NERC 101
The “big reason” NERC standards exist: keeping this reliable.
What is the Bulk Power System (BPS), Bulk Electric System (BES), or “the grid”? (any are acceptable)
There are four core functions within NRCB. Name one.
What is Compliance Governance, Risk Management, Compliance Assurance, or Training and Outreach? (any one of those)
In simple terms, risk is what could go wrong and cause this.
What is noncompliance (or a reliability issue)?
A violation is the outcome when a requirement is not met—also called this.
What is noncompliance?
Controls aim for this level of confidence, not perfection.
What is reasonable assurance?
The general name for the rule sets like TOP, PRC, FAC, EOP, and BAL.
What are NERC Reliability Standards?
This establishes the organizational structure, program elements and roles and responsibilities for managing, executing, monitoring, and communicating on compliance activities.
What is the Internal Compliance Program (ICP)?
The process of identifying and prioritizing CDWR's NERC compliance risks
What is Risk Assessment?
One of the fastest ways to “turn a miss into a violation”: not being able to show proof (records).
What is missing evidence?
The most well-known monitoring activity where auditors review evidence and interview staff.
What is an audit?
In day-to-day terms, NERC compliance is “do the work and be able to show” this.
What is evidence (or documentation)?
If I have a suggestion for, or a request for NERC training, I ask this person.
Who is Ethan? / Training Lead
The process of addressing and monitoring CDWR's NERC compliance risks.
What is Risk Management?
Reporting of a potential violation voluntarily to WECC.
What is a Self-Report?
An audit conducted by a registered entity (for example, CDWR) that simulates an actual regulatory audit.
What is a mock (self or internal) audit?
The people who usually execute the compliance tasks (operations, planning, maintenance) are often called this.
What are SMEs (subject matter experts)?
The NRCB expert for submitting evidence to our regulator, WECC, is this person.
Who is Tony? / Compliance Assurance Lead
The policies, processes, technologies, and activities designed to prevent, detect, and correct noncompliance and operational failures within the NERC risk framework.
What are Internal Controls?
The act of stopping the current state of non-compliance—the immediate symptom.
What is Remediation?
The enforcement phase of NERC’s Compliance Monitoring and Enforcement Program in which an entity must submit a plan to correct the issue and prevent recurrence.
What is a Mitigation Plan?
A best practice for audits: keep evidence organized by standard and by this smaller unit.
What is the requirement?
Where the assignments of persons to standard requirements are documented.
What is the Standards Ownership Matrix?
The level of risk that exists before considering internal controls, driven by the nature of activities, systems, and operating environment.
What is Inherent Risk?
The process by which most enforcement actions are resolved, in which the entity stipulates to the facts of the violation and agrees to a penalty and a mitigation plan.
What is a Violation Disposition?
The plan WECC updates after an audit—typically within six months—to reflect audit results, control improvements, and changes to the monitoring strategy.
What is Compliance Oversight Plan (COP)?