The North American Electric Reliability Corporation (NERC) develops and enforces rules and standards protecting the North American bulk power system, which serves more than 334 million people. In addition to developing reliability standards, NERC also conducts annual reliability assessments, monitors the bulk power system and educates, trains and certifies industry personnel. These rules and standards are constantly evolving, and they affect virtually everything we do in planning, operating, maintaining and protecting the grid on a daily basis.
We engage our employees through continuous communication about their contribution to AEP’s reliability compliance. This includes basic facility security measures, such as displaying an employee identification badge at all times; following facility access control policies like escorting visitors in secure areas; and maintaining strong passwords. Additionally, NERC requires a rigorous program to maintain and operate bulk electric system protection equipment. These security, operations and maintenance practices are necessary and effective in preserving the integrity of the services we provide and contribute to the safe operation of our assets.
The reliability standards in place today require processes and procedures to maintain and advance the reliability and resiliency of the bulk electricity system. Noncompliance with NERC reliability standards can lead to serious financial consequences and reputational risk. Maintaining a culture of compliance has been a priority for us and is reflected in the 2015 NERC audits.
In the fourth quarter of 2015, AEP went through two rigorous NERC audits, which covered Operations and Planning NERC standards. The auditors focused, in more detail than the past, on a reduced scope of requirements as a result of their newly implemented risk-based approach to compliance. Auditors requested supporting data for AEP’s procedures, policies and specific safeguards, and conducted on-site investigations and personnel interviews.
Although AEP officially received three possible minor violations in the audits, the auditors recognized AEP for its progress in achieving a strong compliance culture and identified several areas of best practices.
In addition to audits that focus on what is required today, we also need to be prepared for what might be required tomorrow. To that end, AEP participates in NERC’s cycle of enhancing existing and creating new requirements. AEP is in the final stages of achieving compliance with the most recent Critical Infrastructure Protection (CIP) Standards, which has an enforcement date of July 1, 2016.
We are testing many of our CIP processes in a trial compliance period in preparation for the deadline. Furthermore, AEP will be implementing the latest version of the protection system maintenance and testing Reliability Standard, PRC-005-6, which includes various scope and terminology changes.
Risk-Based Compliance Monitoring
Throughout 2015, NERC implemented risk-based compliance monitoring, which arose from its Reliability Assurance Initiative (RAI). Risk-based compliance monitoring allows NERC to focus its compliance monitoring activities around certain risk elements. NERC initiated RAI in 2012 as a means of shifting to a more collaborative process of identifying reliability risks and using that information to better gauge future compliance monitoring and enforcement efforts. On Feb. 19, 2015, FERC approved the transition to a risk-based approach, pending some modifications. We agree that this new reliability philosophy is much more effective and efficient because it allows us to focus on higher-risk issues, thereby boosting system reliability.