Download:
pdf |
pdfEOP-004-2 — Event Reporting
A.
I n t ro d u ct io n
1. Title:
Event Reporting
2. Number:
EOP-004-2
3. Purpose: To improve the reliability of the Bulk Electric System by requiring the reporting
of events by Responsible Entities.
4. Applicability:
4.1.
Functional Entities: For the purpose of the Requirements and the EOP-004
Attachment 1 contained herein, the following functional entities will be collectively
referred to as “Responsible Entity.”
4.1.1. Reliability Coordinator
4.1.2. Balancing Authority
4.1.3. Transmission Owner
4.1.4. Transmission Operator
4.1.5. Generator Owner
4.1.6. Generator Operator
4.1.7. Distribution Provider
5. Effective Dates:
The first day of the first calendar quarter that is six months beyond the date that this
standard is approved by applicable regulatory authorities. In those jurisdictions where
regulatory approval is not required, the standard shall become effective on the first day of
the first calendar quarter that is six months beyond the date this standard is approved by
the NERC Board of Trustees, or as otherwise made effective pursuant to the laws applicable
to such ERO governmental authorities.
6. Background:
NERC established a SAR Team in 2009 to investigate and propose revisions to the CIP-001
and EOP-004 Reliability Standards. The team was asked to consider the following:
1.
2.
3.
4.
CIP-001 could be merged with EOP-004 to eliminate redundancies.
Acts of sabotage have to be reported to the DOE as part of EOP-004.
Specific references to the DOE form need to be eliminated.
EOP-004 had some ‘fill-in-the-blank’ components to eliminate.
1 of 22
�EOP-004-2 — Event Reporting
The development included other improvements to the standards deemed appropriate by
the drafting team, with the consensus of stakeholders, consistent with establishing high
quality, enforceable and technically sufficient Bulk Electric System reliability standards.
The SAR for Project 2009-01, Disturbance and Sabotage Reporting was moved forward for
standard drafting by the NERC Standards Committee in August of 2009. The Disturbance
and Sabotage Reporting Standard Drafting Team (DSR SDT) was formed in late 2009.
The DSR SDT developed a concept paper to solicit stakeholder input regarding the proposed
reporting concepts that the DSR SDT had developed. The posting of the concept paper
sought comments from stakeholders on the “road map” that will be used by the DSR SDT in
updating or revising CIP-001 and EOP-004. The concept paper provided stakeholders the
background information and thought process of the DSR SDT. The DSR SDT has reviewed
the existing standards, the SAR, issues from the NERC issues database and FERC Order 693
Directives in order to determine a prudent course of action with respect to revision of these
standards.
B.
Requirements and Measures
R1. Each Responsible Entity shall have an event reporting Operating Plan in accordance with
EOP-004-2 Attachment 1 that includes the protocol(s) for reporting to the Electric
Reliability Organization and other organizations (e.g., the Regional Entity, company
personnel, the Responsible Entity’s Reliability Coordinator, law enforcement, or
governmental authority). [Violation Risk Factor: Lower] [Time Horizon: Operations
Planning]
M1. Each Responsible Entity will have a dated event reporting Operating Plan that includes,
but is not limited to the protocol(s) and each organization identified to receive an event
report for event types specified in EOP-004-2 Attachment 1 and in accordance with the
entity responsible for reporting.
R2. Each Responsible Entity shall report events per their Operating Plan within 24 hours of
recognition of meeting an event type threshold for reporting or by the end of the next
business day if the event occurs on a weekend (which is recognized to be 4 PM local time
on Friday to 8 AM Monday local time). [Violation Risk Factor: Medium] [Time Horizon:
Operations Assessment]
M2. Each Responsible Entity will have as evidence of reporting an event, copy of the
completed EOP-004-2 Attachment 2 form or a DOE-OE-417 form; and evidence of
submittal (e.g., operator log or other operating documentation, voice recording,
electronic mail message, or confirmation of facsimile) demonstrating the event report was
submitted within 24 hours of recognition of meeting the threshold for reporting or by the
2 of 22
�EOP-004-2 — Event Reporting
end of the next business day if the event occurs on a weekend (which is recognized to be
4 PM local time on Friday to 8 AM Monday local time). (R2)
R3. Each Responsible Entity shall validate all contact information contained in the Operating
Plan pursuant to Requirement R1 each calendar year. [Violation Risk Factor: Medium]
[Time Horizon: Operations Planning]
M3. Each Responsible Entity will have dated records to show that it validated all contact
information contained in the Operating Plan each calendar year. Such evidence may
include, but are not limited to, dated voice recordings and operating logs or other
communication documentation. (R3)
C.
Compliance
1. Compliance Monitoring Process
1.1
Compliance Enforcement Authority
The Regional Entity shall serve as the Compliance Enforcement Authority (CEA)
unless the applicable entity is owned, operated, or controlled by the Regional
Entity. In such cases the ERO or a Regional Entity approved by FERC or other
applicable governmental authority shall serve as the CEA.
1.2
Evidence Retention
The Responsible Entity shall keep data or evidence to show compliance as
identified below unless directed by its Compliance Enforcement Authority to
retain specific evidence for a longer period of time as part of an investigation:
The following evidence retention periods identify the period of time an entity is
required to retain specific evidence to demonstrate compliance. For instances
where the evidence retention period specified below is shorter than the time
since the last audit, the Compliance Enforcement Authority may ask an entity to
provide other evidence to show that it was compliant for the full time period
since the last audit.
•
•
Each Responsible Entity shall retain the current Operating Plan plus each
version issued since the last audit for Requirements R1, and Measure M1.
Each Responsible Entity shall retain evidence of compliance since the last
audit for Requirements R2, R3 and Measure M2, M3.
If a Responsible Entity is found non-compliant, it shall keep information related
to the non-compliance until mitigation is complete and approved or for the
duration specified above, whichever is longer.
The Compliance Enforcement Authority shall keep the last audit records and all
requested and submitted subsequent audit records.
3 of 22
�EOP-004-2 — Event Reporting
1.3
Compliance Monitoring and Enforcement Processes:
Compliance Audit
Self-Certification
Spot Checking
Compliance Investigation
Self-Reporting
Complaint
1.4
Additional Compliance Information
None
4 of 22
�EOP-004-2 — Event Reporting
Table of Compliance Elements
R#
R1
Time
Horizon
Operations
Planning
VRF
Lower
Violation Severity Levels
Lower VSL
Moderate VSL
High VSL
Severe VSL
The Responsible Entity
had an Operating Plan,
but failed to include
one applicable event
type.
The Responsible Entity
had an Operating Plan,
but failed to include
two applicable event
types.
The Responsible Entity
had an Operating Plan,
but failed to include
three applicable event
types.
The Responsible Entity
had an Operating Plan,
but failed to include
four or more
applicable event types.
OR
The Responsible Entity
failed to have an event
reporting Operating
Plan.
5 of 22
�EOP-004-2 — Event Reporting
R#
R2
Time
Horizon
Operations
Assessment
VRF
Violation Severity Levels
Lower VSL
Moderate VSL
High VSL
Severe VSL
The Responsible Entity
submitted an event
report (e.g., written or
verbal) to all required
recipients more than
36 hours but less than
or equal to 48 hours
after meeting an event
threshold for
reporting.
The Responsible Entity
submitted an event
report (e.g., written or
verbal) to all required
recipients more than
48 hours but less than
or equal to 60 hours
after meeting an event
threshold for
reporting.
The Responsible Entity
submitted an event
report (e.g., written or
verbal) to all required
recipients more than
60 hours after meeting
an event threshold for
reporting.
OR
OR
OR
The Responsible Entity
failed to submit an
event report (e.g.,
written or verbal) to
one entity identified in
its event reporting
Operating Plan within
24 hours.
The Responsible Entity
failed to submit an
event report (e.g.,
written or verbal) to
two entities identified
in its event reporting
Operating Plan within
24 hours.
The Responsible Entity
failed to submit an
event report (e.g.,
written or verbal) to
three entities
identified in its event
reporting Operating
Plan within 24 hours.
Medium The Responsible Entity
submitted an event
report (e.g., written or
verbal) to all required
recipients more than
24 hours but less than
or equal to 36 hours
after meeting an event
threshold for
reporting.
OR
The Responsible Entity
failed to submit an
event report (e.g.,
written or verbal) to
four or more entities
identified in its event
reporting Operating
Plan within 24 hours.
OR
The Responsible Entity
failed to submit a
report for an event in
EOP-004 Attachment
1.
6 of 22
�EOP-004-2 — Event Reporting
R#
R3
Time
Horizon
Operations
Planning
VRF
Violation Severity Levels
Lower VSL
Medium The Responsible Entity
validated all contact
information contained
in the Operating Plan
but was late by less
than one calendar
month.
OR
The Responsible Entity
validated 75% but less
than 100% of the
contact information
contained in the
Operating Plan.
D.
Variances
None.
E.
Interpretations
None.
F.
References
Guideline and Technical Basis (attached)
Moderate VSL
High VSL
Severe VSL
The Responsible Entity
validated all contact
information contained
in the Operating Plan
but was late by one
calendar month or
more but less than
two calendar months.
The Responsible Entity
validated all contact
information contained
in the Operating Plan
but was late by two
calendar months or
more but less than
three calendar
months.
The Responsible Entity
validated all contact
information contained
in the Operating Plan
but was late by three
calendar months or
more.
OR
The Responsible Entity
validated 50% and less
than 75% of the
contact information
contained in the
Operating Plan.
OR
The Responsible Entity
validated 25% and less
than 50% of the
contact information
contained in the
Operating Plan.
OR
The Responsible Entity
validated less than
25% of contact
information contained
in the Operating Plan.
7 of 22
�EOP-004-2 — Event Reporting
EOP-004 - Attachment 1: Reportable Events
NOTE: Under certain adverse conditions (e.g. severe weather, multiple events) it may not be possible to report the damage caused
by an event and issue a written Event Report within the timing in the standard. In such cases, the affected Responsible Entity shall
notify parties per Requirement R2 and provide as much information as is available at the time of the notification. Submit reports to
the ERO via one of the following: e-mail: [email protected], Facsimile 404-446-9770 or Voice: 404-446-9780.
Submit EOP-004 Attachment 2 (or DOE-OE-417) pursuant to Requirements R1 and R2.
Event Type
Entity with Reporting
Responsibility
Threshold for Reporting
Damage or destruction of
a Facility
RC, BA, TOP
Damage or destruction of a Facility within its Reliability
Coordinator Area, Balancing Authority Area or Transmission
Operator Area that results in actions to avoid a BES Emergency.
Damage or destruction of
a Facility
BA, TO, TOP, GO, GOP, DP
Damage or destruction of its Facility that results from actual or
suspected intentional human action.
Physical threats to a
Facility
BA, TO, TOP, GO, GOP, DP
Physical threat to its Facility excluding weather or natural disaster
related threats, which has the potential to degrade the normal
operation of the Facility.
OR
Suspicious device or activity at a Facility.
Do not report theft unless it degrades normal operation of a
Facility.
8 of 22
�EOP-004-2 — Event Reporting
Event Type
Entity with Reporting
Responsibility
Threshold for Reporting
Physical threats to a BES
control center
RC, BA, TOP
Physical threat to its BES control center, excluding weather or
natural disaster related threats, which has the potential to
degrade the normal operation of the control center.
OR
Suspicious device or activity at a BES control center.
BES Emergency requiring
public appeal for load
reduction
Initiating entity is responsible for
reporting
Public appeal for load reduction event.
BES Emergency requiring
system-wide voltage
reduction
Initiating entity is responsible for
reporting
System wide voltage reduction of 3% or more.
BES Emergency requiring
manual firm load
shedding
Initiating entity is responsible for
reporting
Manual firm load shedding ≥ 100 MW.
BES Emergency resulting
in automatic firm load
shedding
DP, TOP
Automatic firm load shedding ≥ 100 MW (via automatic
undervoltage or underfrequency load shedding schemes, or
SPS/RAS).
Voltage deviation on a
Facility
TOP
Observed within its area a voltage deviation of ± 10% of nominal
voltage sustained for ≥ 15 continuous minutes.
9 of 22
�EOP-004-2 — Event Reporting
Event Type
Entity with Reporting
Responsibility
Threshold for Reporting
IROL Violation (all
Interconnections) or SOL
Violation for Major WECC
Transfer Paths (WECC
only)
RC
Operate outside the IROL for time greater than IROL Tv (all
Interconnections) or Operate outside the SOL for more than 30
minutes for Major WECC Transfer Paths (WECC only).
Loss of firm load
BA, TOP, DP
Loss of firm load for ≥ 15 Minutes:
≥ 300 MW for entities with previous year’s demand ≥ 3,000
OR
≥ 200 MW for all other entities
System separation
(islanding)
RC, BA, TOP
Each separation resulting in an island ≥ 100 MW
Generation loss
BA, GOP
Total generation loss, within one minute, of :
≥ 2,000 MW for entities in the Eastern or Western
Interconnection
OR
≥ 1,000 MW for entities in the ERCOT or Quebec Interconnection
Complete loss of off-site
power to a nuclear
generating plant (grid
supply)
TO, TOP
Complete loss of off-site power affecting a nuclear generating
station per the Nuclear Plant Interface Requirement
10 of 22
�EOP-004-2 — Event Reporting
Event Type
Entity with Reporting
Responsibility
Threshold for Reporting
Transmission loss
TOP
Unexpected loss within its area, contrary to design, of three or
more BES Elements caused by a common disturbance (excluding
successful automatic reclosing).
Unplanned BES control
center evacuation
RC, BA, TOP
Unplanned evacuation from BES control center facility for 30
continuous minutes or more.
Complete loss of voice
communication capability
RC, BA, TOP
Complete loss of voice communication capability affecting a BES
control center for 30 continuous minutes or more.
Complete loss of
monitoring capability
RC, BA, TOP
Complete loss of monitoring capability affecting a BES control
center for 30 continuous minutes or more such that analysis
capability (i.e., State Estimator or Contingency Analysis) is
rendered inoperable.
11 of 22
�EOP-004-2 — Event Reporting
EOP-004 - Attachment 2: Event Reporting Form
EOP-004 Attachment 2: Event Reporting Form
Use this form to report events. The Electric Reliability Organization will accept the DOE OE-417 form
in lieu of this form if the entity is required to submit an OE-417 report. Submit reports to the ERO via
one of the following: e-mail: [email protected] , Facsimile 404-446-9770 or voice: 404446-9780.
Task
1.
2.
Comments
Entity filing the report include:
Company name:
Name of contact person:
Email address of contact person:
Telephone Number:
Submitted by (name):
Date and Time of recognized event.
Date: (mm/dd/yyyy)
Time: (hh:mm)
Time/Zone:
3.
4.
Did the event originate in your system?
Yes
No
Unknown
Event Identification and Description:
(Check applicable box)
Damage or destruction of a Facility
Physical Threat to a Facility
Physical Threat to a control center
BES Emergency:
public appeal for load reduction
system-wide voltage reduction
manual firm load shedding
automatic firm load shedding
Voltage deviation on a Facility
IROL Violation (all Interconnections) or
SOL Violation for Major WECC Transfer
Paths (WECC only)
Loss of firm load
System separation
Generation loss
Complete loss of off-site power to a
nuclear generating plant (grid supply)
Transmission loss
unplanned control center evacuation
Complete loss of voice communication
capability
Complete loss of monitoring capability
Written description (optional):
12 of 22
�EOP-004-2 — Event Reporting
Guideline and Technical Basis
Distribution Provider Applicability Discussion
The DSR SDT has included Distribution Providers (DP) as an applicable entity under this
standard. The team realizes that not all DPs will own BES Facilities and will not meet the
“Threshold for Reporting” for any event listed in Attachment 1. These DPs will not have any
reports to submit under Requirement R2. However, these DPs will be responsible for meeting
Requirements R1 and R3. The DSR SDT does not intend for these entities to have a detailed
Operating Plan to address events that are not applicable to them. In this instance, the DSR SDT
intends for the DP to have a very simple Operating Plan that includes a statement that there are
no applicable events in Attachment 1 (to meet R1) and that the DP will review the list of events
in Attachment 1 each year (to meet R3). The team does not think this will be a burden on any
entity as the development and annual validation of the Operating Plan should not take more
that 30 minutes on an annual basis. If a DP discovers applicable events during the annual
review, it is expected that the DP will develop a more detailed Operating Plan to comply with
the requirements of the standard.
Multiple Reports for a Single Organization
For entities that have multiple registrations, the DSR SDT intends that these entities will only
have to submit one report for any individual event. For example, if an entity is registered as a
Reliability Coordinator, Balancing Authority and Transmission Operator, the entity would only
submit one report for a particular event rather submitting three reports as each individual
registered entity.
Summary of Key Concepts
The DSR SDT identified the following principles to assist them in developing the standard:
• Develop a single form to report disturbances and events that threaten the reliability of
the Bulk Electric System
• Investigate other opportunities for efficiency, such as development of an electronic
form and possible inclusion of regional reporting requirements
• Establish clear criteria for reporting
• Establish consistent reporting timelines
• Provide clarity around who will receive the information and how it will be used
During the development of concepts, the DSR SDT considered the FERC directive to “further
define sabotage”. There was concern among stakeholders that a definition may be ambiguous
and subject to interpretation. Consequently, the DSR SDT decided to eliminate the term
sabotage from the standard. The team felt that it was almost impossible to determine if an act
or event was sabotage or vandalism without the intervention of law enforcement. The DSR SDT
felt that attempting to define sabotage would result in further ambiguity with respect to
13 of 22
�EOP-004-2 — Event Reporting
reporting events. The term “sabotage” is no longer included in the standard. The events listed
in EOP-004 Attachment 1 were developed to provide guidance for reporting both actual events
as well as events which may have an impact on the Bulk Electric System. The DSR SDT believes
that this is an equally effective and efficient means of addressing the FERC Directive.
The types of events that are required to be reported are contained within EOP-004 Attachment
1. The DSR SDT has coordinated with the NERC Events Analysis Working Group to develop the
list of events that are to be reported under this standard. EOP-004 Attachment 1 pertains to
those actions or events that have impacted the Bulk Electric System. These events were
previously reported under EOP-004-1, CIP-001-1 or the Department of Energy form OE-417.
EOP-004 Attachment 1 covers similar items that may have had an impact on the Bulk Electric
System or has the potential to have an impact and should be reported.
The DSR SDT wishes to make clear that the proposed Standard does not include any real-time
operating notifications for the events listed in EOP-004 Attachment 1. Real-time
communication is achieved is covered in other standards. The proposed standard deals
exclusively with after-the-fact reporting.
Data Gathering
The requirements of EOP-004-1 require that entities “promptly analyze Bulk Electric System
disturbances on its system or facilities” (Requirement R2). The requirements of EOP-004-2
specify that certain types of events are to be reported but do not include provisions to analyze
events. Events reported under EOP-004-2 may trigger further scrutiny by the ERO Events
Analysis Program. If warranted, the Events Analysis Program personnel may request that more
data for certain events be provided by the reporting entity or other entities that may have
experienced the event. Entities are encouraged to become familiar with the Events Analysis
Program and the NERC Rules of Procedure to learn more about with the expectations of the
program.
Law Enforcement Reporting
The reliability objective of EOP-004-2 is to improve the reliability of the Bulk Electric System by
requiring the reporting of events by Responsible Entities. Certain outages, such as those due to
vandalism and terrorism, may not be reasonably preventable. These are the types of events
that should be reported to law enforcement. Entities rely upon law enforcement agencies to
respond to and investigate those events which have the potential to impact a wider area of the
BES. The inclusion of reporting to law enforcement enables and supports reliability principles
such as protection of Bulk Electric System from malicious physical attack. The importance of
BES awareness of the threat around them is essential to the effective operation and planning to
mitigate the potential risk to the BES.
Stakeholders in the Reporting Process
• Industry
14 of 22
�EOP-004-2 — Event Reporting
•
•
•
•
•
•
•
•
•
•
•
NERC (ERO), Regional Entity
FERC
DOE
NRC
DHS – Federal
Homeland Security- State
State Regulators
Local Law Enforcement
State or Provincial Law Enforcement
FBI
Royal Canadian Mounted Police (RCMP)
The above stakeholders have an interest in the timely notification, communication and
response to an incident at a Facility. The stakeholders have various levels of accountability and
have a vested interest in the protection and response to ensure the reliability of the BES.
Present expectations of the industry under CIP-001-1a:
It has been the understanding by industry participants that an occurrence of sabotage has to be
reported to the FBI. The FBI has the jurisdictional requirements to investigate acts of sabotage
and terrorism. The CIP-001-1-1a standard requires a liaison relationship on behalf of the
industry and the FBI or RCMP. These requirements, under the standard, of the industry have
not been clear and have lead to misunderstandings and confusion in the industry as to how to
demonstrate that the liaison is in place and effective. As an example of proof of compliance
with Requirement R4, Responsible Entities have asked FBI Office personnel to provide, on FBI
letterhead, confirmation of the existence of a working relationship to report acts of sabotage,
the number of years the liaison relationship has been in existence, and the validity of the
telephone numbers for the FBI.
Coordination of Local and State Law Enforcement Agencies with the FBI
The Joint Terrorism Task Force (JTTF) came into being with the first task force being established
in 1980. JTTFs are small cells of highly trained, locally based, committed investigators, analysts,
linguists, SWAT experts, and other specialists from dozens of U.S. law enforcement and
intelligence agencies. The JTTF is a multi-agency effort led by the Justice Department and FBI
designed to combine the resources of federal, state, and local law enforcement. Coordination
and communications largely through the interagency National Joint Terrorism Task Force,
working out of FBI Headquarters, which makes sure that information and intelligence flows
freely among the local JTTFs. This information flow can be most beneficial to the industry in
analytical intelligence, incident response and investigation. Historically, the most immediate
response to an industry incident has been local and state law enforcement agencies to
suspected vandalism and criminal damages at industry facilities. Relying upon the JTTF
15 of 22
�EOP-004-2 — Event Reporting
coordination between local, state and FBI law enforcement would be beneficial to effective
communications and the appropriate level of investigative response.
Coordination of Local and Provincial Law Enforcement Agencies with the RCMP
A similar law enforcement coordination hierarchy exists in Canada. Local and Provincial law
enforcement coordinate to investigate suspected acts of vandalism and sabotage. The
Provincial law enforcement agency has a reporting relationship with the Royal Canadian
Mounted Police (RCMP).
A Reporting Process Solution – EOP-004
A proposal discussed with the FBI, FERC Staff, NERC Standards Project Coordinator and the SDT
Chair is reflected in the flowchart below (Reporting Hierarchy for Reportable Events).
Essentially, reporting an event to law enforcement agencies will only require the industry to
notify the state or provincial or local level law enforcement agency. The state or provincial or
local level law enforcement agency will coordinate with law enforcement with jurisdiction to
investigate. If the state or provincial or local level law enforcement agency decides federal
agency law enforcement or the RCMP should respond and investigate, the state or provincial or
local level law enforcement agency will notify and coordinate with the FBI or the RCMP.
16 of 22
�EOP-004-2 — Event Reporting
Example of Reporting Process including Law
Enforcement
Entity Experiencing An Event in Attachment 1
Report to Law Enforcement ?
Refer to Ops Plan for Reporting
NO
YES
Refer to Ops Plan for communicating
Communicate to
to law enforcement
Law
Enforcement
Report Event to ERO,
Reliability Coordinator
Notification Protocol to
State Agency Law
Enforcement
ERO conducts
investigation
*
State Agency Law
Enforcement coordinates
as appropriate with FBI
ERO
Events Analysis
Criminal act
invoking
federal
jurisdiction ?
ERO Reports Applicable
Events to FERC Per Rules
of Procedure
NO
YES
State Agency Law
Enforcement
Investigates
State Agency Law
Enforcement
notifies FBI
FBI Responds and
makes notification
to DHS
*
Canadian entities will follow law enforcement protocols applicable in
their jurisdictions
17 of 22
�EOP-004-2 — Event Reporting
Disturbance and Sabotage Reporting Standard Drafting Team (Project 2009-01) Reporting Concepts
Introduction
The SAR for Project 2009-01, Disturbance and Sabotage Reporting was moved forward for
standard drafting by the NERC Standards Committee in August of 2009. The Disturbance and
Sabotage Reporting Standard Drafting Team (DSR SDT) was formed in late 2009 and has
developed updated standards based on the SAR.
The standards listed under the SAR are:
• CIP-001 — Sabotage Reporting
• EOP-004 — Disturbance Reporting
The changes do not include any real-time operating notifications for the types of events
covered by CIP-001 and EOP-004. The real-time reporting requirements are achieved through
the RCIS and are covered in other standards (e.g. EOP-002-Capacity and Energy Emergencies).
These standards deal exclusively with after-the-fact reporting.
The DSR SDT has consolidated disturbance and sabotage event reporting under a single
standard. These two components and other key concepts are discussed in the following
sections.
Summary of Concepts and Assumptions:
The Standard:
• Requires reporting of “events” that impact or may impact the reliability of the Bulk
Electric System
• Provides clear criteria for reporting
• Includes consistent reporting timelines
• Identifies appropriate applicability, including a reporting hierarchy in the case of
disturbance reporting
• Provides clarity around of who will receive the information
Discussion of Disturbance Reporting
Disturbance reporting requirements existed in the previous version of EOP-004. The current
approved definition of Disturbance from the NERC Glossary of Terms is:
1. An unplanned event that produces an abnormal system condition.
2. Any perturbation to the electric system.
18 of 22
�EOP-004-2 — Event Reporting
3. The unexpected change in ACE that is caused by the sudden failure of generation or
interruption of load.
Disturbance reporting requirements and criteria were in the previous EOP-004 standard and its
attachments. The DSR SDT discussed the reliability needs for disturbance reporting and
developed the list of events that are to be reported under this standard (EOP-004 Attachment
1).
Discussion of Event Reporting
There are situations worthy of reporting because they have the potential to impact reliability.
Event reporting facilitates industry awareness, which allows potentially impacted parties to
prepare for and possibly mitigate any associated reliability risk. It also provides the raw
material, in the case of certain potential reliability threats, to see emerging patterns.
Examples of such events include:
• Bolts removed from transmission line structures
• Train derailment adjacent to a Facility that either could have damaged a Facility directly
or could indirectly damage a Facility (e.g. flammable or toxic cargo that could pose fire
hazard or could cause evacuation of a control center)
• Destruction of Bulk Electric System equipment
What about sabotage?
One thing became clear in the DSR SDT’s discussion concerning sabotage: everyone has a
different definition. The current standard CIP-001 elicited the following response from FERC in
FERC Order 693, paragraph 471 which states in part: “. . . the Commission directs the ERO to
develop the following modifications to the Reliability Standard through the Reliability Standards
development process: (1) further define sabotage and provide guidance as to the triggering
events that would cause an entity to report a sabotage event.”
Often, the underlying reason for an event is unknown or cannot be confirmed. The DSR SDT
believes that by reporting material risks to the Bulk Electric System using the event
categorization in this standard, it will be easier to get the relevant information for mitigation,
awareness, and tracking, while removing the distracting element of motivation.
Certain types of events should be reported to NERC, the Department of Homeland Security
(DHS), the Federal Bureau of Investigation (FBI), and/or Provincial or local law enforcement.
Other types of events may have different reporting requirements. For example, an event that is
related to copper theft may only need to be reported to the local law enforcement authorities.
19 of 22
�EOP-004-2 — Event Reporting
Potential Uses of Reportable Information
Event analysis, correlation of data, and trend identification are a few potential uses for the
information reported under this standard. The standard requires Functional entities to report
the incidents and provide known information at the time of the report. Further data gathering
necessary for event analysis is provided for under the Events Analysis Program and the NERC
Rules of Procedure. Other entities (e.g. – NERC, Law Enforcement, etc) will be responsible for
performing the analyses. The NERC Rules of Procedure (section 800) provide an overview of
the responsibilities of the ERO in regards to analysis and dissemination of information for
reliability. Jurisdictional agencies (which may include DHS, FBI, NERC, RE, FERC, Provincial
Regulators, and DOE) have other duties and responsibilities.
Collection of Reportable Information or “One stop shopping”
The DSR SDT recognizes that some regions require reporting of additional information beyond
what is in EOP-004. The DSR SDT has updated the listing of reportable events in EOP-004
Attachment 1 based on discussions with jurisdictional agencies, NERC, Regional Entities and
stakeholder input. There is a possibility that regional differences still exist.
The reporting required by this standard is intended to meet the uses and purposes of NERC.
The DSR SDT recognizes that other requirements for reporting exist (e.g., DOE-417 reporting),
which may duplicate or overlap the information required by NERC. To the extent that other
reporting is required, the DSR SDT envisions that duplicate entry of information should not be
necessary, and the submission of the alternate report will be acceptable to NERC so long as all
information required by NERC is submitted. For example, if the NERC Report duplicates
information from the DOE form, the DOE report may be sent to the NERC in lieu of entering
that information on the NERC report.
Ra t io n a le :
During development of this standard, text boxes were embedded within the standard to explain
the rationale for various parts of the standard. Upon BOT approval, the text from the rationale
text boxes was moved to this section.
Rationale for R1:
The requirement to have an Operating Plan for reporting specific types of events provides the
entity with a method to have its operating personnel recognize events that affect reliability and
to be able to report them to appropriate parties; e.g., Regional Entities, applicable Reliability
Coordinators, and law enforcement and other jurisdictional agencies when so recognized. In
addition, these event reports are an input to the NERC Events Analysis Program. These other
parties use this information to promote reliability, develop a culture of reliability excellence,
provide industry collaboration and promote a learning organization.
Every Registered Entity that owns or operates elements or devices on the grid has a formal or
informal process, procedure, or steps it takes to gather information regarding what happened
when events occur. This requirement has the Responsible Entity establish documentation on
20 of 22
�EOP-004-2 — Event Reporting
how that procedure, process, or plan is organized. This documentation may be a single
document or a combination of various documents that achieve the reliability objective.
The communication protocol(s) could include a process flowchart, identification of internal and
external personnel or entities to be notified, or a list of personnel by name and their associated
contact information. An existing procedure that meets the requirements of CIP-001-2a may be
included in this Operating Plan along with other processes, procedures or plans to meet this
requirement.
Rationale for R2:
Each Responsible Entity must report and communicate events according to its Operating Plan
based on the information in EOP-004-2 Attachment 1. By implementing the event reporting
Operating Plan the Responsible Entity will assure situational awareness to the Electric Reliability
Organization so that they may develop trends and prepare for a possible next event and
mitigate the current event. This will assure that the BES remains secure and stable by
mitigation actions that the Responsible Entity has within its function. By communicating events
per the Operating Plan, the Responsible Entity will assure that people/agencies are aware of
the current situation and they may prepare to mitigate current and further events.
Rationale for R3:
Requirement 3 calls for the Responsible Entity to validate the contact information contained in
the Operating Plan each calendar year. This requirement helps ensure that the event reporting
Operating Plan is up to date and entities will be able to effectively report events to assure
situational awareness to the Electric Reliability Organization. If an entity experiences an actual
event, communication evidence from the event may be used to show compliance with the
validation requirement for the specific contacts used for the event.
Rationale for EOP-004 Attachment 1:
The DSR SDT used the defined term “Facility” to add clarity for several events listed in
Attachment 1. A Facility is defined as:
“A set of electrical equipment that operates as a single Bulk Electric System Element
(e.g., a line, a generator, a shunt compensator, transformer, etc.)”
The DSR SDT does not intend the use of the term Facility to mean a substation or any other
facility (not a defined term) that one might consider in everyday discussions regarding the grid.
This is intended to mean ONLY a Facility as defined above.
21 of 22
�EOP-004-2 — Event Reporting
Version History
Version
2
Date
Action
Merged CIP-001-2a Sabotage Reporting
and EOP-004-1 Disturbance Reporting
into EOP-004-2 Event Reporting; Retire
CIP-001-2a Sabotage Reporting and
Retired EOP-004-1 Disturbance
Reporting.
November 7,
2012
Adopted by the NERC Board of Trustees
2
2
June 20, 2013
FERC approved
Change Tracking
Revision to entire
standard (Project
2009-01)
22 of 22
�
| File Type | application/octet-stream |
| File Title | NERC |
| File Modified | 0000-00-00 |
| File Created | 0000-00-00 |