This 2019 Reliability Review Subcommittee Annual Assessment (2019 Annual Report) was developed by the SERC Reliability Review Subcommittee (RRS). This assessment was developed based on data and narrative information collected by SERC from its Registered Entities to independently assess the long-term reliability of the SERC BPS while identifying trends, emerging issues, and potential risks during the ten-year assessment period. The Reliability Review Subcommittee (RRS), at the direction of SERC’s Engineering Committee, supported the development of this assessment through a review process that leveraged the knowledge and experience of system planners, RRS members, SERC staff, and other subject matter experts. This review process ensures the accuracy and completeness of all data and information. The SERC Engineering Committee reviewed and approved this assessment.
Spring Compliance Seminar Agenda Brochure
March 10 - 11, 2020 Charlotte, NC / WebEx
Agenda SERC is committed to providing training and non-binding guidance to industry stakeholders regarding emerging and revised Reliability Standards. However, compliance depends on a number of factors including the precise language of the Standard, the specific facts and circumstances, and the quality of evidence. Purpose : Provide all SERC registered entities with an update on Compliance Monitoring and Enforcement Program (CMEP) developments, lessons learned, and key messages. Note: Please be advised that photographs will be taken at the Spring Compliance Seminar for use on the SERC website, SERC marketing materials, and/or other SERC publications. By attending the Spring Compliance Seminar, you consent to SERC’s photographing and/or using your image and likeness as described.
Agenda WebEx Logon 2020 Outreach
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
The agenda allows time for Q&A after each presentation. Therefore, times listed may vary. WebEx begins at 9:30 a.m. (Eastern). Those who attend the entire seminar will receive a participation certificate. The certificate does not satisfy educational requirements such as NERC continuing education hours .
Tuesday, March 10, 2020
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
7:30 a.m.
Continental Breakfast Visit with Registered Entity Forum Steering Committee Members in VACAR Conference Room.
Welcome
Todd Curl, NCSO - SERC Senior Manager of Compliance Monitoring
8:00 a.m.
8:15 a.m.
Registered Entity Forum (REF) REF Steering Committee Members Whether attending the seminar or not, registered entities may submit questions prior to the seminar to REF Steering Committee members at the email links below for discussion during the REF session. Please submit questions by noon on March 9. Brandon Cain pbcain@southernco.com Southern Company Eric Jebsen eric.jebsen@exeloncorp.com Exelon Generation Sarah Snow ssnow@cooperativeenergy.com Cooperative Energy
2
Agenda
* * * WebEx Begins * * *
Agenda WebEx Logon 2020 Outreach
9:15 a.m.
Break
9:30 a.m.
Welcome WebEx Attendees
Todd Curl - SERC
and REF Recap
Senior Manager of Compliance Monitoring
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Jason Blake - SERC President & CEO
9:45 a.m.
SERC Update
10:30 a.m.
Break
10:40 a.m.
CMEP Processes
Todd Curl - SERC
- Inherent Risk Assessment (IRA) - Audit Notification Letter (ANL - Audit Process - Feedback Loop to IRA after Audit
Senior Manager of Compliance Monitoring
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
Scott Knewasser - SERC
Senior Manager, Risk Assessment & Mitigation
11:30 a.m.
New and Revised Standards Update SERC Staff - CIP-003-8 Security Management Controls Justin Kelly, Senior CIP Auditor / Presentation - CIP-005-6 Electronic Security Perimeter(s) - CIP-010-3 Configuration Change Management & Vulnerability Assessments Vijay Naik, CIP Auditor / Presentation - PRC-002-2 Disturbance Monitoring & Reporting Requirements - PER-006-1 Specific Training for Personnel - PRC-027-1 Coordination of Protection Systems for Performance During Faults Harry Spiess, O&P Auditor / Presentation
3
Agenda
12:00 p.m.
Lunch
Agenda WebEx Logon 2020 Outreach
1:00 p.m.
O&P Evidence Submittal Expectations SERC O&P Audit Staff
- Jin Chen, Associate O&P Auditor - Derek Lepresti, Compliance Auditor - Alex Shestopal, Associate O&P Auditor - Greg Tenley, Senior Compliance Auditor
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
1:30 p.m.
Building Internal Controls for NERC Andrew Ledoux, PE - Lafayette Utilities System Compliance Electrical Engineer III
2:00 p.m.
Break
2:15 p.m.
CIP-004-6
Justin Kelly - SERC Senior CIP Auditor
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
- Failure Modes
- Auditing
3:15 p.m.
Break
FAC-008 Audit Experience
James Vermillion - Associated Electric Cooperative Senior Transmission Planning Engineer
3:30 p.m.
FAC-008
Steve Rose - SERC O&P Auditor
4:00 p.m.
NAGF Overview & Activities
Brett Koelsch - Duke Energy Lead Compliance Analyst
4:15 p.m.
4
Agenda
4:30 p.m.
Patch Management
Bill Peterson - SERC Manager, Outreach & Training
Agenda WebEx Logon 2020 Outreach
Wrap-up
Todd Curl - SERC Senior Manager of Compliance Monitoring
4:55 p.m.
5:00 p.m.
Adjourn
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Wednesday, March 11, 2020
7:30 a.m.
Continental Breakfast Visit with Registered Entity Forum Steering Committee Members in VACAR Conference Room
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
* * * WebEx Begins * * *
Welcome: Day 2
Todd Curl – SERC Senior Manager of Compliance Monitoring Gaurav Karandikar - SERC Manager, RAPA & Technical Service
8:00 a.m.
Risk Management & Communication
8:05 a.m.
Using Internal Controls to Stephen Brown - SERC Prepare & Sustain CIP Audit Program Manager, CIP Monitoring
8:30 a.m.
8:45 a.m.
Lifecycle of a Violation
Drew Slabaugh - SERC Legal Counsel
9:05 a.m.
Break
5
Agenda
9:20 a.m.
Supply Chain Update
Brian Allen - NERC Senior O&P Auditor
Agenda WebEx Logon 2020 Outreach
SCS NERC Internal Controls
Randall Hubbard - Southern Company NERC Internal Controls Project Manager
9:50 a.m.
10:20 a.m.
Break
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
10:30 a.m.
CORES
Kevin Koloini - NERC Engineer & Project Manager, Registration Peter Heidrich - SERC Senior Coordinator, Certification & Registration
Align
Andrew Williamson - SERC Director, Reliability Assurance
11:25 a.m.
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
Wrap-up
Todd Curl - SERC Senior Manager of Compliance Monitoring
11:55 a.m.
12:00 p.m.
Adjourn
6
WebEx Logon
The WebEx session will be recorded. The recording will be posted to the SERC website and will, therefore, become public.
Agenda WebEx Logon 2020 Outreach
Tuesday, March 10, 2020
WebEx Begins at 9:30 a.m. (Eastern)
Join Webex meeting Meeting number (access code): 719 168 932 Meeting password: SERC Join by phone 1-408-792-6300 Call-in toll number (US/Canada) Wednesday, March 11, 2020 Join Webex meeting Meeting number (access code): 715 630 831 Meeting password: SERC Join by phone 1-408-792-6300 Call-in toll number (US/Canada)
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
WebEx Begins at 8:00 a.m. (Eastern)
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
Participants will be muted upon entry to eliminate background noise. Please send questions through the Chat feature. If your question is too lengthy to type, send a request through the Chat feature to be un-muted. Can't join the meeting? IMPORTANT NOTICE: Please note that this WebEx service allows audio and other information sent during the session to be recorded, which may be discoverable in a legal matter. By joining this session, you automatically consent to such recordings. If you do not consent to being recorded, discuss your concerns with the host or do not join the session.
7
2020 Outreach & Training Events
Compliance Seminars: Charlotte, NC / WebEx Event details and registration are available on the SERC website under Outreach / Upcoming Events.
March 11 Small Entity Seminar October 6 - 7 CIP Compliance Seminar November 10 - 11 Fall Compliance Seminar
MORE
8
2020 Outreach & Training Events
Webinar Series Event details are available on the SERC website under Outreach / Upcoming Events. No registration required.
May 11 July 27
Q2 2020 Open Forum Q3 2020 Open Forum
MORE
9
2020 Outreach & Training Events
System Operator Conferences Event details and registration are available on the SERC website under Outreach / Upcoming Events.
April 7 - 9
Greenville, SC
April 28 - 30 Greenville, SC August 25 - 27 Franklin, TN Sep 29 - Oct 1 Franklin, TN
MORE
10
2020 Technical Committee Meetings
Event details and registration are available on the SERC website under Outreach / Upcoming Events.
Technical Committee Meetings : Charlotte, NC / WebEx • Spring March 16 - 18 • Fall September 21 - 23 (Registration not yet open.)
Summer Regional Meeting / Pig Roast To Be Announced
11
Antitrust
• It is SERC’s policy and practice to obey the antitrust laws and to avoid all conduct that unreasonably restrains competition. This policy requires the avoidance of any conduct that violates, or which might appear to violate, the antitrust laws. • It is the responsibility of every SERC member, every SERC member employee who participates in SERC activities, and SERC staff personnel who may in any way affect SERC’s compliance with the antitrust laws to carry out this commitment . • Participants in SERC activities should refrain from the following prohibited discussions when acting in their capacity as participants in SERC activities: – Discussions involving pricing information, especially margin (profit) and internal cost – Discussions of a participant’s marketing strategies – Discussions regarding how customers and geographical areas are to be divided among competitors – Discussions concerning the exclusion of competitors from markets – Discussions concerning boycotting or group refusals to deal with competitors, vendors, or suppliers • Any other matters that do not clearly fall within these guidelines should be brought to the attention of the SERC office.
Agenda WebEx Logon 2020 Outreach
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
12
Confidentiality Policy
• Members of SERC committees may, in performing SERC functions, have to use information of a sensitive and commercial nature, including but not limited to that provided by SERC members and designated as “Confidential”, that SERC members customarily hold confidential and do not disclose publicly. • The SERC Confidentiality Agreement prohibits (i) the use of Confidential Information by Member Employees for other than SERC purposes and (ii) the disclosure of that information to any third party, unless disclosed to NERC pursuant to delegation agreement, or to a third party that has signed a Confidentiality Agreement with SERC. • If either you or your employer has not signed such an Agreement and/or your employer has not designated you as a Member Employee authorized to receive Confidential Information then you will not be given access to Confidential Information and you will be required to leave the meeting before any such information is disclosed, used, or discussed.
Agenda WebEx Logon 2020 Outreach
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
13
Standards of Conduct
• The Federal Energy Regulatory Commission’s Standards of Conduct for transmission providers forbid a transmission provider from providing an undue preference or advantage to any person and require transmission providers to treat all customers in a not unduly discriminatory manner. • All participants in the SERC Identified Reliability Risk Team are expected to abide by the restrictions in the Standards of Conduct. • During any meetings, discussions, or other activities of the SERC Identified Reliability Risk Team, all participants should: – Refrain from disclosing non-public transmission function information, which includes any information related to day-to-day transmission operations and planning, such as transmission outages and constraints. – Refrain from discussing any non-public transmission customer-specific information. – If any non-public transmission function information or non-public customer information is disclosed during a SERC Identified Reliability Risk Team activity, the participants receiving that disclosure should not further disclose that information to any marketing function employees within their organizations or use any other person as a conduit to disclose such information.
Agenda WebEx Logon 2020 Outreach
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
14
Acronyms
The master Acronym Reference Index is on the FAQ & Lessons Learned page of the SERC website under Outreach. It is updated following each outreach event.
Agenda WebEx Logon 2020 Outreach
ACC
Alternate Compliance Contact
AECI
Associated Electric Cooperative, Inc.
ATL
Audit Team Lead
BA
Balancing Authority
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
BCSI
BES Cyber System Information
BES
Bulk Electric System
BOTCC
(NERC) Board of Trustees Compliance Committee
BPS
Bulk Power System
CBT
Computer-based Training
CCC
Compliance and Certification Committee (NERC Committee)
CE
Compliance Exception
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
CEA
Compliance Enforcement Authority
CFR
Coordinated Functional Registration (formerly Type 2 Joint Registration Organization “JRO”)
CIP
Critical Infrastructure Protection (Family in NERC Reliability Standards)
CMAT
Controls Monitoring and Testing (Southern Company acronym)
CMEP
Compliance Monitoring and Enforcement Program
CMEP IP
Compliance Monitoring and Enforcement Program Implementation Plan
CORES
Centralized Organization Registration ERO System
COSO
Committee of Sponsoring Organizations (Treadway Commission)
CPC
Compliance Program Coordinators
DB
Design Basis
DP
Distribution Provider (Function)
DR
Data Request
EA
Enforcement Action
EACMS
Electronic Access Control and/or Monitoring Systems
EEI
Edison Electric Institute
15
Acronyms
EMP
Electromagnetic Pulses
EMS
Energy Management System
Agenda WebEx Logon 2020 Outreach
EOC
Extent of Condition
EPRI
Electric Power Research Institute
ERO
Electric Reliability Organization
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
FAC
Facilities, Design, Connections, and Maintenance (Family in NERC Reliability Standards)
FERC
Federal Energy Regulatory Commission
FFT
Find, Fix, Track (and Report process)
GAO
Government Accountability Office - audit
GO
Generator Owners
GOP
Generator Operators
GSC
Guided Self Certification
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
GSU
Generator Step-Up
G&T
Generation & Transmission
HV
High Volt
IDS
Intrusion Detection System
IRA
Inherent Risk Assessment
ISO
Independent System Operator
JRO
Joint Registration Organization
kV
Kilovolts (1000 volts)
LAFA
Lafayette Utilities System
LIBCS
Low Impact BES Cyber Systems (BES = Bulk Electric System)
LUS
Lafayette Utilities System
MANTIS
Modeling and Network Transmission Information System (AECI acronym)
MFA
Multifactor Authentication
MIDAS
Misoperation Information Data Analysis System
16
Acronyms
MLE
Motor Lead Extension
MRO
Midwest Reliability Organization (Region within the ERO Enterprise)
Agenda WebEx Logon 2020 Outreach
MRRE
Multi-Regional Registered Entity
MSA
Master Service Agreement
MVA
Mega Volt Amps
MW
Megawatt
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
NAGF
North American Generator Forum
NATF
North American Transmission Forum
NAVAPS
Notice of Alleged Violation(s) and Penalty or Sanction
NCSO
NERC Certified System Operator
NERC
North American Electric Reliability Corporation
NIST
National Institute of Standards and Technology
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
NOCV
Notice of Confirmed Violation
NOP
Notice of Penalty
O&P
Operations & Planning
PA
Planning Authority (Function)
PACS
Physical Access Control System
PCC
Primary Compliance Contact
PCO
Primary Compliance Officer
PEI
Protected Entity Information
PER
Personnel Performance, Training, and Qualifications (Family in NERC Reliability Standards)
PNC
Possible Noncompliance
PRA
Personnel Risk Assessment
PRC
Protection and Control (Family in NERC Reliability Standards)
Pre-NAV
Pre-Notice of Alleged Violation
PSP
Physical Security Perimeter
17
Acronyms
RAM
Risk Assessment & Mitigation
RAPA
Reliability Assessment and Performance Analysis
Agenda WebEx Logon 2020 Outreach
Regional Advanced Techniques Staff-Statistical (Audit tool used by US Dept. of Health & Human Services)
RAT-STATS
Reliability Coordinator (Function)
RC
REF
Registered Entity Forum
RFI
Request for Information
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
RSAW
Reliability Standards Audit Worksheet
RTCA
Real-Time Contingency Analysis
RTO
Regional Transmission Organization
SAGAS
Small Group Advisory Sessions
SAR
Standard Authorization Request
SC
Self Certification
SCADA
Supervisory Control and Data Acquisition
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
SCS
Southern Company Services
SCWG
Supply Chain Working Group
SFTP
Secure File Transfer Protocol
SME
Subject Matter Expert
SNOP
Spreadsheet Notice of Penalty
Security Operations Center or System Operator Conference
SOC
SPOC
Single Point of Contact
Transmission Owner (Function)
TO
Transmission Operator (Function) or Transmission Operations (Family in NERC Reliability Standards)
TOP
Transmission Planner (Function)
TP
TTP
Tactics, Techniques, and Procedures
UMR
User Management and Records
VPN
Virtual Private Network
Western Electricity Coordinating Council (Region within the ERO Enterprise)
WECC
18
Questions for SERC
FAQ Process
Entity Assistance
Agenda WebEx Logon 2020 Outreach
Topic
• General inquiries / FAQ
Support@serc1.org
• Seminar & Webinar Topic Suggestions • Media inquiries
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
• SERC Membership • SERC Committees • SERC Compliance & Committee Portal/Committee related issues • Registration and Certification Issues
SERCregistration@serc1.org SERCComply@serc1.org
• Compliance monitoring methods:
o Self-Certification o Self-Report submittals o Compliance data submittals
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
• Enforcement and Mitigation
o Mitigation Plan submittals • SERC Compliance & Committee Portal-Compliance related issues • Reliability Assessment data reporting
RAStaff@serc1.org
• Reliability Assessment forms • Annual Voting Rights • Reliability Data Reporting Portal • Industry Subject Matter Expert (ISME) Program
ISME@serc1.org
• Submitting an ISME application • Event Reporting
Reporting_Line_Sit@list-serc1.org
• Situational Awareness • Events Analysis
SAEA@serc1.org
19
Registered Entity Forum
If you have a question you would like to submit anonymously, you may do so by contacting one of the Registered Entity Forum Steering Committee members. Registered Entity Forum (REF) sessions are generally held during SERC seminars. However, REF Steering Committee members are gracious enough to assist registered entities within the SERC Region throughout the year. For your information, the REF is open to participation by all entities registered in the SERC Compliance Registry, regardless of membership status in SERC. The purpose of the REF is to promote compliance excellence, elevate the collective compliance culture, and strengthen reliability among all SERC Region registered entities. The REF is a self-directed forum that provides a safe harbor for registered entities to (1) exchange information, (2) share lessons learned, (3) discuss compliance issues of interest and importance, and (4) generate concerns and questions to be provided to SERC staff regarding compliance with SERC and NERC reliability rules, standards, and regulations. The REF Steering Committee is comprised of representatives from registered entities, and members are elected by the registered entities. Positions include representatives with both CIP and Operations & Planning expertise. If you would like to be on the committee, elections are held each fall. REF Steering Committee members are prohibited from disclosing to SERC the names of registered entities whose concerns or questions are discussed with SERC staff members. Should you have questions or topics that you would like to discuss with them, please feel free to contact the committee members listed on the CIP or Operations & Planning links above. Responses to previously submitted questions are available on the SERC website. From the SERC home page, select Outreach / Q&A and Lessons Learned. The REF Charter is posted to the SERC website. From the SERC home page, select Outreach / Registered Entity Forum. Elections are held each November, and committee members serve a two-year term.
Agenda WebEx Logon 2020 Outreach
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
20
REF Steering Committee
O&P Committee Member
CIP Committee Member Jennifer Blair, Compliance Specialist LG&E and KU Energy, LLC jennifer.blair@lge-ku.com
Agenda WebEx Logon 2020 Outreach
Brad Arnold, Manager, Policy & Compliance Ameren Missouri barnold@Ameren.com John Babik, Director Electric Compliance JEA babijj@jea.com Greg Davis, Regulatory Compliance Manager Georgia Transmission Corporation Greg.davis@gatrans.com Sarah Snow, Manager of Reliability Compliance Cooperative Energy ssnow@cooperativeenergy.com Bill Thigpen, Supervisor of Compliance Support PowerSouth Energy Cooperative bill.thigpen@powersouth.com Ryan Ziegler, Reliability Compliance Specialist Associated Electric Cooperative, Inc. rziegler@aeci.org
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Brandon Cain, CIP Compliance Assurance Manager Southern Company pbcain@southernco.com Eric Jebsen, PE, Senior Regulatory Engineer Exelon Generation eric.jebsen@exeloncorp.com
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
21
Brian Allen
NERC CIP Assurance Advisor
Agenda WebEx Logon 2020 Outreach
Brian serves as a CIP Assurance Advisor in the NERC Grid Assurance group. In this position, Brian works with the Assurance Team to provide oversight, guidance, and coordination in managing programs and processes to monitor, review, and evaluate program effectiveness of the Electric Reliability Organization (ERO) Enterprise implementation of risk-based compliance monitoring and adherence to the NERC Rules of Procedure, Compliance Monitoring and Enforcement Program, and approved delegation agreements. Brian joined the NERC CIP Assurance team in January 2019. Prior to NERC, Brian served as a Cyber Security Specialist at Georgia Systems Operation Corporation. In this role, Brian worked within Security Operations focusing on governance, risk, and compliance of the CIP Program.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
22
Jason Blake
SERC Reliability Corporation President and Chief Executive Officer
Agenda WebEx Logon 2019 Upcoming Events 2020 Outreach Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Mr. Blake is President and CEO for SERC and is passionate about SERC’s mission, which is to reduce risks and ensure a reliable, resilient, and secure electric grid across 16 central and southeastern states. He leads with a commitment to operational excellence, innovation, continuous improvement, and deploying resources in an effective and efficient manner that adds value. Prior to joining SERC, Mr. Blake spent almost nine years serving as the Vice President and General Counsel for SERC’s northern neighbor and sister region, ReliabilityFirst. During that time, he helped lead RF through its start-up phase and into a sustainable risk-based organization focused on ensuring a reliable, resilient, and secure electric grid across the Mid-Atlantic and Great Lakes regions of the U.S. Prior to this, Mr. Blake developed broad business and regulatory experience through his private practice with large, corporate law firms located in Pittsburgh, Pennsylvania and then in Cleveland, Ohio. Mr. Blake is a graduate of the Ohio State University and the University of Pittsburgh School of Law. He also served on the Board of Directors for the American Heart Association for the Cleveland Metropolitan Area and enjoys volunteering to coach his children’s sports teams.
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
23
Stephen Brown, MBA, CISM
SERC Reliability Corporation Manager, CIP Monitoring
Agenda WebEx Logon 2020 Outreach
Stephen joined the CIP Compliance audit team at SERC Reliability Corporation in September 2018. Previously, Stephen joined the NERC ERO at Georgia System Operations (GSOC) in 2006. While at GSOC, he managed and coordinated all Critical Infrastructure Protection (CIP) changes to ensure that stakeholders were aware of the change(s) and risks. He also ensured security controls were identified prior to changes and confirmed all documentation was complete. Stephen has over 15 years of information and operation technology experience with detailed knowledge in asset management, business continuity, disaster recover planning, incident response, policy administration, process improvement, and risk assessment. He has led a security and network operations center and managed multiple security and compliance projects. Stephen is a Certified Information Security Manager (CISM) and has been a Subject Matter Expert on standards CIP-006, CIP-007, and CIP-010 for multiple Critical Infrastructure Protection (CIP) audits. He is a new resident to North Carolina and holds a Masters of Business Administration (MBA) in Information Systems from Argosy University.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
24
Brandon Cain, MBA, CISSP, CCM
Southern Company CIP Compliance Assurance Manager
Agenda WebEx Logon 2020 Outreach
Brandon Cain joined SCS Operations Compliance in 2011 as a CIP Compliance Coordinator and was later promoted to CIP Cyber Compliance Assurance Manager. In this role, he provides strategic management of the Company’s CIP Compliance Program and oversees the implementation of cyber security initiatives intended to meet and maintain compliance with regulatory reliability standards impacting Transmission and Generation. His team provides crucial support to Company business unit management engaged in cyber compliance activities, prepares for audits and self-certifications, and handles routine regulatory compliance filings for the Company. Prior to joining Southern Company, Brandon served as Branch Chief, Tactical Exploitation Branch of the Counterterrorism Task Force, Defense Intelligence Agency. There, he managed multiple regional teams providing direct overseas intelligence support to agency and military operations and led the production of critical intelligence reports and assessments developed for government officials and senior military leaders. Brandon holds a B.S. in Information Systems Security Management and an M.B.A. from the University of Alabama in Birmingham. He has also obtained professional certifications as a Certified Information Systems Security Professional (CISSP), and a Certified Continuity Manager (CCM).
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
25
Jin Chen, MS
SERC Reliability Corporation Associated Operations & Planning Auditor
Agenda WebEx Logon 2020 Outreach
Jin Chen joined the SERC Reliability Corporation Operation & Planning Compliance Audit team in August 2019. Mr. Chen joined SERC in March of 2014 as an employee in the Engineer Rotation Program. After the 18 month rotation, Mr. Chen worked in the Risk Assessment & Mitigation team. His duties included Inherent Risk Assessments, Violation Processing, and Process Improvement and Tool development. In 2017 Mr. Chen transitioned to the SERC Analytics team where he led the development of multiple compliance application tools used for internal analysis of the SERC member companies. Mr. Chen has a Master of Science in Electrical Engineering from University of North Carolina at Charlotte and a Bachelor of Science in Electrical Engineering from University of North Carolina at Charlotte.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
26
Todd Curl, NCSO
SERC Reliability Corporation Senior Manager of Compliance Monitoring
Agenda WebEx Logon 2020 Outreach
Todd is currently responsible for managing all areas of Compliance Monitoring (in both Operations & Planning and Critical Infrastructure Protection areas). Previously he was Manager of Compliance Programs, which included Registration & Certification, Compliance Investigations, and Compliance Outreach. Todd joined SERC as an O&P Compliance Auditor in 2010, with about 29 years in the electric utility industry. Before joining SERC, Todd was a Senior System Operator at Southern Company’s Power Coordination Center in Birmingham, Alabama. Primary responsibilities included providing real-time monitoring and control decisions and direction for the 24/7 operation of the Southern Company bulk power system balancing area. He also was responsible for various aspects of reliably operating the bulk power system in a coordinated manner with the four Operating Company transmission control centers, generation operations, and neighboring utilities. He worked with a team of NERC certified operators balancing generation with load, keeping the transmission system reliable, and ensuring correct interchange power flows with neighbors. Todd also spent 10 years on Southern Company’s energy trading floor as an Energy Coordinator, providing economic evaluation and negotiation of next-hour power sales and purchases, and arranged for scheduling of transactions in a real time 24/7 operation. Todd also spent 17 years with Georgia Power Company as a Transmission Operator in Atlanta, and a Substation Maintenance electrician.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
Todd has a Bachelor of Science degree in Business Administration, and an Executive Certificate in Organizational Leadership from the University of Notre Dame. Todd is a NERC Certified System Operator with the Reliability Coordinator certification since 1999. Todd has also completed NERC Audit/Certification Team Leader training, and Compliance Investigations training.
27
Peter Heidrich, NCSO
SERC Reliability Corporation Senior Certification and Registration Coordinator
Agenda WebEx Logon 2020 Outreach
Peter joined the SERC Reliability Corporation in July 2019 as the Senior Coordinator of Certification and Registration. Peter is responsible for the administration of the SERC Functional Entity Registration and Certification processes, and is also responsible for the implementation and continued maintenance associated with the NERC Glossary of Terms definition of Bulk Electric System (BES) and administration of the Rules of Procedure (ROP) BES Exception Process. Previously Peter was with the Florida Reliability Coordinating Council, Inc. (FRCC) from August, 2008 to June 2019. As the FRCC Director of Reliability Performance & Registration, Peter was responsible for leading the Programs within the FRCC Region to enable the assessment and improvement in reliability performance of the FRCC BES. Responsibilities included Registration and Certification, Events Analysis and Situation Awareness, Reliability Standards Development, and System Operator Training. Within this capacity, Peter was responsible for the administration of the FRCC Functional Entity Registration and Certification processes, and was also responsible for the implementation and continued maintenance associated with the NERC Glossary of Terms definition of BES and administration of the ROP BES Exception Process.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
Peter served over eight years in the United States Navy in the Nuclear Power Program. Following his military service, he joined DTE Energy (Detroit Edison) in 1992 as a Nuclear Power Plant Operator at the Enrico Fermi II Power Plant (Newport, MI). In 1995, Peter transferred to the System Operations Department where he qualified as a System Operator, and obtained his NERC System Operator Certification. Peter also served in the position of Control Room Supervisor. From 2004 to 2008, Peter served as Manager-Protection Authority with the responsibilities of managing the Hazardous Energy Controls (Red Tag Protection) programs for the corporation. Peter holds a Bachelor of Science Degree in Business Administration, graduating with Honors, from the University of Phoenix. Peter has been a NERC Certified Reliability Coordinator since 2000.
28
Randall Hubbard
Southern Company NERC Internal Controls Project Manager
Agenda WebEx Logon 2020 Outreach
Randall Hubbard serves as the NERC Internal Controls Project Manager for Operations & Planning and CIP Internal Controls for Southern Company. Prior to his current role, he worked in Compliance Assurance for O&P Standards supporting compliance oversight programs. Randall has also spent time in the Sarbanes-Oxley (SOX) Internal Controls group and Internal Audit at Southern Company. He has extensive knowledge in COSO 2013 and Institute of Internal Audit Standards.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
29
Eric Jebsen, PE
Exelon Generation Senior Regulatory Engineer
Agenda WebEx Logon 2020 Outreach
Mr. Eric Jebsen has almost 40 years of experience in the nuclear industry at utilities, equipment suppliers, and consultants. Mr. Jebsen’s experience includes:
• Backup Compliance Contact for RF and SERC for Exelon Generation since 2010 • SERC Industry Subject Matter Expert (ISME) at GSOC CIP audit September 2017 • CIP Lead for SERC CIP audit of Exelon 2014 • Internal SME for CIP-NRC73.54 cyber security interface
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
• Group lead for BES Definition roll-out 2014 • Mock 693 audit of Calvert Cliffs station 2012 • SERC Data Collection Task Force contributor • Exelon Generation 2008-2010 Business Continuity Planning/Pandemic Planning Nuclear lead, including response to 2009 Swine Flu • Exelon Generation 2005-2008 Business Operations - responsible for annual business plans and monitoring generation fleet performance • Exelon Generation 1999-2005 Probabilistic Risk Analysis (PRA) Engineer at Quad Cities Station responsible for all manner of risk analysis to support operations, maintenance, and incident response; and served as Chair of the industry risk-informed maintenance committee • Duke Engineering 1998-1999 PRA and Fire Risk analysis for clients both national and international, including one month PRA training assignment in Saudi Arabia • PPL Corporation 1983-1998 various positions in Nuclear Fuels analysis, reactor core physics monitoring, PRA and Fire Risk analysis, including NRC Individual Plant Evaluation (IPE) and IPE for External Events, supporting the Susquehanna Station. • Babcock and Wilcox 1980-1983 field service engineer providing reactor startup and plant event analysis services to clients, generally in the Southeastern U.S. Mr. Jebsen received a BS in Nuclear Engineering at Purdue University, 1980, Cum Laude. He is a registered Professional Engineer in Pennsylvania. 30
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
Gaurav Karandikar, MS
SERC Reliability Corporation Manager, RAPA & TS
Agenda WebEx Logon 2019 Upcoming Events 2020 Outreach Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Gaurav Karandikar is the Manager, Reliability Assessment, Performance Analysis, and Technical Services with SERC Reliability Corporation. Mr. Karandikar has been with SERC for more than four years. The reliability assessment, performance analysis, and technical services group is responsible for providing value-added services to the SERC entities by engaging in a collaborative environment through various technical committees and their subgroups. Mr. Karandikar has over twenty years of industry experience with Siemens PTI, Ameren Services, and Alstom. Mr. Karandikar has a Master’s of Science in Electrical Engineering with a concentration in Power Systems from Missouri University of Science and Technology, Rolla, Missouri. Mr. Karandikar has a Bachelor of Science degree in Electrical Engineering from Malviya National Institute of Technology, India. In addition, Gaurav is a senior member of IEEE and has a Leadership Certificate from Cornell University.
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
31
Justin Kelly, PE, MS, CISSP
SERC Reliability Corporation Senior CIP Auditor
Agenda WebEx Logon 2020 Outreach
Justin joined the CIP Compliance audit team at SERC Reliability Corporation in September 2019. Previously, Justin Kelly was an Electrical Engineer with the Federal Energy Regulatory Commission in Washington, DC. He was a sub-team lead for both CIP Version 5 and CIP-014 FERC-led audits. Justin has also been involved in monitoring Standard Drafting Teams, drafting FERC Orders, reviewing CIP related sanctions filed or posted by NERC, and observing regional entity audits. He primarily focused on CIP Reliability Standards during his time at FERC, but also was a technical team lead for Geomagnetic Disturbance and Electromagnetic Pulse research and standards projects. Justin received a Master of Science in Electrical Engineering degree from Virginia Polytechnic and State University in 2009. He is a licensed Professional Engineer (PE) in the state of Maryland and is a Certified Information System Security Professional (CISSP).
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
32
Scott Knewasser, NCSO
SERC Reliability Corporation Senior Manager, Risk Assessment and Mitigation
Agenda WebEx Logon 2020 Outreach
Scott joined SERC Reliability Corporation with the integration of the Florida Reliability Coordinating Council (FRCC) Region in July 2019 as the Senior Manager, Risk Assessment and Mitigation. Previously, Scott was the Manager of O&P Monitoring at FRCC, where he was also a Senior O&P Compliance Engineer. Scott’s past utility industry experience includes Substation Engineering, Transmission Planning, Field Operations, Transmission Operations, and Operations Engineering. He graduated from Clarkson University with a Bachelor of Science in Electrical Engineering, and is a certified NERC System Operator at the Reliability Coordinator level.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
33
Andrew Ledoux, PE
Lafayette Utilities Systems Electrical Engineer III
Agenda WebEx Logon 2020 Outreach
Andrew Ledoux, P.E. is a Louisiana Licensed Electrical Engineer with nearly 16 years of engineering and management experience, which includes technical, administrative, and design implementation of SCADA Energy Control Systems, NERC CIP and NERC O&P Compliance Programs. Andrew graduated from the University of Louisiana in 2004 with a Bachelor of Science in Electrical Engineering, and is currently employed as a SCADA/Compliance Engineer with the Lafayette Utilities System (LUS) in Lafayette, Louisiana.
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
34
Derek Lepresti, NCSO
SERC Reliability Corporation Compliance Auditor
Agenda WebEx Logon 2020 Outreach
Derek Lepresti joined the O&P Compliance audit team at SERC Reliability Corporation in August 2019. Previously, Derek was a Senior System Operator with Duke Energy working the real time Transmission desk in the Charlotte ECC for past 4 plus years. He has also worked as a transmission system operator for 12 years (With Duke Energy and Allegheny Power / First Energy):
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
• Generation Dispatcher with Allegheny Power for 1 year. • Substation Electrician with Allegheny Power for 3 years • Power Plant Operator with Allegheny Power/ West Penn Power for 10 plus years Derek holds the following degrees/certifications: • ASB in Computer Information Management from Computer Tech in Pittsburgh, PA • NERC Certified System Operator (RC level) • PJM Transmission and Generation Certified • Completed PJM’s Initial Training Program • Completed Allegheny Power’s Substation Electrician Apprentice Program
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
35
Vijay Naik, CCNA
SERC Reliability Corporation CIP Auditor
Agenda WebEx Logon 2019 Upcoming Events 2020 Outreach Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Vijay joined the CIP Compliance audit team at SERC Reliability Corporation in January 2019. Previously, Vijay worked for Georgia System Operations Corporation (GSOC) since 2014. During that time, he served as Principal Engineer - Security & Compliance. While at GSOC, he worked in the areas of Cyber Security, Audit and Compliance, and System Administration. Vijay has more than 18 years of information technology experience in system/threat intelligence, network infrastructure monitoring and compliance. He holds CCNA (Cisco Certified Network Associate) certification. Vijay holds a Bachelor of Computer Science degree.
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
36
Bill Peterson, MBA, CRISC, CISM, CISSP
SERC Reliability Corporation Manager, Outreach and Training
Agenda WebEx Logon 2020 Outreach
Bill Peterson is the Manager, Outreach and Training with SERC Reliability Corporation, a corporation responsible for promoting and improving the reliability, adequacy, and critical infrastructure protection of the bulk power system in all or portions of 16 Southeastern and Central states. Previously, Mr. Peterson was the SERC Manager of Entity Assistance and IT focused on building strong security programs for our stakeholders and internally at SERC. Prior to that he manages the SERC CIPC as the Program Manager, Cyber Security in the Technical Resources department. When first hired, Mr. Peterson was a Senior CIP Engineer in the Compliance group supporting many compliance and risk mitigation efforts. Prior to joining SERC, he was a CIP Lead with Duke Energy working on various CIP projects, audit preparations, Mitigation Plans, Self-Reports, etc. Prior to that, Bill was a CIP Analyst and System Administrator with the New York Power Authority working on CIP audit preparations, system administration, network security, network operations, and IT project management. Mr. Peterson has a Master’s in Business Administration with a concentration on Information Technology Management from the State University of New York at Utica/Rome. Mr. Peterson has a Bachelor’s of Science degree with a dual major in Computer Engineering and Electrical Engineering Technology from
Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC Registered Entity Forum Speaker Bios Click on speaker’s name in agenda.
the State University of New York at Utica/Rome. In addition, Bill is Certified in Risk and Information System Control (CRISC), a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), and has a Leadership Certificate from Cornell University.
37
Steve Rose
SERC Reliability Corporation Senior CIP Auditor Steve joined the SERC in July 2019.
Agenda WebEx Logon 2019 Upcoming Events 2020 Outreach Antitrust Guidelines Confidentiality Policy Standards of Conduct Acronyms Questions for SERC
Before joining SERC, Steve worked at City Water Light & Power (CWLP) in Springfield, Illinois, where he spent over 17 year in various roles. He participated in all aspects of O&P and CIP Audits for assessment of Reliability Standards. Steve began his career at CWLP as a Planning Engineer in the CWLP Planning Department. He was responsible for the daily, near term, and long term planning models, MISO Generator Interconnection LGIA, and assessments. Steve also participated in an engineering orientation rotation which included training in each of the following departments in one year increments: Distribution, Substation, and Relay Departments. Later, Steve supervised the CWLP Planning Department. Most recently, Steve was the Superintendent of Compliance where he developed, implemented, and monitored the CWLP Internal Compliance Program. Steve was also the CIP Senior Manager from 2013- 2017 and participated in the transition from NERC Cyber Security Standards Version 3 to Version 5. Prior to CWLP, he held the position of General Engineer at the NERC Region Mid America Interconnected Network (MAIN) now Reliability First. For two years Steve was responsible for performing daily ATC, CBM, and TRM studies for the member control areas for real-time situational awareness and ATC. He also served
Registered Entity Forum REF Steering Committee Speaker Bios Click on speaker’s name in agenda.
as lead engineer for the MAIN Multi-Regional Modeling Working Group. Prior to beginning his career in the electric industry, Steve was in the United States Marine Corps for five years where he was an I-Level avionics technician on the F/A 18 Hornet. Steve has a B.S. in Electrical Engineering from Southern Illinois University. Steve is a NERC Certified Reliability Coordinator since 2012. Recently he completed the COSO Internal Control Certificate – IIA 2019 and COSO Enterprise Risk Management Certificate – IIA 2020. Steve is also a member of the Institute of Electrical and Electronic Engineers since 1997.
38
Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15 Page 16 Page 17 Page 18 Page 19 Page 20 Page 21 Page 22 Page 23 Page 24 Page 25 Page 26 Page 27 Page 28 Page 29 Page 30 Page 31 Page 32 Page 33 Page 34 Page 35 Page 36 Page 37 Page 38 Page 39 Page 40 Page 41 Page 42 Page 43 Page 44 Page 45Made with FlippingBook - Online magazine maker