Electric utilities with bulk system assets must comply with NERC Reliability Standards, and it can be an extremely cumbersome process, especially when subjected to a regulatory compliance audit. Like most things, the more prepared utility personnel are with regard to an audit, the easier it becomes. This is why having written, well-thought-out processes and protocols for audit preparation is a key element of overall emergency preparedness.
I stumbled onto a great article from Navigant focused on 5 ways to prepare for an audit. The article goes pretty far down the rabbit hole, and as such provides a lot of detail around how to be prepared for a regulatory compliance audit. The 5 points in a nutshell follow.
5 Tips for Completing NERC Reliability Compliance Audits
- Form a collaborative team across the relevant subject matter experts and the regulatory compliance department to continuously monitor and incorporate into internal processes any changes to NERC’s Reliability Standard Audit Worksheet (RSAW), which outlines the requirements for utilities to demonstrate compliance.
- Establish a regular process to compile and update anything that can be used as evidence of compliance so that it can be seamlessly provided to auditors when the time comes.
- Provide all personnel involved in the audit process with training, and have a written succession plan in place for the group.
- Identify and document internal controls – utilities with strong internal controls are generally subjected to less monitoring from regulators.
- Conduct your own internal compliance audit to practice – just like with an emergency exercise, practice makes perfect.
If learning best practices for regulatory compliance audits is your cup of tea, I would definitely recommend checking out the article referenced above. In fact, I would encourage it because process excellence around the audit process is critical to developing an effective and efficient emergency preparedness plan.