NERC Reliability Standards compliance audits may vary somewhat from Region to Region; however, the attention to Risk and Internal Controls seem to be key factors within the audit process. Auditors are looking at an Entity’s approach to addressing and mitigating risk, as well as the specific Internal Controls that are in place and how well they are working. Understanding your Entity’s risks and the controls you have in place is an important step to a successful audit.
If your audit includes Critical Infrastructure Protection (CIP) Standards, another important step is understanding how to use the CIP Evidence Request Tool (ERT) and how to navigate through the Level 1/Level 2 RFI process. Understanding each request and providing complete and concise responses will save your Subject Matter Experts (SMEs) time and reduce additional data requests. Knowing how to organize your responses and associated documentation will keep the audit on track and may reduce the length of your audit and/or any possible extensions.
Proven Compliance Solutions Inc. can help you make your audit a success by providing training regarding risks and Internal Controls, as well as training on the CIP ERT. We also conduct mock audits, provide audit preparation support, SME audit interview training, and on-site or off-site support during your actual audit.
For more information on how we can assist your organization with its NERC Reliability Standards compliance needs, contact Dale Zahn at (509) 504-5496. To learn more about PCS, visit our website at www.provencompliance.com.