AICPA SOC Service Organizations - Certrec

Avoiding Audit Failures – Internal Controls to Tighten Your NERC Compliance

Avoiding Audit Failures Internal Controls to Tighten Your NERC Compliance - certrec

Asset managers, compliance managers, facility managers and company officers have to ensure that objectives are being met for key process activities related to ongoing compliance with NERC, FERC, environmental, and local regulations and requirements.

What do Internal Controls do for you?

An effective internal controls program

  • is primarily to assist in compliance with NERC Standards and Requirements.
  • makes operations more efficient.
  • helps to further protect company assets.

A well-designed internal controls program is a crucial part of an entity’s ability to achieve its operational, strategic, and compliance objectives.

What do you need to consider?

Your internal controls processes should be designed to

  • minimize risks and protect assets,
  • ensure accuracy of records,
  • promote operational efficiency, and
  • encourage adherence to rules, and regulations via procedures and policies.
What is the foundation of an Internal Controls program?

The four key elements of an internal controls program are risk assessment, design, implementation, monitoring to determine if controls are operating as designed, and evaluating whether the internal controls are efficient.

Avoiding Audit Failures Internal Controls to Tighten Your NERC Compliance - certrec

Entities that design their internal controls program to address all key elements will be able to identify and prioritize risk and develop internal controls to mitigate risks effectively. By implementing processes to monitor and evaluate internal controls, entities can ensure they are meeting their objectives efficiently and are responsive to their organization’s changing needs.
By designing and implementing a robust internal controls program, you can be confident that you understand your compliance risks, are managing them through monitoring and evaluation, and have assurance about your compliance status.

What’s in it for you?

Efficient internal controls programs can protect company assets and operation efficiency as well as improve the cost effectiveness of your compliance program’s activities and ensure your readiness for audits, spot-checks, routine data submittals, and other regulatory obligations.

What can you do?
  • Assess the four key elements of your internal controls program.
  • Are you undertaking risk assessment, and if so, how?
  • Design an internal controls program that prioritizes and minimizes risk.
  • Monitor whether the controls are operating as designed.
  • Evaluate whether these controls are efficient.

In our next few blogs, we will discuss in more detail the four key elements to an effective internal controls program.

Disclaimer: Any opinions expressed in the blog do not necessarily reflect the opinions of Certrec. The content of this blog is meant for informational purposes only.