we plan to hold annual Users Group meetings to provide our NERC compliance customers a forum to share best practices and exchange ideas for dealing with evolving NERC compliance standards. • Our software is built on top of Microsoft SharePoint, a widely used and industry accepted technology platform. • We expect that NERC and regional standards will be in a state of flux for the foreseeable future because the mandatory compliance process is something new to both the regulators and the utilities. We will be actively monitoring the situation and collaborating with customers and regulatory bodies to make sure that our application continuously evolves to enable customers to meet all regulatory requirements.
Timeframe • We project the production version of the application to be deployed within as little as two months following requirements definition and prioritization of functionality for initial deployment. • Why can we do this so quickly? Because we leverage already developed functionality from the alpha version of the application. Also, using our SharePoint-based business process support framework enables most needs to be met via configuration as opposed to building custom code. • The rollout of this application is comparable in terms of timing and effort to what we did for Constellation Energy two years ago. Because they had a fixed date for when they planned to file their rate case, they gave us only two months to define requirements and configure the rate case management application. We completed the project two days early and on budget. We can arrange a reference call with Constellation if desired.