Why Certrec?
Trusted By
“I like the broad overview of current events, operational issues/violations at operating plants, updates/issues with construction, and a look ahead at the industry’s next big thing.”
- Plant Manager, major power plant
“Certrec’s RegSource helps to keep me current with the NERC processes.”
- Compliance Professional, major utility company.
Track record
Over 300 NERC projects since 2015, with ZERO audit findings as a result.
Trusted advisor
Certrec has delivered hundreds of NERC compliance projects to over 100 NERC entities. Trusted advisor to 90% of the nuclear power industry.
I like the broad overview of current events, operational issues/violations at operating plants, updates/issues with construction, and a look ahead at the industry’s next big thing.
- Plant Manager, major power plant
Certrec’s RegSource helps to keep me current with the NERC processes.
- Compliance Professional, major utility company.
Track record
Over 300 NERC projects since 2015, with ZERO audit findings as a result.
Trusted advisor
Certrec has delivered hundreds of NERC compliance projects to over 100 NERC entities. Trusted advisor to 90% of the nuclear power industry.
Challenges of NERC Compliance
Ensuring NERC compliance requires overcoming key challenges:
- Complex Regulatory Requirements: Keeping up-to-date with new or revised standards can be overwhelming.
- Penalties for Non-Compliance: Non-compliance with NERC standards can lead to hefty fines, penalties, and reputational damage.
- Data Management: Siloed data hinders real-time, accurate information across all operational systems.
- Cybersecurity Threats: NERC’s cybersecurity standards (CIP-002) for Bulk Electric System (BES) cybersecurity and (CIP-014) for physical security require strict security compliance.
- Technology Integration: Upgrading legacy systems for monitoring, control, and communication for NERC compliance is costly and technically challenging.
- Audit and Reporting: Energy providers must be prepared for frequent audits and continuous compliance, which can be stressful.
- Staff Training and Awareness: Keeping staff trained on NERC requirements is costly and time-consuming.
- Coordination Across Multiple Stakeholders: Ensuring third-party compliance with NERC standards adds complexity for energy providers.
- Resource Constraints: Limited personnel, technology, and funding make managing compliance gaps challenging.
Navigating NERC compliance can be overwhelming, but with Certrec’s in-depth knowledge and experience, you can streamline the NERC audit process and mitigate risks effectively. Let our team help you stay ahead of regulatory challenges—reach out today to ensure compliance with confidence!
Why Certrec? Competitive Advantage
Certrec: Leading the Industry in NERC Compliance Excellence
Navigating NERC compliance can be overwhelming, but with Certrec’s in-depth knowledge and experience, you can streamline the NERC audit process and mitigate risks effectively. Let our team help you stay ahead of regulatory challenges—reach out today to ensure compliance with confidence!
Certrec Advantage
- Trusted Advisor: Certrec is a trusted advisor to more than 200 clients for NERC compliance. We currently manage the entire NERC compliance program for 80+ registered sites in the U.S., Canada, and Mexico.
- Industry Experience: With over 35 years of regulatory compliance expertise, Certrec is a trusted partner for energy providers navigating complex regulations.
- Relationships with the Regulators: At Certrec, our decades-long relationships with NERC and regional entities give clients early insights into new standards and a deep understanding of compliance intent.
- Secure and ISO Certifications: Certrec is an ISO/IEC 27001:2022 certified provider, completing yearly audits and SOC 2 Type 2 examinations.
- IT Excellence: We manage 4+ TB of industry regulatory data, with all data FedRAMP secure and stored in the U.S. For the past 7 years, our availability has been greater than 99.9%.
- Innovative Solutions and Risk Reduction: Certrec has implemented a proven and structured approach for NERC compliance utilizing Certrec NERCJoulesTM.
- Audit: Certrec is a trusted leader in audit services, collaborating with NERC and regional entities like WECC, TexasRE, and MRO.
- Compliance and Support: Certrec leads in NERC audit services, partnering with key regional entities and empowering compliance with its NERCSuite platform.
Products, Processes, and People
Certrec’s core business is compliance utilizing advanced technology, and it has been so for over three decades.
Products that help us to reliably reduce our clients’ risks include:
- CATS: Compliance Action Tracking System
- Taktix®: SaaS-based collaborative platform that auto-mates manual work processes
- RegSource®: Industry-leading source of NERC/NRC energy industry regulatory information
- Recall®: Web-based one-stop shop for compliance documents for FERC, all NERC regions, and ISOs/RTOs
- RSAWs (Reliability Standard Audit Worksheets): Web-based solution for creating, managing, and submitting RSAW documentation and evidence
- CORE (Certrec On-Demand Regulatory Expertise): Dedicated to NERC Regulatory Compliance, CORE support delivered over 6,000 hours of essential regulatory compliance and support services to clients in 2024.
Processes:
- Certrec’s proprietary “NERCJoules framework is a unique combination of proprietary software tools, the compliance hub (Certrec Portal), and Certrec’s people and training using proven processes that are implemented via Taktix and CATS.
Experienced Team:
- Certrec’s team comprises over 50 professionals with extensive regulatory experience, including former NERC auditors and industry experts, providing clients with deep insights into compliance requirements.
Â
Certrec Due Diligence Services
Is your company looking to purchase a new generating asset?
Proper regulatory due diligence is essential when purchasing new generating assets, as non-compliance with NERC regulations can result in reputational damage and fines of up to $2,000,000 per day. Identifying and mitigating regulatory risks early is crucial to protecting your investment and ensuring a smooth transition.
Essential Considerations for Due Diligence:
- Regulatory Compliance: Ensure a thorough understanding of NERC regulatory responsibilities when acquiring assets like substations or transmission lines to maintain compliance and operational continuity.
- Comprehensive Documentation: Maintain accurate technical records, including test and maintenance logs, to facilitate seamless audits and meet NERC compliance standards.
- Strategic Contracting: Structure contracts to promote mutual success, minimizing complexities while ensuring clarity, fairness, and long-term benefits for all parties.
- Risk Assessment: Conduct rigorous due diligence during mergers and acquisitions to identify and mitigate regulatory risks before finalizing transactions.
Improper due diligence can leave you liable for a previous owner’s non-compliance.Â
Certrec Comprehensive NERC Program Management Services
Certrec offers comprehensive NERC Compliance Program Management services designed to assist energy companies in maintaining compliance with NERC Reliability Standards. Key features of Certrec’s program management services include:
- Customized Internal Compliance Programs: Certrec develops tailored Internal Compliance Programs (ICPs) that align with an entity’s specific operations, aiding personnel in monitoring and managing NERC compliance effectively.
- Standard Program Management: Certrec’s team ensures that all applicable regulatory information is identified, evaluated, and tracked to maintain ongoing compliance. This includes maintaining site documentation and managing required program submittals.
- Audit Support and Engagement: Certrec provides comprehensive audit support, including evidence review and development, pre-audit strategy meetings, mock audits, Inherent Risk Assessments (IRAs), Internal Controls Evaluations (ICEs), and guided self-certifications.
- Training Services: Certrec offers both on-site and remote training covering NERC foundational information, standards, and more, ensuring that personnel are well-prepared to maintain compliance.Â
Critical Infrastructure Protection (CIP)
NERC’s CIP standards safeguard the cybersecurity of North America’s Bulk Electric System (BES) by enforcing strict controls on access, security, and incident response. Certrec’s NERCSuite, a web-based compliance platform, simplifies CIP compliance, reduces regulatory risk, and strengthens cybersecurity resilience for critical infrastructure.
Certrec’s Solutions for NERC CIP Compliance
- Asset Identification: We perform comprehensive reviews to verify that all BES Cyber Assets are properly identified and inventoried as the foundation for your program.
- Compliance Consulting: Our consultants assess your current low-impact policies, procedures, and controls to identify gaps and create a roadmap for improvement.
- Security Plan Development: We help craft a cyber security plan per CIP-003 tailored to your environment and risk profile.
- Vulnerability Assessments: Our team performs network scans and penetration testing to reveal vulnerabilities in your low-impact environments.
- Staff Training: We provide customized CIP training for all personnel tailored to their roles and responsibilities.
- Compliance Tools: We offer purpose-built SaaS solutions to support key aspects of compliance like change management, access controls, and evidence retention.
- Audit Support: We help entities prepare for audits and address any findings to achieve and maintain low-impact compliance.
With deep CIP expertise and practical experience, Certrec is an ideal partner for navigating all aspects of low-impact compliance. Our goal is to make compliance as painless as possible so you can focus on your core mission.
Contact us to find out how Certrec can help in CIP Standards compliance
Certrec Audit Support for NERC Compliance
NERC Compliance Audits Can Be Overwhelming— Stay Prepared and Confident
Your organization will be audited, and a NERC-failed audit can result in:
- Reputational Damage: This could adversely impact your organization’s leadership position in the industry.
- Financial Penalties: NERC may assess a maximum of $1 million per day per violation for a Reliability Standard Requirement violation.
- Certrec’s NERC Audit Support Services (NASS)—Proven Expertise, Zero Penalties: With on-demand audit support available within hours, NASS has helped utilities navigate over 1,000 audits, achieving 350 successful NERC audits with zero penalties since 2016. Trust Certrec to minimize risk and ensure compliance with confidence.
Audits are performed in three stages:
- Pre-Audit: Gathering evidence, aligning a secure evidence locker, completing RSAWs (Reliability Standard Audit Worksheets), conducting mock audits, and conducting gap analyses.
- During Audit: Providing in-meeting support to manage questions
- Post Audit: reviewing audit findings, examining key recommendations, and updating relevant documentation.
From pre-notification to post-audit implementation, we guide you through the entire process—ensuring compliance, reducing risks, and delivering a seamless audit experience.
Some of our satisfied customers:
