Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
NERC ID: Registered Entity Name
NCR01359 USACE – Mobile District
Reliability Standards Compliance Operations (FERC Order 693) Audit Audit Scope: Report
Compliance Compliance Audit Monitoring Process:
Distribution: Public Version. Confidential Information Has Been Removed, Including Privileged and Critical Energy Infrastructure Information.
Lead Region: SERC Reliability Corporation (SERC)
Dates of Audit: From March 10, 2015 through June 26, 2015
Date of Report: July 2, 2015
Possible Violations None (zero) Identified:
Jurisdiction: United States
Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
Table of Contents I. Executive Summary ...... 3
II. Audit Process ...... 5
Objectives ...... 5
Scope ...... 5
Confidentiality and Conflict of Interest...... 6
Methodology ...... 6
Company Profile ...... 7
Audit Participants ...... 8
III. Audit Findings ...... 9
IV. Areas of Concern and Recommendations ...... 10
V. Compliance Culture ...... 11
Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
I. Executive Summary SERC Reliability Corporation (SERC) conducted an Operations and Planning Compliance Audit of U.S. Army Corps of Engineers (USACE) – Mobile District, NERC ID NCR01359 from March 10, 2015 through June 26, 2015.
At the time of the audit, USACE-Mobile District was registered for the functions of Generator Operator (GOP), Generator Owner (GO), Transmission Operator (TOP), and Transmission Owner (TO).
The audit team evaluated USACE-Mobile District for compliance with 32 requirements in the 2015 NERC Compliance Monitoring and Enforcement Program (CMEP) and the SERC CMEP Implementation Plan. The team assessed compliance with the NERC Reliability Standards for the period of May 4, 2012 through June 26, 2015. USACE-Mobile submitted evidence for the team’s evaluation of compliance with requirements. The team reviewed and evaluated evidence provided to assess compliance with reliability standards applicable to USACE-Mobile District at this time. Based on the evidence provided, no findings were noted for the standards and applicable requirements in scope for this engagement.
The following 20 requirements were determined to be Not Applicable to USACE-Mobile District: • COM-002-2, R2 • EOP-001-2.1b, R2, R3, R4 • EOP-003-2, R8 • EOP-010-1, R3 • FAC-014-2, R2, R5 • MOD-001-1a, R6 • PER-005-1, R3 • PRC-001-1.1, R4, R6 • TOP-002-2.1b, R4, R11, R19 • TOP-004-2, R6 • TOP-006-2, R2 • TOP-008-1, R4 • VAR-001-4, R1, R2
PRC-005-2 R3 and R4 were included in the Audit Detail Letter but these requirements are not applicable until October 1, 2015. Therefore these were determined to be Not Applicable at this time. The audit team discussed the transition to version 2 of the standard with USACE-Mobile District as part of the audit.
The team notified USACE-Mobile District of no Areas of Concern1 and two (2) Recommendations.
PRC-005-1 R2 had a recently closed and verified Mitigation Plan. SERC Enforcement and the Audit Team Lead confirmed the Mitigation Plan was completed and therefore it was not included in the audit. The audit team discussed PRC-005 with USACE-Mobile District to ensure compliance in the future with the new versions that are in the approval process. There were no further open Mitigation Plans; therefore, none were reviewed by the team.
1 Per FERC Guidance Order on Compliance Audits Conducted by the Electric Reliability Organization and Regional Entities, dated January 15, 2009.
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 3 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
The SERC Audit Team Lead certifies that the audit team adhered to all applicable requirements of the NERC Rules of Procedure (ROP) and CMEP.2
2 This statement replaces the Regional Entity Self-Certification process.
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 4 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
II. Audit Process The compliance audit process steps are detailed in the NERC Rules of Procedure, the NERC Compliance Monitoring and Enforcement Program (CMEP), and the SERC CMEP Implementation Plan. The CMEP generally conform to the United States Government Auditing Standards and other generally accepted audit practices.
Objectives All registered entities are subject to compliance assessments with all reliability standards applicable to the functions for which the registered entity is registered3 in the Region(s) performing the assessment. The audit objectives are as follows: • Review compliance with the requirements of reliability standards that are applicable to USACE-Mobile District, based on the functions that USACE-Mobile is registered to perform • Validate compliance with applicable Reliability Standards from the NERC 2015 Implementation Plan list of actively monitored standards, and additional NERC Reliability Standards selected by SERC • Validate compliance with applicable Regional Reliability Standards from the SERC 2015 Implementation Plan list of actively monitored standards, if applicable • Validate evidence of self-reported violations and previous self-certifications • Observe and document USACE-Mobile District’s compliance program and culture • Review the status of open Mitigation Plans
Scope The scope of the compliance audit included the NERC Reliability Standards from the SERC 2015 CMEP Implementation Plan. In addition, this included a review of mitigation plans or remedial action directives that were open during the audit. The standards and requirements in- scope for this audit is illustrated in Table 1 below:
Table 1. Audit Scope Standards Requirement(s) COM-002-2 R1, R2 EOP-001-2.1b R2, R3, R4 EOP-003-2 R8 EOP-004-2 R2 EOP-010-1 R3 FAC-008-3 R6 FAC-014-2 R2, R5 IRO-004-2 R1 MOD-001-1a R6 PER-005-1 R3
3 NERC Rules of Procedure, Appendix 4C, Section 3.1, Compliance Audits.
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 5 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
PRC-001-1.1 R3, R4, R5, R6 PRC-004-2.1a R1 PRC-005-2 R3, R4 TOP-002-2.1b R4, R11, R19 TOP-004-2 R6 TOP-006-2 R2 TOP-008-1 R4 VAR-001-4 R1, R2 VAR-002-3 R1, R2, R3
The team did not expand the scope of the audit beyond what was stated in the notification package
Confidentiality and Conflict of Interest Confidentiality and conflict of interest of the audit team are governed under the SERC Delegation Agreement with NERC, and Section 1500 of the NERC ROP. USACE-Mobile District was informed of SERC’s obligations and responsibilities under the agreement and procedures. The work history for each team member was provided to USACE-Mobile District, which was given an opportunity to object to a team member’s participation on the basis of a possible conflict of interest or the existence of other circumstances that could interfere with a team member’s impartial performance of duties. USACE-Mobile District had not submitted any objections by the stated 15-day objection due date and accepted the team member participants without objection. There were no denials or access limitations placed upon this team by USACE-Mobile District.
Methodology The audit team reviewed the evidence submitted by USACE-Mobile District and assessed compliance with the requirements of the applicable reliability standards. SERC provided USACE-Mobile District with a Request for Information (RFI) prior to commencement of the audit. USACE-Mobile District provided pre-audit evidence at the time requested, or as agreed upon, by SERC. Additional evidence could be submitted until the agreed-upon deadline prior to the exit briefing. After that date, only data or information that was relevant to the content of the report or its finding could be submitted with the agreement of the audit team lead.
The audit team reviewed documentation provided by USACE-Mobile District and requested additional evidence and sought clarification from subject matter experts during the audit. The evidence submitted in the form of policies, procedures, emails, logs, studies, data sheets, etc. were validated, substantiated, and cross-checked for accuracy as appropriate. Where sampling is applicable to a requirement, the sample set was determined by a statistical methodology, along with professional judgment.
The findings were based on the facts and documentation reviewed the team’s knowledge of the bulk electric system (BES), the NERC Reliability Standards, and professional judgment. All findings were developed based upon the consensus of the team.
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 6 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
Company Profile The U.S. Army Corps of Engineers (USACE) has approximately 34,000 dedicated Civilians and Soldiers delivering engineering services to customers in more than 90 countries worldwide. With environmental sustainability as a guiding principle, the disciplined Corps team works diligently to strengthen our Nation’s security by building and maintaining America’s infrastructure and providing military facilities where our service members train, work and live. They are also researching and developing technology for our war fighters while protecting America’s interests abroad by using our engineering expertise to promote stability and improve quality of life.
The Corps dredges America’s waterways to support the movement of critical commodities and providing recreation opportunities at our campgrounds, lakes and marinas and by devising hurricane and storm damage reduction infrastructure, they are reducing risks from disasters.
USACE - Mobile District is one of thirteen Districts in the United States. USACE - Mobile District has more than 1,100 civilian and ten military personnel. USACE - Mobile District's Military Mission covers over 252,000 square miles, stretching 3,800 miles north to south. The District supports the Army, Air Force, NASA and other federal agencies in Tennessee, Mississippi, Alabama, Florida, and Central and South America. This work includes design and construction management for a multitude of different types of facilities such as medical centers, dormitories, aircraft facilities, sewage treatment plants, office complexes and family housing. USACE - Mobile District also provides engineering studies and other technical assistance such as master planning, environmental management and real estate support.
USACE - Mobile District's Civil Works Mission covers 96,000 square miles in Alabama, Florida, Georgia and Mississippi. It includes all river, harbor and flood control works within the drainage basins of six major river systems. Their civil works missions include navigation with four major inland waterways and the intracoastal canal providing over 2,200 miles of navigation, seven deep-water harbors and 21 shallow draft ports. Their management of flood control with over 67 projects that have prevented in excess of $200 million in flood damages over the last ten years. They are one of the largest recreation programs in the Federal government with 27 lakes and 464 recreation and nature areas averaging more than 34.1 million visitors last year and water supply for municipalities, industry and irrigation.
USACE-Mobile District hydroelectric projects are connected to Southern Company Services transmission system. Mobile District’s Hydro projects include:
• Allatoona • Buford • Carters • Jim Woodruff • Jones Bluff (Robert F. Henry) • Millers Ferry • Walter F. George • West Point
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 7 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
Audit Participants Following is a list of all personnel from the SERC Audit team and USACE-Mobile District who were directly involved during the meetings and interviews.
SERC Team Role Title Entity Audit Team Lead Senior Compliance Auditor SERC Staff Team Member Senior Compliance Auditor SERC Staff Team Member Senior Compliance Auditor SERC Staff Team Member Compliance Auditor SERC Staff Team Member Senior Registration and SERC Staff Certification Engineer
USACE-Mobile Participants Title Entity Reliability Compliance Program USACE-Mobile District Manager Reliability Compliance Program USACE-Savannah District Manager Chief Testing Services USACE-Savannah District South Atlantic Division Hydropower USACE-South Atlantic Division Support Assistant Chief Of Operations USACE-Mobile District Chief of Technical Support - USACE-Mobile District Operations Chief, Hydropower Technical USACE-Mobile District Service
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 8 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
III. Audit Findings
Based on the results of this audit, No Findings were determined for the Reliability Standards and applicable requirements in scope for this engagement except for the following 20 requirements that were determined to be Not Applicable to USACE-Mobile District:
• COM-002-2, R2 • EOP-001-2.1b, R2, R3, R4 • EOP-003-2, R8 • EOP-010-1, R3 • FAC-014-2, R2, R5 • MOD-001-1a, R6 • PER-005-1, R3 • PRC-001-1.1, R4, R6 • TOP-002-2.1b, R4, R11, R19 • TOP-004-2, R6 • TOP-006-2, R2 • TOP-008-1, R4 • VAR-001-4, R1, R2
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 9 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
IV. Areas of Concern and Recommendations
There were no Areas of Concern noted by the audit team during the engagement.
The audit team identified and informed USACE-Mobile District of two (2) Recommendations. The specific details of each Recommendation are described below.
1. Keep current on the changes to PRC-005-X as there are several new versions being approved soon. Also stay current with the following MOD and PRC standards:
• PRC-025-1 • MOD-010-0 • MOD-012-0 • MOD-026-1 • MOD-027-1
2. Watch for the upcoming Generator testing, protection, and personnel standards that come into effect soon.
• MOD-025-2 • MOD-032-1 • MOD-033-1 • PER-005-2 • PRC-019-1 • PRC-019-2 • PRC-024-1 • PRC-024-2
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 10 Confidential Information (including Privileged and Critical Energy Infrastructure Information) – Has Been Removed
V. Compliance Culture
The SERC audit team observed USACE-Mobile District’s compliance culture in conjunction with the audit process. This observation was accomplished through a review of responses to the Internal Compliance Survey questionnaire, and additional information that was gathered during the audit engagement and interviews. This included an observation of factors that characterize vigorous and effective compliance programs including: • Active engagement and leadership by senior management • Effective, in-practice preventive measures appropriate to the circumstances of the company • Prompt detection of problems, cessation of misconduct, and reporting of a violation • Remediation of the misconduct
Date of USACE-Mobile Audit: March 10, 2015 through June 26, 2015 Date of Report: July 2, 2015 11