Agenda Board of Directors • Compliance Committee August 29, 2018 • 1:00 PM – 3:00 PM (ET) ReliabilityFirst Corporation 3 Summit Park Drive, Suite 600 • Cleveland, OH 44131 Room: 5 th Floor Conference Center Attire: Business Casual Open Agenda 1. Call to Order and Appoint Secretary to Record Minutes Presenter: Brenton Greene, Chair 2. Antitrust Statement Presenter: Brenton Greene, Chair 3. Approve Compliance Committee Meeting Minutes Presenter: Brenton Greene, Chair Reference: Draft Minutes for the May 23, 2018 Compliance Committee Meeting Action: Approve Minutes 4. Overview of Registry and IRA Progress Presenter: Tony Jablonski Description: Mr. Jablonski will provide an overview of the ReliabilityFirst Registry and discuss progress made on completing Inherent Risk Assessments for all ReliabilityFirst Registered Entities. Reference: Presentation Action: Information and Discussion 5. Culture of Security Presenter: Kevin Ball and Joseph Robinson, DTE Energy Description: DTE Energy will discuss its efforts to develop and foster a culture of security across its entire organization. Reference: Presentation *to be provided upon receipt Action: Information and Discussion 6. Violation Trends Presenter: Kristen Senk Description: Ms. Senk will provide an update on current activity in the CIP and Operations and Planning Reliability Standards context. She will also discuss ReliabilityFirst’s efforts to better understand and perform appropriate outreach to help address identified causes.
29
Embed
Agenda Board of Directors Compliance Committee of Directors Library...2018/08/29 · DRAFT Minutes Board of Directors • Compliance Committee May 23, 2018 • Cleveland, OH ReliabilityFirst
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Agenda Board of Directors • Compliance Committee August 29, 2018 • 1:00 PM – 3:00 PM (ET)
ReliabilityFirst Corporation 3 Summit Park Drive, Suite 600 • Cleveland, OH 44131 Room: 5th Floor Conference Center Attire: Business Casual
Open Agenda
1. Call to Order and Appoint Secretary to Record MinutesPresenter: Brenton Greene, Chair
3. Approve Compliance Committee Meeting MinutesPresenter: Brenton Greene, Chair Reference: Draft Minutes for the May 23, 2018 Compliance Committee Meeting Action: Approve Minutes
4. Overview of Registry and IRA ProgressPresenter: Tony Jablonski
Description: Mr. Jablonski will provide an overview of the ReliabilityFirst Registry and discuss progress made on completing Inherent Risk Assessments for all ReliabilityFirst Registered Entities.
Reference: Presentation Action: Information and Discussion
5. Culture of Security
Presenter: Kevin Ball and Joseph Robinson, DTE Energy Description: DTE Energy will discuss its efforts to develop and foster a culture of
security across its entire organization. Reference: Presentation *to be provided upon receipt Action: Information and Discussion
6. Violation TrendsPresenter: Kristen Senk Description: Ms. Senk will provide an update on current activity in the CIP and
Operations and Planning Reliability Standards context. She will also discuss ReliabilityFirst’s efforts to better understand and perform appropriate outreach to help address identified causes.
Compliance Committee • Agenda
August 29, 2018
2
Reference: Presentation Action: Information and Discussion
7. FERC Order Expanding Cyber Security ReportingPresenter: Matt Thomas Description: Mr. Thomas will provide an overview of the recent FERC Order 848
expanding cyber security incident reporting. Reference: Presentation Action: Information and Discussion
8. Next MeetingNovember 28, 2018 • Washington, DC
Closed Agenda
9. Confidential Compliance and Enforcement MattersPresenter: Description: Reference: Action:
Jeff Craigo and Jason Blake Mr. Craigo and Mr. Blake will present confidential matters. Confidential Documents Information and Discussion
10. Adjourn
Roster • Compliance Committee
Brenton Greene, Chair • Independent (2019) Larry Irving, Vice Chair • Independent (2018) Ken Capps • At-Large (2019) Patrick Cass, • Independent (2020) Michael Bryson • RTO (2018)
Draft Minutes for the May 23, 2018 Compliance
Committee Meeting
Separator Page
DRAFT Minutes Board of Directors • Compliance Committee May 23, 2018 • Cleveland, OH
ReliabilityFirst Corporation 3 Summit Park Drive • Cleveland, OH 44131
Open Session
Call to Order – Chair Brenton Greene called to order a duly noticed open meeting of the Compliance Committee on May 23, 2018, 2018 at 1:00 pm (ET). A quorum was present, consisting of the following members of the Compliance Committee: Brenton Greene, Chair; Larry Irving, Vice Chair; Michael Bryson; Ken Capps; and Patrick Cass. A list of others present during the Compliance Committee meeting is set forth in Attachment A. Appoint Secretary to Record Minutes – Chair Greene designated Megan Gambrel as the secretary to record the meeting minutes. Antitrust Statement – Chair Greene advised all present that this meeting is subject to, and all attendees must adhere to, ReliabilityFirst’s Antitrust Compliance Guidelines. Approve Compliance Committee Meeting Minutes – Chair Greene presented draft minutes for the March 14, 2018 Compliance Committee meeting, which were included with the agenda package. Upon a motion duly made and seconded, the Compliance Committee approved the minutes as presented. PJM CIP Security Segmentation – Bryon Koskela and Steve McElwee from PJM Interconnection, LLC (PJM) provided an overview of PJM’s network segmentation project to continuously improve the security and compliance of its operations. They discussed the drivers for the project and PJM’s process for selecting a vendor. Mr. Koskela and Mr. McElwee then provided an overview of how network segmentation works, and how it can help mitigate various risks facing entities, including malware, delayed patching, insider threats, and vulnerabilities from legacy systems.
2017 RF Regional Risk Assessment – Ray Sefchik provided an overview and led a discussion on the 2017 ReliabilityFirst Regional Risk Assessment (RRA) and the RRA process. He explained how the RRA provides an overview of the inherent, emerging, and identified risks in ReliabilityFirst’s footprint, and informs ReliabilityFirst’s risk-based activities and communications. Mr. Sefchik discussed the key risks identified in the 2017 RRA, which include Critical Infrastructure Protection (CIP); protection systems; monitoring and situational awareness; supply chain risk management; planning and system analysis;
Compliance Committee Minutes May 23, 2018
2
and human performance. He also discussed emerging risks such as fuel diversity impacts and the aging workforce. The Compliance Committee also discussed the creation of the internal RRA report, and encouraged staff to consider how to create a sanitized version of the report that can be shared with entities. Implementation of the ERO CMEP Tool – Tony Jablonski provided an overview of the implementation of the ERO Compliance Monitoring and Enforcement Program tool (CMEP Tool). He discussed the objectives of the CMEP Tool, which include increasing efficiencies through collaboration tools; ensuring consistency in practices and data gathering; and reducing the combined NERC and Regional Entity IT capital investments. Mr. Jablonski outlined the functions of the CMEP tool, and the areas it will support (e.g., enforcement processing, data submittals). He discussed ReliabilityFirst staff’s involvement in the CMEP Tool project, and the milestones and timeline for the project.
Mr. Jablonski then discussed challenges and considerations associated with the project, including compromises and consensus needed to harmonize business processes; ensuing timely execution; and data conversion from legacy systems.
Hearing Update – Patrick O’Connor provided an update on proposed revisions to the NERC Rules of Procedure’s hearing process, which include an option to move the hearing process from the Regions to NERC. Mr. O’Connor explained that the goals of the proposed revisions are to streamline costs and promote efficiency; enhance consistency; and eliminate ex parte concerns. He stated that the proposed revisions are pending approval with FERC. Following FERC approval, staff will seek the Compliance Committee’s endorsement of the revisions for approval by the Board. The Compliance Committee also discussed NERC and the Regions’ process to identify and select potential hearing officers. Next Meeting – Chair Greene noted that the next Compliance Committee meeting will occur on August 29, 2018, in Cleveland, Ohio. At 2:36 pm, Chair Greene moved the Compliance Committee into closed session. All guests recused themselves at this time.
Closed Session
Confidential Compliance & Enforcement Matters – Jeff Craigo and Jason Blake led a discussion on confidential Compliance and Enforcement matters.
Adjourn – Upon a motion duly made and seconded, Chair Greene adjourned the Compliance Committee meeting at 3:08 pm (ET).
Compliance Committee Minutes May 23, 2018
3
As approved on this __ day of August, 2018, by the Compliance Committee,
Jason Blake Vice President General Counsel & Corporate Secretary
Compliance Committee Minutes May 23, 2018
4
Attachment A
Others Present During the Compliance Committee Meeting Lisa Barton • American Electric Power Charlie Berardesco • NERC Jason Blake • ReliabilityFirst, Vice President, General Counsel & Corporate Secretary Larry Bugh • ReliabilityFirst Jeff Craigo • ReliabilityFirst Rob Eckenrod • PJM Scott Etnoyer • Talen Energy Tim Gallagher • ReliabilityFirst, President & CEO Michael Gildea • FERC Megan Gambrel • ReliabilityFirst Tony Jablonski • ReliabilityFirst Bryon Koskela • PJM Deandra Williams-Lewis • ReliabilityFirst Jeff Mitchell • ReliabilityFirst Lou Oberski • Dominion Ray Palmieri • ReliabilityFirst, Senior Vice President Patrick O’Connor • ReliabilityFirst Matt Paul • DTE Energy Joe Robinson • DTE Energy Ray Sefchik • ReliabilityFirst Kristen Senk • ReliabilityFirst Susan Sosbe • Wabash Valley Power Association Lori Spence • MISO Eric Stephens • MISO Jennifer Sterling • Exelon Jody Tortora • ReliabilityFirst Jim Uhrin • ReliabilityFirst Lynnae Wilson • Vectren
Presentation
Separator Page
Overview of Registry and IRA Progress
Anthony Jablonski – Manager, Risk Analysis & Mitigation