FERC-725A, -725B, & -725D (OMB Control Nos. 1902-0244, -0248, & -0247)
Docket No. RM13-8-000, Proposed Rule issued June 20, 2013
RIN: 1902-AE71 (Updated 8/19/13 for FERC-725B)
Supporting Statement
FERC-725A, Mandatory Reliability Standards for the Bulk Electric System;
FERC-725B, Mandatory Reliability Standards for Critical Infrastructure Protection;
FERC-725D, Facilities, Design, Connections, and Maintenance Reliability Standards
Modifications to the collection due to the Proposed Rule in RM13-8-000,
“Electric Reliability Organization Proposal to Retire Requirements in Reliability Standards”
In this supporting statement, the Commission describes the changes to several FERC collections due to North American Electric Reliability Organization’s (NERC) request to retire 34 requirements within 19 Reliability Standards.
FERC is using a consolidated supporting statement because the proposed rule affects three distinct collections (and OMB Control numbers). Each collection has its own Information Collection Request (ICR); one for each of the affected collections (725A, 725B, and 725D).
CIRCUMSTANCES THAT MAKE THE COLLECTION OF INFORMATION NECESSARY
On August 8, 2005, The Electricity Modernization Act of 2005, which is Title XII of the Energy Policy Act of 2005 (EPAct 2005), was enacted into law.1 EPAct 2005 added a new Section 215 to the Federal Power Act (FPA), which requires a Commission-certified Electric Reliability Organization (ERO) to develop mandatory and enforceable Reliability Standards, which are subject to Commission review and approval. Once approved the Reliability Standards may be enforced by the ERO, subject to Commission oversight.
FERC-725A
On March 16, 2007, in Order No. 693, pursuant to Section 215(d) of the FPA, the Commission approved 83 of 107 proposed Reliability Standards, six of the eight proposed regional differences, and the North American Electric Reliability Corporation (NERC) Glossary of Terms Used in Reliability Standards (NERC Glossary), which includes the standards and information collection requirements in FERC-725A.
FERC-725B
On January 18, 2008, the Commission issued Order No. 706, which approved the CIP version 1 Standards to address cyber security of the Bulk-Power System.2 In Order No. 706, the Commission approved eight CIP Reliability Standards (CIP-002-1 through CIP-009-1). On April 19, 2012, the Commission issued Order No. 761, which approved the CIP version 4 Standards (CIP-002-4 through CIP-009-4).3 Reliability Standard CIP-002-4 (Critical Cyber Asset Identification) sets forth 17 uniform “bright line” criteria for identifying Critical Assets. The Commission also accepted NERC’s proposed implementation schedule for the CIP version 4 Standards, which are scheduled for full implementation and enforceability beginning April 2014.4
On April 18, 2013, the Commission issued a proposed rule, proposing to approve the CIP version 5 standards. In drafting these standards, NERC states that it took into consideration 4 years of experience since the first CIP standards were implemented, “as well as FERC directives…developed the proposed CIP Version 5 standards to better protect the reliability of the nation’s Bulk Electric System (“BES”) from cyber-attacks.”5
FERC-725D
On December 27, 2007 the Commission approved the three Facilities Design, Connections and Maintenance (FAC) Reliability Standards that were developed by the NERC. In addition, the Commission directed NERC to develop a modification to one of the three Reliability Standards that was approved as mandatory and enforceable. The Commission also approved a regional difference for the Western Interconnection administered by the Western Electricity Coordinating Council (WECC) which is incorporated into FAC-010-1 and FAC-011-1. Lastly, the Commission accepted three new terms for the NERC Glossary of Terms Used in Reliability Standards, and sent back another proposed term, and directed NERC to submit modifications to its proposed Violation Risk Factors consistent with the Commission’s prior orders.
On October 16, 2008, the Commission proposed to approve revisions to the three Reliability Standards in FERC-725D. These revised standards as developed by NERC are designated as FAC-010-2, FAC-011-2 and FAC-014-2. These standards direct planning authorities and reliability coordinators to establish methodologies to determine system operating limits (SOLs) for the Bulk-Power System in the planning and operation horizons.
HOW, BY WHOM, AND FOR WHAT PURPOSE THE INFORMATION IS TO BE USED AND THE CONSEQUENCES OF NOT COLLECTING THE INFORMATION
In the NOPR, the Commission proposes to approve the retirement of 34 requirements within 19 Reliability Standards identified by the NERC. The requirements proposed for retirement either: (1) provide little protection for Bulk-Power System reliability or (2) are redundant with other aspects of the Reliability Standards.
The requirements proposed for retirement currently affect many of the entities currently subject to reliability standards.6 There are no consequences for not collecting the information since this rule proposes to eliminate information collection requirements.
DESCRIBE ANY CONSIDERATION OF THE USE OF IMPROVED INFORMATION TECHNOLOGY TO REDUCE THE BURDEN AND TECHNICAL OR LEGAL OBSTACLES TO REDUCING BURDEN
The use of current or improved technology is not covered in the Reliability Standards and is, therefore, left to the discretion of each regional and reporting entity.
DESCRIBE EFFORTS TO IDENTIFY DUPLICATION AND SHOW SPECIFICALLY WHY ANY SIMILAR INFORMATION ALREADY AVAILABLE CANNOT BE USED OR MODIFIED FOR USE FOR THE PURPOSE(S) DESCRIBED IN INSTRUCTION NO. 2.
In a March 2012 Order, the Commission accepted, with conditions, NERC’s “Find, Fix, Track and Report” (FFT) initiative. The FFT process, inter alia, provides NERC and the Regional Entities the flexibility to address lower-risk possible violations through an FFT informational filing as opposed to issuing and filing a Notice of Penalty. In addition, the Commission raised the prospect of revising or removing requirements of Reliability Standards that “provide little protection for Bulk-Power System reliability or may be redundant.”7 Specifically, the Commission stated:
The Commission notes that NERC’s FFT initiative is predicated on the view that many violations of requirements currently included in Reliability Standards pose lesser risk to the Bulk-Power System. If so, some current requirements likely provide little protection for Bulk-Power System reliability or may be redundant. The Commission is interested in obtaining views on whether such requirements could be removed from the Reliability Standards with little effect on reliability and an increase in efficiency of the ERO compliance program. If NERC believes that specific Reliability Standards or specific requirements within certain Standards should be revised or removed, we invite NERC to make specific proposals to the Commission identifying the Standards or requirements and setting forth in detail the technical basis for its belief. In addition, or in the alternative, we invite NERC, the Regional Entities and other interested entities to propose appropriate mechanisms to identify and remove from the Commission-approved Reliability Standards unnecessary or redundant requirements. We will not impose a deadline on when these comments should be submitted, but ask that to the extent such comments are submitted NERC, the Regional Entities, and interested entities coordinate to submit their respective comments concurrently.8
In
response, NERC initiated a review, referred to as the “P 81
project,” to identify requirements that could be removed from
Reliability Standards without impacting the reliability of the
Bulk-Power System.
In its February 28, 2013 petition, NERC seeks Commission approval of the retirement of 34 requirements within 19 Reliability Standards. NERC asserts that the 34 requirements proposed for retirement “are redundant or otherwise unnecessary” and that “violations of these requirements … pose a lesser risk to the reliability of the Bulk-Power System.”9
METHODS USED TO MINIMIZE THE BURDEN IN COLLECTION OF INFORMATION INVOLVING SMALL ENTITIES
This NOPR will reduce burden on small entities because it is eliminating unnecessary Reliability Standard requirements.
CONSEQUENCE TO FEDERAL PROGRAM IF COLLECTION WERE CONDUCTED LESS FREQUENTLY
In general, information collection requirements in Reliability Standards help maintain reliability on the bulk power system.
The NOPR is proposing to remove unnecessary requirements. The Commission does not see any real harm or consequence to the bulk power system by reducing the frequency, or in this case, by removing these redundant or unnecessary requirements from the Reliability Standards.
EXPLAIN ANY SPECIAL CIRCUMSTANCES RELATING TO THE INFORMATION COLLECTION
There are no special circumstances as described in 5 CFR 1320.5(d)(2) related to this Proposed Rule.
DESCRIBE EFFORTS TO CONSULT OUTSIDE THE AGENCY: SUMMARIZE PUBLIC COMMENTS AND THE AGENCY’S RESPONSE
The ERO process to establish Reliability Standards is a collaborative process with the ERO, Regional Entities and other stakeholders developing and reviewing drafts, and providing comments, with the final proposed standard submitted to the FERC for review and approval.10 In addition, each FERC rulemaking (both proposed and final rules) is published in the Federal Register, thereby providing public utilities and licensees, state commissions, Federal agencies, and other interested parties an opportunity to submit data, views, comments or suggestions concerning the proposed collection of data. The proposed rule was published in the Federal Register on June 28, 2013 (78 FR 38851).
EXPLAIN ANY PAYMENT OR GIFTS TO RESPONDENTS
The Commission does not make payments or provide gifts for respondents related to this collection.
DESCRIBE ANY ASSURANCE OF CONFIDENTIALITY PROVIDED TO RESPONDENTS
In general, a registered entity may be required to disclose security or confidential information during an audit. If this occurs, the general practice is that the auditor returns that information to the entity following the audit.
PROVIDE ADDITIONAL JUSTIFICATION FOR ANY QUESTIONS OF A SENSITIVE NATURE
This collection does not include any questions of a sensitive nature that are considered private.
ESTIMATED BURDEN OF COLLECTION OF INFORMATION
FERC-725A. The current burden for the FERC-725A is 1,829,523 hours. FERC 725A contains the information collection requirements for nearly all of the U.S.-wide Reliability Standards. The collection started in 2007 when FERC approved 83 Reliability Standards with an estimated 1,252,680 burden hours.
Since that time, NERC has revised many of the original standards (and proposed new standards as well) resulting in many incremental additions to the total burden hours (a total of approximately 575,000 burden hours). One of the most notable additions occurred in 2011(ICR # 201012-1902-005) when we closely evaluated the number of respondents and found that there were approximately 500 more than we previously estimated. This adjustment increased the total burden for the FERC-725A by approximately 450,000 hours.
The NOPR proposes to reduce the burden in FERC-725A by 4,667 hours.
FERC-725B. The current burden for the FERC-725B is 850,680 hours. These hours are associated with information collections contained in Critical Infrastructure Protection (CIP) Reliability Standards CIP-002-4 through CIP-009-4. The NOPR proposes to reduce the burden in FERC-725B by 1,950 hours.
FERC-725D. The current burden for the FERC-725D is 141,000 hours. These hours are associated with the information collections requirements in three FAC Reliability Standards, FAC-010-2, FAC-011-2, and FAC-014-2. The NOPR proposes to reduce the burden in FERC-725D by 2,020.
In general, information collection requirements contained in Reliability Standards relate to documenting compliance, preparing assessments, and preparing reports, and retaining information.
ESTIMATE OF THE TOTAL ANNUAL COST BURDEN TO RESPONDENTS
There is no start-up or other non-labor hour cost associated with this proposed rule.
There is an existing record keeping requirement contained in the FERC-725A, estimated at $126,725.
ESTIMATED ANNUALIZED COST TO FEDERAL GOVERNMENT
The Regional Entities and NERC do most of the data processing, monitoring and compliance work for Reliability Standards. Any involvement by the Commission is covered under the FERC-725 collection (1902-0225) and is not part of this request or package.
The Commission does incur the costs associated with complying with the Paperwork Reduction Act for this rulemaking. FERC estimates the annual cost for this effort to be $2,250 for each rulemaking.11
REASONS FOR CHANGES IN BURDEN INCLUDING THE NEED FOR ANY INCREASE
The Commission proposes to accept NERC’s petition to retire 34 requirements within 19 Reliability Standards which the Commission expects will result in 8,637 hours of burden reduction across three information collections.
The Commission based its paperwork burden estimates in the NOPR on the NERC compliance registry as of April 30, 2013.12 According to the registry, there are 132 balancing authorities (BA), 544 distribution providers (DP), 898 generator owners (GO), 859 generator operators (GOP), 56 interchange authorities (IA), 515 load serving entities (LSE), 80 planning authorities/planning coordinators (PA or PC), 677 purchasing selling entities (PSE), 21 reliability coordinators (RC), 346 transmission owners (TO), 185 transmission operators (TOP), 185 transmission planners (TP), and 93 transmission service providers (TSP).
The Commission estimates that the burden will be reduced for each requirement as dictated in the chart below, for a total estimated reduction in burden of 8,637 hours. The Commission based the burden reduction estimates on staff experience, knowledge, and expertise.
Standard, Requirement Number, and FERC Collection Number |
Type of Respondents |
Number of Respondents13 [A] |
Average
Reduction in Burden Hours per Respondent per Year |
Estimated Annual Reduction in Burden (in hours) [A X B] |
Estimated
Annual Reduction in Cost |
EOP-005-2, R3.1 (FERC-725A) |
TOP |
185 |
1 |
185 |
$11,100 |
FAC-008-3, R4 (FERC-725A) |
TO, GO |
1,151 |
1 |
1,151 |
$69,060 |
FAC-008-3, R5 (FERC-725A) |
TO, GO |
1,151 |
1 |
1,151 |
$69,060 |
FAC-010-2.1, R5 (FERC-725D) |
PA |
80 |
20 |
1,600 |
$96,000 |
FAC-011-2, R5 (FERC-725D) |
RC |
21 |
20 |
420 |
$25,200 |
FAC-013-2, R3 (FERC-725A) |
PC |
80 |
8 |
640 |
$38,400 |
INT-007-1, R1.2 (FERC-725A) |
IA |
56 |
20 |
1,120 |
$67,200 |
IRO-016-1, R2 (FERC-725A) |
RC |
21 |
20 |
420 |
$25,200 |
CIP-003-3, -4, R1.2 (FERC-725B) |
RC, BA, IA, TSP, TO, TOP, GO, GOP,LSE, |
325 |
1 |
325 |
$19,500 |
CIP-003-3, -4, R3, R3.1, R3.2, R3.3 (FERC-725B) |
RC, BA, IA, TSP, TO, TOP, GO, GOP,LSE, |
325 |
1 |
325 |
$19,500 |
CIP-005-3, -4, R2.6 (FERC-725B) |
RC, BA, IA, TSP, TO, TOP, GO, GOP,LSE, |
325 |
4 |
1,300 |
$78,000 |
Total for FERC-725A |
|
|
|
4,667 |
$280,020 |
Total for FERC-725B |
|
|
|
1,950 |
$117,000 |
Total for FERC-725D |
|
|
|
2,020 |
$121,200 |
Grand Total |
|
|
|
8,637 |
$518,220 |
The above chart does not include BAL-005-0.2b, Requirement R2; CIP-003-3, -4, Requirement R4.2, CIP-007-3, -4, Requirement R7.3, FAC-002-1, Requirement R2; PRC-010-0, Requirement R2; PRC-022-1, Requirement R2; and VAR-001-2, Requirement R5 because those requirements were found redundant with other requirements. 15 Since the action required within them is required elsewhere, there is no change in the overall burden in retiring these requirements. Likewise, NUC-001-2, Requirement R9.1; NUC-001-2, Requirement R9.1.1; NUC-001-2, Requirement R9.1.2; NUC-001-2, Requirement R9.1.3; and NUC-001-2, Requirement R9.1.4 are not included because these requirements require that the applicable entities put boiler plate language into their agreements that is normally included in all legal contracts. 16 Since this action will be taken regardless if it is required by a NERC Reliability Standard, there is no reduction in burden.
We are assuming that the removed requirements are only a part of the existing responses for each collection. Hence we are only proposing to remove the burden hours associated with the requirements and not remove any of the responses.
FERC-725A
The following table shows the burden hour impact of the proposed rule in relation to the total inventory for the FERC-725A.
FERC-725A |
Total Request |
Previously Approved |
Change due to Adjustment in Estimate |
Change Due to Agency Discretion |
Annual Number of Responses |
2,370 |
2,370 |
- |
- |
Annual Time Burden (Hr) |
1,824,856 |
1,829,523 |
- |
-4,667 |
Annual Cost Burden ($) |
126,725 |
126,725 |
- |
- |
FERC-725B
The burden reduction is the result of eliminating two requirements in Reliability Standard CIP-003 and one requirement in Reliability Standard CIP-005.
In CIP-003, the Commission proposes to eliminate Requirements R1.2, which states that the cyber security policy must be available to all personnel who work with Critical Cyber Assets. NERC explains that the requirement is administrative in nature and that existing training requirements regarding Critical Cyber Assets render this requirement unnecessary.
Also in CIP-003, the Commission proposes to eliminate Requirement R3, which states that an entity must document any exceptions it has in conforming with its cyber security policy. NERC says that the reliability purposes of CIP-003 are not affected by removing this requirement. The requirement has to do with managing an exception process to internal corporate documentation and not with exceptions to Reliability Standard requirements.
In CIP-005, the Commission proposes to eliminate Requirement R2.6, which states that electronic access control devices shall display an appropriate use banner on the user screen. NERC states that R2.6 is an administrative task that doesn’t support the general purpose of CIP-005. NERC says that the general purpose of CIP-005 is to ensure proper or secure access point configuration and that the appropriate use banner provides little additional protection to Bulk-Power system reliability.
The following table shows the burden hour impact of the proposed rule in relation to the total inventory for the FERC-725B.
FERC-725B |
Total Request |
Previously Approved |
Change due to Adjustment in Estimate |
Change Due to Agency Discretion |
Annual Number of Responses |
1,501 |
1,501 |
- |
- |
Annual Time Burden (Hr) |
848,730 |
850,680 |
- |
-1,950 |
Annual Cost Burden ($) |
5,444 |
5,444 |
- |
- |
FERC-725D
The following table shows the burden hour impact of the proposed rule in relation to the total inventory for the FERC-725D.
FERC-725D |
Total Request |
Previously Approved |
Change due to Adjustment in Estimate |
Change Due to Agency Discretion |
Annual Number of Responses |
470 |
470 |
- |
- |
Annual Time Burden (Hr) |
138,980 |
141,000 |
- |
-2,020 |
Annual Cost Burden ($) |
55,800 |
55,800 |
- |
- |
TIME SCHEDULE FOR PUBLICATION OF DATA
There are no publications of data as part of this collection.
DISPLAY OF EXPIRATION DATE
It is not appropriate to display the expiration date because the information is not collected on a preformatted form or in any format that would allow for such a display.
EXCEPTIONS TO THE CERTIFICATION STATEMENT
The Commission does not use statistical methods for this collection. Therefore the Commission does not certify that the collection uses statistical methods.
1 The Energy Policy Act of 2005, Pub. L. No 109-58, Title XII, Subtitle A, 119 Stat. 594, 941 (2005), codified at 16 U.S.C. 824o (2000).
2 Mandatory Reliability Standards for Critical Infrastructure Protection, Order No. 706, 122 FERC ¶ 61,040, order on reh’g, Order No. 706-A, 123 FERC ¶ 61,174 (2008), order on clarification, Order No. 706-B, 126 FERC ¶ 61,229 (2009), order on clarification, Order No. 706-C, 127 FERC ¶ 61,273 (2009).
3 Version 4 Critical Infrastructure Protection Reliability Standards, Order No. 761, 77 Fed. Reg. 24,594 (April 25, 2012), 139 FERC ¶ 61,058 (2012); order denying reh’g, 140 FERC ¶ 61,109 (2012).
4 The CIP version 5 Implementation Plan, if approved as proposed in the NOPR, would obviate this CIP version 4 schedule.
5 The NERC Petition is available on FERC’s eLibrary system (http://www.ferc.gov/docs-filing/elibrary.asp) by searching in Docket Number RM13-5. The proposed standards are contained in Exhibit A of NERC’s petition.
6 This includes transmission operators, transmission owners, generator owners, planning authorities, reliability coordinators, interchange authorities, balancing authorities, transmission service providers, generator operators, and load serving entities.
7 March 2012 Order at P 81.
8 Id.
9 NERC Petition at 2.
10 Details of the current ERO standard processes are available on the NERC website at http://www.nerc.com/docs/standards/sar/Appendix_3A_Standard_Processes_Manual_20100903_2_.pdf.
11 This is based on an estimate of work done by the Information Clearance team as well as other FERC staff as well as a small non-labor cost related to publishing material in the Federal Register.
12 The estimates for the retired CIP requirements are based on February 28, 2013 registry data in order to provide consistency with burden estimates provided in the Commission’s recent CIP version 5 Notice of Proposed Rulemaking in Docket No. RM13-5-000.
13 This number was calculated by adding all the applicable entities while removing double counting caused by entities registered under multiple functions.
14 The estimated hourly loaded cost (salary plus benefits) for an engineer is assumed to be $60/hour, based on salaries as reported by the Bureau of Labor Statistics (BLS) (http://bls.gov/oes/current/naics2_22.htm). Loaded costs are BLS rates divided by 0.703 and rounded to the nearest dollar (http://www.bls.gov/news.release/ecec.nr0.htm).
15 The reporting requirements in these standards are part of the FERC-725A information collection.
16 The reporting requirements in this standard are part of the FERC-725F (OMB Control No. 1902-0249) information collection. The rule does not implicate the PRA for the paperwork requirements associated with the FERC-725F.
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| File Title | Supporting Statement |
| Author | ferc |
| File Modified | 0000-00-00 |
| File Created | 2021-01-28 |