AICPA SOC Service Organizations - Certrec

Regulatory Compliance Expert Certrec is Available to Assist Customers with NERC/FERC Physical Security Challenges

Certrec’s Office of NERC Compliance offers cost effective solutions that can help Entities understand and better manage new physical security guideline.

Fort Worth, TX (PRWEB) March 26, 2014 — Certrec, a leading licensing and regulatory compliance service provider that supports NRC and NERC compliance, is pleased to announce their expertise and availability to support utilities and operators with NERC/FERC physical security needs as they develop. 

Issued earlier this month, FERC’s order, taking major action that will impact the owners and operators of assets where damage may affect reliable operations of the grid, requires NERC to develop physical security standards applicable to all owners and operators of Bulk-Power System assets. The order emphasizes the Commission’s growing concerns over physical security of and security threats to the power system infrastructure, especially in light of vulnerabilities exposed in last years sophisticated attack on Pacific Gas & Electric’s Metcalf substation in California. 

“We see many companies touting physical security experience, but we believe utility experience is critical to a successful program. Providing physical security to protect an asset that is essentially a box or building is inadequate. It is important to understand the total asset and all of its potential vulnerabilities. A complete understanding of a location’s security vulnerabilities, operations, and the specific technical aspects is important for an effective program,” says Mike Shannon, Certrec Physical Security Consultant. 

According to FERC Docket No. RD14-6-000, issued on March 7, 2014, “The reliability standard mandates that owners and operators of the bulk-power system take at least four steps to protect physical security: 

  1. Owners and operators must perform a risk assessment of their system to identify facilities that, if rendered inoperable or damaged, could have a critical impact on the operation of the interconnection through instability, uncontrolled separation, or cascading failures of the bulk-power system. 
  2. Owners and operators of critical facilities must evaluate potential threats and vulnerabilities to those facilities. 
  3. Owners and operators must develop and implement a security plan to address potential threats and vulnerabilities. 
  4. The risk assessment used by an owner or operator to identify critical facilities should be verified by an entity other than the owner or operator.” 

The Commission has directed NERC to submit the proposed Reliability Standards to the Commission within 90 days of the date of the order. 

“Certrec’s extensive operations and engineering capabilities compliment our many years of regulatory experience. Additionally, for our nuclear customers, regulatory-mandated physical security has been a part of our regulatory landscape for many years. This combination is essential for crafting an effective physical security program,” says Ted Enos, Certrec President.

About Certrec:
Certrec is a leading provider of regulatory compliance solutions for the energy industry with the mission of helping ensure a stable, reliable, bulk electric supply. Since 1988, Certrec’s SaaS applications and consulting know-how have helped hundreds of power-generating facilities manage their regulatory compliance and reduce their risks.

Certrec’s engineers and business teams bring a cumulative 1,500 years of working experience in regulatory areas of compliance, engineering, and operations, including nuclear, fossil, solar, wind facilities, and other Registered Entities generation and transmission.

Certrec has helped more than 120 generating facilities establish and maintain NERC Compliance Programs. We manage the entire NERC compliance program for 60+ registered entities in the US and Canada that trust us to decrease their regulatory and reputational risk. Certrec is ISO/IEC 27001:2022 certified and has successfully completed annual SOC 2 Type 2 examinations.

For press and media inquiries, please contact