NERC Compliance

DO NOT struggle with manual methods like Excel and SharePoint to track your NERC Compliance! This is a SHORT-TERM solution that can become a LONG-TERM problem.

Understanding NERC Compliance Challenges

Today’s utilities are struggling with changes to the NERC regulatory landscape and the growing emphasis to self-govern and provide oversight to their NERC compliance obligations.

Common difficulties include:

Tracking changes to existing requirements.
 Incident management.
 Risk assessments and risk-based audit.
 Evidence collection and tracking.
 Identifying and mapping relevant NERC requirements to critical assets and facilities.
 Control mapping and testing.
 Rolling up information to report the right data to the right people.

Is your utility experiencing these challenges?

Watch this two minute video or read our brochure to learn about our NERC Compliance Solution and how it can help your utility.

NERC Compliance is our Expertise at ComplyTec

Recognizing a specific need in the utility sector for NERC compliance automation, we’ve built a solution to address the specific needs of these utilities.

We chose to build our solution on the RSA Archer platform. RSA is one of the Dell Technologies family of brands, and ensures our proprietary software is built on a robust, supportable platform that will continue to drive value for our customers by integrating with the out-of-the-box Archer GRC use cases should our customers choose to do so.

Our NERC Compliance Solution is RSA Archer® Certified.

Check Us Out at the

Check Us Out at the

We provide a common foundation for MANAGING POLICIES, CONTROLS, RISKS, ASSESSMENTS and  DEFICIENCIES across your utility

Our solution isn’t prescriptive, we fit into your processes and adapt easily to changing regulator requirements. You can build compliance processes and integrate with external systems without touching a single line of code.

Our solution allows seamless integration of data systems without requiring additional software. You can automate the movement of data into and out of the Platform to support data analysis, process management, and reporting.

Our solution supports business-level management of enterprise governance, risk and compliance (GRC). We will grow with you as you seek to mature your programs beyond just compliance.

ComplyTec’s NERC Compliance solution provides a holistic approach to NERC compliance. We provide a system of record for REAL-TIME compliance information sliced and diced the way you need to see it, whatever your role, driving process through automated workflow.

Already using RSA Archer® or considering using it within your utility?

This video will help you to understand how you can leverage Archer with Complytec’s NERC Solution/App-pack for a quick start NERC solution

Our Compliance Team

Kirk Whittaker​

Sr. Manager Archer Consulting

Patrick Chouinard

Sr. Archer Consultant

Antonia Di Sabatino

Archer Consultant

Alexandre Cormier

Archer Consultant

Angelo Capone

Archer Consultant

Joel Charlebois

NERC Consultant - AESI

Stephen DiSalvo

NERC Consultant - AESI

Together with our strategic partners, we have a network of over 20 experienced Archer Consultants. For more information on our RSA Archer Consulting services, please read this brochure.  

Seeking to ramp up your company’s NERC Compliance?

To speak with us, please call us at (416) 410-5599 Option #1

Kirk Whittaker​

Sr. Manager Archer Consultant

Kirk comes with an exceptional blend of development, risk and Utility sector-specific experience to better support GRC client needs.

During his 30 plus years at Idaho Power, he implemented a NERC Compliance solution on the RSA Archer platform, participated in an 18-month joint project with American Electric Power on the deployment of a custom NERC solution, and was responsible for the implementation of core Archer GRC solutions, such as Audit, Business Continuity, Compliance, Enterprise Risk Management, Incident, Issue, Policy, Risk, Assessment & Authorization, and Continuous Monitoring.

At ComplyTec, Kirk is responsible for the RSA Archer Professional services practice and the successful development and rollout of our NERC Compliance Solution.

Patrick Chouinard

Sr. Archer Consultant

Patrick is a successful information security professional with 25 years of technical experience including a specialty in the RSA GRC solution Archer where he has managed implementations in IT Risk, Operational Risk, Enterprise Risk Management (ERM), Iincident Management, SecOPS and Third Party Risk Management.   

As an Archer specialist and Analyst, he has deployed, configured, and adapted various Use Cases to the business requirements and adjusted workflows and data feeds. He also performed SailPoint integration to update the Business Hierarchy based on Workday information.

Patrick is a dynamic, creative consultant and trainer (RSA Level 1 & 2 for RSA Education Department) with a proven track record in building relationships, delivering special training.

 

At ComplyTec, Patrick is part of the team responsible for the successful implementation of RSA Archer professional services solutions.

Antonia Di Sabatino

Archer Consultant

With over 20 years of Software development and deployment experience, Tonia is a seasoned team player with extensive experience in enterprise-scale projects involving software integration, product development, implementation, information security, governance, compliance, and regulatory enterprise reporting. Well-versed in the Software Development Life Cycle (SDLC), Project Management delivery, and regulatory requirements. her proven experience as both a Project Manager and Business Analyst, enables her to understand business stakeholders from all industries to successfully deliver solutions and key results. Her industry experience includes Supply Chain, Pharmacy, Government,  Banking, and Capital Markets.   

At ComplyTec, Tonia is a consultant responsible for the implementation of the Archer GRC Solution as well as ComplyTec NERC Compliance Management Solutions. 

Alexandre Cormier

Archer Consultant

Alex is an experienced RSA Archer specialist who has been responsible for supporting the administration and configuration requirements of RSA Archer based solutions supporting Enterprise Governance, Risk & Compliance initiatives within the Government of New Brunswick, Department of Finance and Treasury Board.

During his 7 year tenure, Alex was responsible for the configuration, testing and deployment of core and on-demand applications & questionnaires, data feeds, access control and platform upgrades and installs for the Information Security and Enterprise Risk Management divisions. Alex also contributed to the development of the first Enterprise Risk Management Program and Corporate Risk Register at GNB.

At ComplyTec, Alex is responsible for delivery services for RSA Archer and support for ComplyTec NERC Compliance Management Solutions.

 

Angelo Capone

Archer Consultant

Angelo has a diverse background with over 20 years of planning, managing and integrating IT solutions and in making Technology relevant to consumers. He is a service-minded, organized, and detailed integration specialist with experience in a multitude of platforms such as Microsoft, Azure, RSA Archer and SecurID.

He has very broad experience in communication technologies and how best to deploy to different environments such as Email, Telecommunications and Collaboration. Coupled with this, he has managed, planned and delivered infrastructure changes centred around identity management and security to cloud-based platforms. During his years in the industry, he has been integral in Technology change initiatives while adopting SaaS motivated solutions including securing Microsoft, MFA, Exchange and Identity Management.

At ComplyTec, Angelo is our Archer Consultant and works with other client solutions such as RSA SecurID, Archer and Tenable Vulnerability Management Solutions. 

 

Joel Charlebois

Archer Consultant - AESI

With over 15 years of experience, Joel has proven to deliver a solid mix of technical competencies and project management. His analytical aptitude crosses over to support a multitude of Information Technology applications (EMS/SCADA, software development, system integration, databases, etc.) and implementation projects, regulatory projects, and into business analytics to assess and ensure budgets and schedules are maintained while delivering comprehensive and practical solutions. 

Joel maintains an extensive understanding and practical experience in all aspects of NERC regulatory compliance for both CIP and O&P regulatory compliance projects, including auditing, governance, mock audits, compliance tools, and more. 

Joel is also a member of the NPCC Regional Standards Committee (RSC) and attendee at several regional compliance workshops. His experience and broad perspective help maximize project and team efficiency to deliver on-time results, delivering expertise on projects involving Internal Controls and Evaluations; NERC Regulatory Compliance Program Documentation and Development; RSAWs and Evidentiary Artifacts; Market Rules and Obligations; Enforcement Dates, Actions and Penalties; and more.

https://www.aesi-inc.com/

Steve DiSalvo

NERC Consultant - AESI

Stephen has more than 13 years’ experience related to NERC compliance, and has been extensively involved and led numerous projects covering a considerable range of technical and operational NERC regulatory aspects. 

With respect to NERC Reliability Standard Audit Worksheets (RSAWs), Stephen has managed RSAW Review Workshops geared to ensure the developed material is complete and effective in demonstrating compliance. As part of these initiatives, Stephen has worked to illustrate and develop measures to mitigate any gaps between existing client RSAWs and industry best practices. 

With respect to internal controls, Stephen has reviewed and developed a wide range of NERC Regulatory Compliance documentation including policies and procedures, standing instructions, operating orders, etc., complete with descriptions of roles and responsibilities, evidentiary requirements, and internal controls. These activities have included working with the client to determine and document a sufficient set of internal controls and accountabilities during compliance program development and implementation. For instances where a client may already have a defined set of internal controls and accountabilities, Stephen has performed detailed reviews to assure these measures are not only sufficient for compliance but also in line with best practices and can be implemented efficiently. 

Over his tenure at AESI-US, Inc. Stephen has led projects delivering the full spectrum of services offered by AESI’s Regulatory Compliance practice area.

https://www.aesi-inc.com/

Let's Talk