Proven Compliance Solutions

Services

Compliance Solutions

Areas of Expertise

 

Compliance Program Development

Entities are required to develop governance, and operating compliance program documentation to address the fulfillment of their compliance obligations. An entity’s operating footprint and impact on the bulk power system is unique and complex. PCS can develop customized governance and operating documents that are designed to naturally produce the evidence of compliance regulators will be expecting to see.


RSAW Review & preparation

Reliability Standard Audit Worksheets are the work papers used by regulatory audit teams to understand the entity’s compliance position and provided evidence. Entities are required to provide the RSAW narrative of how compliance was met during an audit period and provide citations of the evidence used to support the compliance narrative. A well-written and organized RSAW can reduce the number of data requests from an audit team during the audit engagement. PCS offers assistance in reviewing an entity’s already prepared RSAWS and can offer recommendations to strengthen and clarify your compliance narrative and supporting evidence citations. PCS also offers assistance with RSAW preparation using entity provided information and evidence that will prepare the entity for the next audit engagement. Maintaining RSAWs in a near audit-ready condition is a beneficial component in an entity’s internal compliance program and monitoring activities.


compliance program management

PCS offers services to manage an entity’s compliance program and overall compliance effort that include tracking all requirements applicable to the entity, designing and developing governance and operations based documentation that address the entity’s regulatory compliance obligations, performing periodic updates to those developed documents as necessary, designing, developing and providing training for entity personnel, developing Reliability Standard Audit Worksheets (RSAWs), preparing required audit materials, and performing periodic regulatory reporting as requested by the regulator.


nerc alert support

NERC Alerts are issued to entities within the industry to address and mitigate emerging threats to the bulk power system. PCS offers Alert acknowledgement and response preparation assistance for NERC Alerts that have been issued to the entity.


SCIP - Standards compliance intelligence portal

Our Standards Compliance Intelligence Portal (SCIP) offers an effective and efficient solution to monitoring and managing the constantly changing regulatory requirements that are applicable to your NERC Registrations and applicable Region(s). From the beginning stages of new standards development, as well as any changes being made to existing standards, your login to SCIP will provide monthly changes in the regulatory environment and provide you with recommendations regarding compliance initiatives. SCIP provides an efficient way to stay up-to-date with industry news and developments that specifically apply to your registrations, simplifying how you manage compliance. SCIP is a user-friendly application developed and managed by the Reliability Compliance Professionals at PCS.


Gap analysis & mock audits

Regulators require entities to address all applicable regulatory obligations and remain in an audit-ready condition at all times. Internal compliance monitoring is a vital component for an entity to maintain its audit-ready condition. In addition, due to the technical nature of compliance requirements, an entity can fall out of compliance quite easily. If left undetected, the reliability risk exposure to the bulk power system and the entity’s operating and financial risk exposure due to a requirement violation will exponentially increase each day. PCS can assist entities by providing a periodic gap analysis designed to identify and address any gaps in the entity’s compliance approach and evidence. PCS also offers formal internal on-site and off-site mock audit services that evaluate the entity’s audit approach and evidence. PCS provided mock audits are a more comprehensive monitoring approach and designed to simulate an actual audit engagement from the regulator. A mock audit will assist the entity’s understanding of what to expect during an actual audit engagement, allocate appropriate resources to the effort, and prepare their personnel. Gap analysis and mock audits performed by a third-party are an excellent objective evaluation that measures the health of an entity’s compliance program.


customized training solutions

Training is a necessary activity for personnel to understand and fulfill their entity’s compliance obligations and satisfy reliability requirements. PCS can design and develop customized governance and operations training curriculum for your entity, and our experienced training instructors can provide quality instruction that leaves your personnel with the needed knowledge to understand their operational and compliance based roles and obligations.


active monitoring of ferc, NERc, & regional Development

The complexities of tracking the status of all entity applicable regulatory activities via individual regulatory and industry websites is a resource-intensive activity that present challenges and resource constraints to all entities. Lack of active monitoring may catch the entity off-guard to emerging threats, new requirement obligations, enforcement dates, and audit approaches used. PCS offers a subscription-based solution that collects the relevant regulatory information needed by the entity and provides it into one easily accessible location. Entities with a PCS Standard Compliance Intelligence Portal (SCIP) subscription no longer need to spend long hours retrieving necessary regulatory information. Subscriptions also include input from our PCS technical experts regarding the potential impact the information poses to your entity and provides recommendations for action where needed.



document management guidance

The burden of proof to demonstrate compliance with an entity’s applicable NERC and regional requirements result in vast amounts of evidence records that must be maintained and made available to a regulator upon request. An entity’s well-structured and organized document management approach is a leading indicator to regulators that evidence reviewed is likely to be reliable and credible. PCS offers document management guidance and record keeping strategies to assist entities with the structure, organization, and management of required evidence documentation.


internal controls review & development

Internal controls are the rules and mechanisms established by an entity to ensure their compliance obligations are being met. In recent years, NERC and regional entities have placed a targeted effort to measure the quality and sufficiency of an entity’s internal controls. PCS can assist entities with reviewing an entity’s existing internal controls and/or designing and developing robust internal controls that address the entity’s compliance obligations.


oati webcdms portal & reporting requirement oversight

Regulators have established compliance monitoring and enforcement methods that are used to perform their assigned oversight responsibilities. PCS offers assistance to entities with response preparation and guidance for self-certifications, self-reports, mitigation plans, Inherent Risk Surveys, spot check audits, and other compliance monitoring and enforcement related requests made to the entity by the regulator.


on-call support

Often times, an entity may not have the technical expertise internally to fully understand and develop the audit approach needed to comply with a given regulatory requirement, or an entity may simply wish to use an objective external third party to answer questions, provide guidance and advice in matters involving satisfaction of the entity’s regulatory obligations. Whatever the need may be, PCS on-call support services exposes the entity to years of seasoned technical expertise from our experienced PCS professionals on all matters related to governance, compliance management, critical infrastructure protection, and operations and planning activities.