NERC standards are designed to help ensure the reliability of bulk power transmission in the electric utility systems of North America.
While these are not technically required to operate the grid, NERC standards impose a set of activities that utilities must carry out on top of all their other compliance and operational obligations, to maintain good standing. Because of that, they should be managed as efficiently as possible.
Today’s utilities are facing a tough regulatory landscape and the growing emphasis on compliance oversight, including those related to NERC. The following are some of the challenges we tackle with our clients
Decentralized data, sometimes in legacy systems
Compliance processes spanning multiple functions
External demands from auditing bodies
Summarizing data to assist with management decision making
Is your Company experiencing these challenges?
Watch our two-minute video or read our brochure to learn about our NERC Compliance Solution and how it can help your company.
ComplyTec’s NERC solution is built on the Archer Enterprise Integrated Risk Management platform.
Archer is trusted by hundreds of large enterprises around the world to help manage multiple dimensions of risk on a single platform, including over 100 Government Agencies and Utilities in North America. Archer is a Leader in the most recent Gartner Magic Quadrant reports for IT Risk Management, IT Vendor Risk Management, Business Continuity Management Program Software and Integrated Risk Management.
Using Archer’s codeless customization and configuration platform, ComplyTec developed a unique use case to help companies save time on NERC compliance activities and help maintain their reputation.
Already using RSA Archer® or considering using it within your utility?
This video will help you to understand how you can leverage Archer with Complytec’s NERC Compliance Solution/App-pack for a quick start NERC solution
ComplyTec’s NERC compliance solution uses automation to help reduce costs and save time. NERC-specific workflows align, neatly with your company’s NERC obligations, making it easier for you to manage compliance activities. These include:
Creation of applicability collections for responsible entities
Interaction with each requirement
Storage of information from different sources in an evidence repository
Creation of remediation plans based on findings
Creation of audit summaries such as RSAWs
ComplyTec’s NERC Compliance solution provides a complete approach to NERC compliance. We provide a system of record for compliance information aligned with your structure and operations. A company using ComplyTec’s NERC solution will save time and reduce the risk of costly disruptions.
To deliver the fastest possible time-to-value, increase user adoption, and decrease compliance costs, ComplyTec employs a highly effective solution development approach.
Use cases deployment organized for fastest time-to-value based on a plan co-developed in collaboration with the customer.
Our NERC Compliance Solution is delivered by a talented team of compliance and project management experts with decades of combined IT project and NERC experience, providing you with stable and reliable expertise. See their profiles below:
Our experts are also ready to help you build out your NERC compliance business case.
Let us help you build your case for streamlined NERC compliance.
1. Improve compliance oversight
2. Facilitate executive decision making
3. Increase the chances of successful audits
4. Reduce fine related expenses
5. More efficiently use of highly qualified staff
Sr. Manager Archer Consultant
Kirk comes with an exceptional blend of development, risk and Utility sector-specific experience to better support GRC client needs.
During his 30 plus years at Idaho Power, he implemented a NERC Compliance solution on the RSA Archer platform, participated in an 18-month joint project with American Electric Power on the deployment of a custom NERC solution, and was responsible for the implementation of core Archer GRC solutions, such as Audit, Business Continuity, Compliance, Enterprise Risk Management, Incident, Issue, Policy, Risk, Assessment & Authorization, and Continuous Monitoring.
At ComplyTec, Kirk is responsible for the RSA Archer Professional services practice and the successful development and rollout of our NERC Compliance Solution.
Sr. Archer Consultant
Patrick is a successful information security professional with 25 years of technical experience including a specialty in the RSA GRC solution Archer where he has managed implementations in IT Risk, Operational Risk, Enterprise Risk Management (ERM), Iincident Management, SecOPS and Third Party Risk Management.
As an Archer specialist and Analyst, he has deployed, configured, and adapted various Use Cases to the business requirements and adjusted workflows and data feeds. He also performed SailPoint integration to update the Business Hierarchy based on Workday information.
Patrick is a dynamic, creative consultant and trainer (RSA Level 1 & 2 for RSA Education Department) with a proven track record in building relationships, delivering special training.
At ComplyTec, Patrick is part of the team responsible for the successful implementation of RSA Archer professional services solutions.
With over 20 years of Software development and deployment experience, Tonia is a seasoned team player with extensive experience in enterprise-scale projects involving software integration, product development, implementation, information security, governance, compliance, and regulatory enterprise reporting. Well-versed in the Software Development Life Cycle (SDLC), Project Management delivery, and regulatory requirements. her proven experience as both a Project Manager and Business Analyst, enables her to understand business stakeholders from all industries to successfully deliver solutions and key results. Her industry experience includes Supply Chain, Pharmacy, Government, Banking, and Capital Markets.
At ComplyTec, Tonia is a consultant responsible for the implementation of the Archer GRC Solution as well as ComplyTec NERC Compliance Management Solutions.
Alex is an experienced RSA Archer specialist who has been responsible for supporting the administration and configuration requirements of RSA Archer based solutions supporting Enterprise Governance, Risk & Compliance initiatives within the Government of New Brunswick, Department of Finance and Treasury Board.
During his 7 year tenure, Alex was responsible for the configuration, testing and deployment of core and on-demand applications & questionnaires, data feeds, access control and platform upgrades and installs for the Information Security and Enterprise Risk Management divisions. Alex also contributed to the development of the first Enterprise Risk Management Program and Corporate Risk Register at GNB.
At ComplyTec, Alex is responsible for delivery services for RSA Archer and support for ComplyTec NERC Compliance Management Solutions.
Angelo has a diverse background with over 20 years of planning, managing and integrating IT solutions and in making Technology relevant to consumers. He is a service-minded, organized, and detailed integration specialist with experience in a multitude of platforms such as Microsoft, Azure, RSA Archer and SecurID.
He has very broad experience in communication technologies and how best to deploy to different environments such as Email, Telecommunications and Collaboration. Coupled with this, he has managed, planned and delivered infrastructure changes centred around identity management and security to cloud-based platforms. During his years in the industry, he has been integral in Technology change initiatives while adopting SaaS motivated solutions including securing Microsoft, MFA, Exchange and Identity Management.
At ComplyTec, Angelo is our Archer Consultant and works with other client solutions such as RSA SecurID, Archer and Tenable Vulnerability Management Solutions.
Ryan is a certified Archer consultant currently working on his level 2 certification. With a computer science degree from Queen’s University, Ryan is very familiar with the development life cycle of applications. Ryan has experience with the configuration and development of CRM services, as well as the development of software applications.
At Complytec Ryan is part of our CRM development team and performs business analytics using Microsoft Power BI.
Archer Consultant - AESI
With over 15 years of experience, Joel has proven to deliver a solid mix of technical competencies and project management. His analytical aptitude crosses over to support a multitude of Information Technology applications (EMS/SCADA, software development, system integration, databases, etc.) and implementation projects, regulatory projects, and into business analytics to assess and ensure budgets and schedules are maintained while delivering comprehensive and practical solutions.
Joel maintains an extensive understanding and practical experience in all aspects of NERC regulatory compliance for both CIP and O&P regulatory compliance projects, including auditing, governance, mock audits, compliance tools, and more.
Joel is also a member of the NPCC Regional Standards Committee (RSC) and attendee at several regional compliance workshops. His experience and broad perspective help maximize project and team efficiency to deliver on-time results, delivering expertise on projects involving Internal Controls and Evaluations; NERC Regulatory Compliance Program Documentation and Development; RSAWs and Evidentiary Artifacts; Market Rules and Obligations; Enforcement Dates, Actions and Penalties; and more.
NERC Consultant - AESI
Stephen has more than 13 years’ experience related to NERC compliance, and has been extensively involved and led numerous projects covering a considerable range of technical and operational NERC regulatory aspects.
With respect to NERC Reliability Standard Audit Worksheets (RSAWs), Stephen has managed RSAW Review Workshops geared to ensure the developed material is complete and effective in demonstrating compliance. As part of these initiatives, Stephen has worked to illustrate and develop measures to mitigate any gaps between existing client RSAWs and industry best practices.
With respect to internal controls, Stephen has reviewed and developed a wide range of NERC Regulatory Compliance documentation including policies and procedures, standing instructions, operating orders, etc., complete with descriptions of roles and responsibilities, evidentiary requirements, and internal controls. These activities have included working with the client to determine and document a sufficient set of internal controls and accountabilities during compliance program development and implementation. For instances where a client may already have a defined set of internal controls and accountabilities, Stephen has performed detailed reviews to assure these measures are not only sufficient for compliance but also in line with best practices and can be implemented efficiently.
Over his tenure at AESI-US, Inc. Stephen has led projects delivering the full spectrum of services offered by AESI’s Regulatory Compliance practice area.