Basic Purpose
Provides direct oversight of the company’s Program with emphasis on compliance with NERC CIP Reliability Standards as Company’s CIP Compliance Lead. Ensures program documentation, training and processes are standardized, communicated, and understood by program participants. Manages day-to-day communication of CIP program activities. Ensures all instances of compliance concern are identified, investigated, documented, and corrective actions plans are completed.
Essential Duties and Responsibilities
Oversees day-to-day CIP Program activities
-
Ensures all necessary day-to-day activities are communicated to responsible parties for completion of time-specific compliance activities (i.e. Security Patch management, Access revocation due to termination or position transfer, Physical Access Control Systems Maintenance)
-
Collaborates with CIP Program leadership to develop and implement formalized training programs for department-specific processes within the CIP Program
-
Ensures all onboarding training (role-based training) is being conducted by departments with responsibilities within the CIP Program
-
Ensures that current training deployed for unescorted physical access and electronic access meets the needs of CIP-004-6, and future iterations of the CIP Reliability Standards
-
Develops, implements, and maintains a formalized training program for CIP Audit Approach for cross-training with NERC Compliance Analysts.
Maintenance of CIP Program documentation
-
Oversees the standardization of CIP Program documentation through review and analysis of all program documentation aligning from Plan to Procedure to Policy
-
Monitors the implementation, and communication of all revisions to program documentation to ensure no gaps are created
-
Monitors compliance with the NERC CIP Reliability Standards through collaborative work with the business units on completion of Reliability Standard Audit Worksheets (RSAW) and collection of compliance evidence.
Oversight of CIP Program processes
-
Provides leadership and oversight for NERC CIP Compliance Specialists
-
Conducts spot checks of documented department and program processes to determine efficacy of process implementation
-
Identifies process improvements where efficiency or responsibility gaps are identified.
Compliance Investigation
-
Standardizes an investigation process and documentation for investigation of NERC Compliance concerns for CIP-related events
-
Manages corrective action plans and activities associated with CIP compliance investigations
-
Develops narrative, and collect evidence, for any necessary Self-Reports associated with NERC CIP Reliability Standard Requirements and/or Parts.
CIP Project Implementation
-
Participates as a Subject Matter Expert for NERC Compliance during the implementation of any future CIP-related projects
-
Supports CIP Asset owners with documentation, asset, and process review during CIP-related projects
-
Supports Project Management department in establishment of project scope, timelines, and other delegated actions
-
Ensures all required CIP compliance responsibilities are completed prior to in-service/conclusion of CIP-related projects.
Development and Interpretation
-
Participates in external and internal industry forums and activities associated with the development of new or revisions to NERC CIP Reliability Standards
-
Responds to interpretation requests on CIP standards and promote appropriate application to maintain technical and operational requirements to ensure company compliance.
Monitors and enforces all compliance requirements for area of responsibility.
Ensures all compliance aspects of position are known and followed; understands and complies with all policies, codes and regulations applicable to position and company.
Performs related duties as assigned.