Simplify, strengthen and manage all your NERC compliance needs.

NERC CIP Compliance Solution

The Challenges

  • Given the relatively frequent revisions to the NERC Critical Infrastructure Protection (CIP) Standards and the differing implications it has presented to responsible entities, it has become increasingly difficult to constantly stay alert of these revisions, interpret these revisions, and then find a way to abide by these revisions.
  • The upcoming NERC CIP version 5, which is due for enforcement starting April 1, 2016, comprises of 10 primary standards which include over 40 requirements and over 160 sub-requirements for mandatory compliance for all of the major electric companies that make up the North American power grid. This will change the entire dynamic of the NERC CIP compliance operation.

Our Solution

360factors provides a regulatory risk and compliance management software platform and advisory services that allow implementation of critical governance initiatives such as programs for Standards of Conduct and EHS through document control, compliance training, ongoing auditing, and recording and reporting of FERC-related violations all centered on an effective regulatory risk and change management model and methodology.

We offer two unique solutions:

Option 1

Managed Services

In managed services, you pay a flat fee to license the software along with our services. Through this, utilities companies strengthen and simply the management of all NERC compliance requirements. Predict360’s software provides an integrated set of tools to streamline and automate end-to-end NERC CIP compliance processes, while consolidating all compliance activities, data, and initiatives in a centralized cloud-based framework.

Option 2

You can secure advisory services on a short and long term project basis. Speak with experts who have unparalleled level of knowledge, understanding and experience with NERC CIP Standards, guiding you and your organization towards operational excellence.

Our experts follow a consistent Regulatory Risk and Compliance Management methodology.

  • Regulations drive the “Why” – why does an organization need to comply?
  • Once we understand the “why”, that leads to the “What” – what are the controls and what are the risk levels?
  • Once we identify the risk levels, this helps us prioritize which risks need to be addressed, leading us to the “How”.

Regulatory Change Management Methodology

  • The “How” entails defining a clear end-to-end process on how to mitigate risk and achieve compliance.
  • Once the process is defined, the next step is to identify the point of compliance which is the “Where” – typically a branch office.
  • Once the point of compliance is defined, the last step in the process is to identify the “Who” – who is responsible and who is accountable for actions and approvals?

Our Software

Our advisers and experts use Predict360, a regulatory risk and compliance software to streamline advisory services as a competitive differentiator. It vertically integrates all modules which allows organizations to manage their NERC, FERC and other compliance programs based on federal and state regulations through a single platform.

  • Simplifies the management of NERC standards, practices, and procedures analysis, RSAW, NERC Audits, and Job Task Analysis (JTA) to avoid compliance confusion.
  • Provides access to a comprehensive requirements knowledge base that helps identify which standards and regulations apply to each specific type of utility.
  • Enables your organization to take corrective and preventive actions, and streamlines NERC risk-based audits.
  • Prepares you to be compliant with both version 4 and 5 CIP Standards.