AICPA SOC Service Organizations - Certrec

Certrec Risk-based NERC Compliance – Results in Significant Audit Scope Reduction

Regional Entity reduced NERC audit scope by 96% for this Certrec client

Fort Worth, TX (PRWEB) May 11, 2016 — Certrec, a leading regulatory compliance and licensing service provider that supports NERC and NRC compliance, announced today that a registered entity customer had a regularly scheduled audit scope reduced by 96% after their regional entity reviewed their audit package. 

Recently, a registered entity was notified of an upcoming NERC audit. It would be the first in the Region using the new risk-based approach implemented by NERC in 2015. Certrec had prepared an Inherent Risk Assessment (IRA) for the entity which was provided to NERC along with its internal controls and evidence. 

Based on their review of the IRA and internal controls, NERC informed the entity that the audit scope was being reduced by approximately 96% 

“We were very pleased to learn about the regulator deciding to significantly reduce their audit scope. Certrec developed our IRA and has assisted our team with our NERC compliance program for several years now. The regulator’s decision to significantly reduce the scope saved us numerous hours in audit preparation,” entity NERC compliance associate. 

Background – The registered entity, with multiple functions including Generator Owner and Generator Operator, recognized the importance and cost savings of an established IRA. The registered entity recognized very early that they lacked sufficient resources to handle their entire NERC Compliance program. Certrec was chosen to support them by providing the necessary regulatory expertise to help the registered entity achieve their goal of continuous compliance. 

Significant investment – significant savings. Many registered entities, as well as regional entities, invest significant resources in audit preparation. Initially, the registered entity organizes and reviews RSAWs, procedures, policies, and evidence. SMEs (Subject Matter Experts) are identified and prepared for their role in the audit. Mock audits are held to prepare the team for a successful audit with their regional entity. During these activities, the regional entity is preparing for the audit: reviewing previous audits with the registered entity, deciding how many and what standards will be included in the audit, staffing, etc. 

When all aspects are considered, the registered entity and the regional entity, each have invested thousands of dollars in resources to prepare for an audit. Some estimates range from $75,000 to $100,000 for each entity. 

Determine current state of regulatory program – Many registered entities may find audit preparation challenging due to the dynamic, and, sometimes, complex technical nature of the associated regulations. Often these regulations can be misunderstood, and, in some cases, may go unnoticed by the registered entity. A proven regulatory program can provide significant savings. NERC pays close attention to entities that historically experience challenges in compliance, adding more frequent audits, increased in-depth reviews, and, possibly, fines. 

With Certrec your NERC work is done once and done right.

About Certrec:
Certrec is a leading provider of regulatory compliance solutions for the energy industry with the mission of helping ensure a stable, reliable, bulk electric supply. Since 1988, Certrec’s SaaS applications and consulting know-how have helped hundreds of power-generating facilities manage their regulatory compliance and reduce their risks.

Certrec’s engineers and business teams bring a cumulative 1,500 years of working experience in regulatory areas of compliance, engineering, and operations, including nuclear, fossil, solar, wind facilities, and other Registered Entities generation and transmission.

Certrec has helped more than 120 generating facilities establish and maintain NERC Compliance Programs. We manage the entire NERC compliance program for 60+ registered entities in the US and Canada that trust us to decrease their regulatory and reputational risk. Certrec is ISO/IEC 27001:2022 certified and has successfully completed annual SOC 2 Type 2 examinations.

For press and media inquiries, please contact marketing@certrec.com.

Share