AICPA SOC Service Organizations - Certrec

SPP Assessed $280,000 Penalty

Summary of NERC Penalties









Quarter 1




No sufficient alarm management in its Real-time Contingency Assessment (RTCA) system

Interconnection Reliability Operations and Coordination ‎(IRO) Standard

IRO-002-4 R4.6


NERC (the NCEA) determined that the Entity (SPP) did not have sufficient alarm management in its Real‐time Contingency Assessment (RTCA) system, resulting in disabled alarm flags for certain 345 kV and 500 kV Facilities. In total, the disabled alarm flags affected 1 percent of the total lines monitored by SPP (3 percent of the electrical capacity) and 8 percent of the total number of transformers (12 percent of transformer capacity). The cause of this violation was a database software issue and insufficient controls in process steps before the SPP put the model into the production EMS environment. NCEA determined that this violation posed a serious and substantial risk to the reliability of the bulk power system (BPS).


SPP is a Regional Transmission Organization (RTO) that is mandated by the Commission with ensuring reliable supplies of power, adequate transmission infrastructure, and competitive wholesale prices of electricity. Based in Little Rock, Arkansas, SPP has members in 14 states and a service territory spanning approximately 552,882 square miles that serves 18 million people. The SPP service territory includes more than 70,000 miles of high-voltage transmission lines; approximately 6,140 substations; and more than 1,162 generation plants. The SPP service territory has reached a coincident peak load of approximately 51 GW and has approximately 94 GW of generating nameplate capacity. SPP is registered on the NERC Compliance Registry as a Balancing Authority, Planning Authority/Planning Coordinator, Reliability Coordinator, Reserve Sharing Group, and Transmission Service Provider under NCR01143. SPP, in its capacity as a Reliability Coordinator, is subject to compliance with IRO-002-2 and subsequent versions of the Standard.

Description of Violation

This violation started on January 1, 2016, when the alarm flags were first disabled in the SPP RTCA system, and ended on May 15, 2017, when SPP restored the expected alarming functions in the SPP RTCA system.

On December 22, 2017, SPP submitted a Self-Report to SERC Reliability Corporation stating that, as a Reliability Coordinator, it was in violation of IRO-002-4 R4.6. SPP did not have sufficient alarm management in its Real-time Contingency Assessment (RTCA) system, such that alarms flags were disabled for certain 345 kV and 500 kV Facilities.

On January 1, 2016, a computer program used to verify SPP’s RTCA database began to disable alarm flags for certain 345 kV and 500 kV facilities. When the flag is disabled, the program does not report any real-time or potential post-contingent thermal overloads of that facility to the Energy Management System (EMS), creating a potential lack of operator awareness. At that time, SPP already used multiple validation steps to ensure that EMS alarm functions including RTCA alarms functioned properly; however, this condition went undetected.

On May 15, 2017, while applying a new database validation, SPP Operations Engineering staff discovered some of the alarm flags in the RTCA function were not set properly. After investigation, they determined that an earlier automated verification was disabling flags that affected alarming of some of an individual registered entity’s 345 kV and 500 kV facilities. SPP used data archives to reconstruct the events leading up to the discovery and to perform an extent of condition review, starting with January 1, 2016, when the issue first presented itself. SPP’s review demonstrated that it properly monitored facilities in other voltage levels and in other areas of its footprint and adjacent RC footprints. SPP’s problem did not affect alarming of the affected entity’s EMS.

SPP staff investigated the reason that the automated verification was corrupting the database and corrected the alarm flags. In doing so, SPP created a work-around in the production EMS environment to ensure it actively monitored and alarmed the affected Facilities. On May 15, 2017, the same day that it identified the issue, SPP restored the appropriate settings and resolved the alerting issue. SPP contacted the vendor to obtain a patch as a permanent fix.

The root cause of this violation was a database software issue and insufficient controls in process steps before SPP put the model into the production EMS environment.

NERC Standard at Issue

IRO-002-2, R4 – Each Reliability Coordinator shall have detailed real-time monitoring capability of its Reliability Coordinator Area and sufficient monitoring capability of its surrounding Reliability Coordinator Areas to ensure that potential or actual System Operating Limit or Interconnection Reliability Operating Limit violations are identified. Each Reliability Coordinator shall have monitoring systems that provide information that can be easily understood and interpreted by the Reliability Coordinator’s operating personnel, giving particular emphasis to alarm management and awareness systems, automated data transfers, and synchronized information systems, over a redundant and highly reliable infrastructure.

Basis for Penalty

According to the Settlement Agreement, NCEA has assessed a penalty of two hundred eighty thousand dollars ($280,000) for the referenced violation. In reaching this determination, NCEA considered the following factors:

1. The violation posed a serious or substantial risk to the reliability of the BPS. 

2. The Entity self‐reported the violation.

3. The Entity admitted to and agreed to settle the violation.

4. The Entity was cooperative throughout the compliance enforcement process.

5. The instant violation constituted the Entity’s first occurrence of violation of the subject NERC Reliability Standard.

6. The Entity had an internal compliance program at the time of the violation, which NCEA did not consider a mitigating factor.

7. There were no other mitigating or aggravating factors or extenuating circumstances that would affect the assessed penalty/disposition.

About Certrec:
Certrec is a leading provider of regulatory compliance solutions for the energy industry with the mission of helping ensure a stable, reliable, bulk electric supply. Since 1988, Certrec’s SaaS applications and consulting expertise have helped hundreds of power-generating facilities manage their regulatory compliance and reduce their risks.

Certrec’s engineers and business teams bring a cumulative 1,500 years of working experience in regulatory areas of compliance, engineering, and operations, including nuclear, fossil, solar, wind facilities, and other Registered Entities generation and transmission.

Certrec has helped more than 120 generating facilities establish and maintain NERC Compliance Programs. We manage the entire NERC compliance program for 60+ registered entities in the US and Canada that trust us to decrease their regulatory and reputational risk. Certrec is ISO/IEC 27001:2013 certified and has successfully completed annual SOC 2 Type 2 examinations.

For press and media inquiries, please contact