Search
`
September 28, 2024
Stakeholder Soapbox: Your Audit Report may be Worthless
Dec 24, 2017
A good audit report isn't enough to protect utilities from federal penalties after a reliability event, argues former NERC official Terry Brinker.

By Terry Brinker

If you are like me, some sounds drive you crazy. For example, nails raking across a blackboard have always made me cringe. Recently, another sound or comment has given me that same response. When I speak with companies about doing a compliance assessment, an internal controls evaluation or even a mock audit, often I hear, “We are good; we passed our most recent audit.” Someone may as well have just raked his or her nails across a blackboard.

NERC FERC audit

Just ask the entities involved in the 2011 Southwest Blackout how passing an audit helped their case in the subsequent investigation. I will tell you. It did not help. Federal regulators assessed $37 million in fines and penalties as a result of that event. Arizona Public Service was assessed a penalty of $3.25 million despite having passed an audit earlier in the year. The Western Electricity Coordinating Council and Peak Reliability, WECC’s successor as the reliability coordinator for most of the Western Interconnection, was penalized $16 million. Peak had recently passed a NERC certification, which is essentially an audit of an entity’s readiness and capabilities. No one received a get-out-of-jail-free card.

Entities have regarded a good audit report as proof that they have a good compliance program. In fact, your audit report may be worthless. Regional Entities perform audits and send a report to NERC. Often these regional auditors are folks with whom you either worked or see so often you become friends. Many potential violations are often reduced to recommendations or suggestions resulting in a clean audit report. After all, I know “Fred” or “Sue,” and they will clean up these little nits.

What is overlooked or simply not understood is that if there is an event involving your company, an anonymous complaint filed against you or a spot check is performed that results in an investigation, your friends — oops, I meant regional auditors — will not be able to help you. NERC and FERC will step in and kick the regions out faster than a drunk uncle at the family Christmas gathering. NERC and FERC will go through your company with a fine-tooth comb, reviewing compliance documents, listening to voice recordings, conducting interviews and getting staff on the record. They will leave no stone unturned.

Not to mention, NERC and FERC have a higher standard than the regions. I know because I was a senior investigator at NERC and was responsible for conducting the above-mentioned duties, which resulted in millions of dollars in fines and penalties for entities. And remember, you do not have to be the utility that caused the event. Imperial Irrigation District (IID) was penalized $12 million even though they did not initiate the event. This is why I stress to my clients that I am not just preparing them for an audit, but also closing any compliance gaps in case there is a reason for NERC or FERC to come snooping around.

Leadership at utility companies must ask themselves if they are comfortable having a “check the box” compliance program, which meets the letter of the law, or a robust compliance program that meets the spirit of the law and would withstand the rigors of audits and investigations alike. Organizations owe it to their stakeholders to have a robust risk management program that will greatly limit its liability. If internal controls evaluations, mock audits and compliance assessments are not a part of the risk management strategy, I question leadership’s commitment to be the best it can be. There will be another event that will lead to another investigation, and stiff fines and penalties will be handed out. In the words of Bruno Mars, “Don’t believe me just watch.”

“But we passed our audit!” will not help the utilities involved. So, let me ask, has your company conducted an internal controls evaluation, compliance assessment or mock audit lately? And remember, I hate the sound of nails raking across a blackboard.

Terry Brinker, who has 23 years of experience leading, facilitating and implementing improvements in power plant operations, control room operations, compliance and regulatory matters, is the president of Reliable Energy Advisors. Terry previously served in leadership roles during a five-year stint at NERC, where he served as senior manager of standards information and personnel certification, manager of registration services, and senior event investigator.

Commentary
KeywordsFederal Energy Regulatory Commission (FERC)North American Electric Reliability Corp. (NERC)

Leave a Reply

Your email address will not be published. Required fields are marked *

We Recommend

1
With Final Class Year Approval, NYISO Marks End of an Era
Sep 26, 2024NYISOVincent Gabrielle
2
Pathways Initiative Releases ‘Step 2’ Proposal for Western ‘RO’
Sep 26, 2024CAISO/WEIMRobert Mullin
3
MISO Dips Toes into Potential New Resource Adequacy Standard; States Demand Key Role
Sep 26, 2024MISOAmanda Durish Cook
4
California GETs Bill Gets Newsom’s Signature
Sep 26, 2024CAISO/WEIMElaine Goodman
5
Updated EDAM Study Shows Doubling of PacifiCorp Benefits
Sep 25, 2024CAISO/WEIMRobert Mullin

Popular Stories

1
Study: HVDC Needs Standards to Take off in US
Sep 9, 2024Company NewsJames Downing
2
MISO Says 2nd Long-range Tx Plan to Cost $21B, Deliver Double in Benefits
Sep 15, 2024MISOAmanda Durish Cook
3
FERC Workshop Examines How to Speed up Interconnection Queues
Sep 12, 2024ResourcesJames Downing
4
With Three Mile Island Restart, Debate Continues on Co-located Load in PJM
Sep 24, 2024MarketsDevin Leith-Yessian
5
MTEP 24 Reaches $6.7B; MISO Ending Rush Island Reliability Agreement in Mid-October
Sep 8, 2024MISOAmanda Durish Cook

Industry Gatherings