Wouldn’t it be great if we can track our cost of addressing audit deficiencies or mitigating the risks in compliance management, as easily as we track the maintenance requirements for our cars? Vasu Avadhanula (Vasu for short…) discusses how.
One of the key objectives of NERC is to improve the reliability of bulk electric systems in North America. A utility meets this objective by forming a comprehensive process and assigning responsibilities to personnel to execute the defined process. It is also important is to track how well this process is being implemented. Compliance team members typically juggle several roles in the NERC CIP and 693 compliance management processes involving one or more of the following.
- To be proactive in meeting NERC requirements by investing in the setting up of a dedicated compliance team with the necessary training and resources.
- To address the deficiencies identified in a bad audit, and as part of the remedial action, to strengthen the compliance function.
- Not having had a bad audit, to implement pragmatic processes and procedures to continue to improve the utility’s bulk electric system reliability and reduce risks.
The Problem in Tracking and Improving Action Plans
Despite implementing a robust, overall compliance management process with clearly identified and assigned tasks, utilizing subject matter experts (SME) from internal resources and/or industry consultants, it is difficult to know how well your program is, or is not, as effective as required or expected.
By installing a comprehensive, compliance management software platform with automated workflows, a utility can more quickly obtain the necessary oversight, identify what is working, what is not working, what can be improved, the gaps and risks in the process, thereby implementing more timely remedial measures.
In this blog, I discuss some of the ways in which utilities can track and monitor their compliance programs, how they can identify systems that are working well and areas for improvement. Examples of important questions with key performance indicators (KPI) that can easily be tracked in the compliance process are discussed.
K1: What is your current state of compliance?
K2: Can you drill down to see the compliance rates for individual standards that apply to you?
K3: Are you getting better at Identifying and Managing Risks?
How much time and resources do you spend identifying exceptions and compliance violations? For example, you are required to complete a log file review in 15 days. Do you know how often this took more (or less) than 15 days and by how much?
Based on pre-defined parameters, compliance software should be able to automatically trigger remedial actions.
- Are you able to identify gaps and risk faster (with automatic alerts)?
- Are you able to pre-define remedial measures and have them executed automatically?
- Are you able to apply automation to reduce human error, with improved accuracy and reliability?
- Are you able to automatically track employees’ training status and trigger required training tasks?
- Are you able to achieve better business continuity by ensuring reliable documentation of processes and procedures that are securely stored? Including: A) Periodic review, verification and updating of documentation as necessary? B) An easily accessible central repository of all process documentation? C) Version control for documentation to eliminate confusion?
K4: Are you efficient?
- Direct Cost? Do you have trend reports that track the overall cost of maintaining compliance over time? This could be measured by using as a proxy for cost, the number of hours spent on collecting the information over periods of time. For example, one customer saw a reduction of RSAW development time from 2000+ hours per year to less than 200 hours per year.
- Opportunity costs and Reducing Fines? What are your cost savings in being compliant, reducing the possibility of being fined?
K5: Are you improving? Are you able to track overall progress automatically?
SigmaFlow is a leading provider of Process Execution solutions. The company’s NERC Compliance Solution is a real-time, evidentiary based software solution that solves the challenges of CIP & 693 Compliance. The SigmaFlow Compliance Solution manages all documents, data, and work activities while automatically collecting and building the evidence for NERC compliance in a real-time repository. SigmaFlow products place a strong emphasis on embedding domain knowledge through a process-driven template-based-architecture. Contact us at email@example.com to learn more.