• No results found

Risk Management Services

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Risk Management Services"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

Risk Management

Services

GridSME is proud to offer organizations a

variety of risk management services,

including the following:

INPUTS

Reliability Standards

OUTPUTS

Desired Operational/Compliance Performance Control Activities  Policies  Procedures  Processes  Practices 1. Control Environment 2. Risk Assessments 3. Information & Comm. 4. Monitoring

5. Control Activities

RISK ASSESSMENTS

Strategic identification of enterprise risks & latent organizational weaknesses

Health assessment and internal risk control system development

INTERNAL CONTROL

ASSESSMENTS

Strengthening of internal compliance programs to reduce regulatory intrusion

RISK-BASED MOCK

AUDITS

Systematic event causal analysis for identifying and resolving root causes

ROOT CAUSE ANALYSES

1847 Iron Point Rd #140 Folsom, CA 95630

(916) 800-4545

customerservice@gridsme.com www.gridsme.com

(2)

With a focus on risk matrix methodology, GridSME has developed compliance specific risk assessment methods and tools to help organizations define and articulate their most immediate inherent, control, and detection regulatory risks. The goal of this practice is to strategically identify and manage regulatory risks and latent organizational weaknesses invisible to the corporate risk profile. GridSME utilizes specific risk assessment methods to identify regulatory compliance risks, determine risk priorities, and develop plans to manage or eliminate known issues and unacceptable plausible impacts.

 Using our Maturity Assessment Tool, we interview your subject matter experts (SMEs) to identify your organization’s strengths and weaknesses for each of the five components of internal control.

 We perform an Inherent Risk Assessment (IRA) using our IRA Tool, designed around NERC’s criteria for evaluating an entity’s risk to the Bulk Electric System (BES).

 Finally, we provide a roadmap to a future state that includes a higher level of strategic organizational maturity.

Risk Assessments

Comm. & Information

Control Act Monitoring

Control Environment Risk Assessment

Percentage of Maturity Component

Cont ro l Sy stem C ompone nt 77% 73% 45% 38% 31%

Sample diagram of control system component maturity shown above.

LEVEL 1 Reactive Ad Hoc Informal Inconsistent Chaotic LEVEL 2 Managed Repeatable Localized Emerging Isolated LEVEL 3 Structured Standardized Defined Measured Competent LEVEL 4 Adoptive Strategic Disciplined Predictable Aligned LEVEL 5 Optimized Proactive Transforming Agile Adaptive Synthesized

Internal Controls Maturity Level

Business Value Gap

Str at egi c Opti mi zati on

(3)

GridSME focuses on effectively designed and implemented compliance-oriented internal risk controls. Our team has developed compliance specific methods and tools to assist Registered Entities in the development and cataloging of internal risk control frameworks. This process ensures that your organization can better articulate to regulators the health and effectiveness of the organization’s compliance-related control systems.

Internal Control Assessment & Development

GridSME assists organizations in the following areas:

 Utilization of specific compliance-related control assessment tools to assist

clients in assessing, testing, and cataloging existing internal risk control activities.

 Evaluation and testing of internal risk controls for design and operational

effectiveness given inherent risk factors.

 Utilization of the GridSME

Internal Risk Control System (IRCS) scorecard to define the residual risk and control elements that are under or over controlled.

 Development of internal

controls hierarchy , control activities cataloging tools, and corresponding workflow diagrams that articulate the health and effectiveness of the organizational compliance

(4)

GridSME assists organizations in the following areas:

 Testing and assessment of the

organization’s development of documentation to support ERO Inherent Risk Assessments (IRA) and Internal Controls Evaluations (ICE).

 Conducting mock internal control

evaluations that include selected testing of control design, implementation, and effectiveness.

 Utilization of the ICE process

framework currently deployed by the ERO in order to reduce the organization’s ERO audit scope and regulatory risk.

To complement the traditional mock audit approach that ensures your organization is prepared for an actual Electric Reliability Organization (ERO) audit engagement, GridSME utilizes a mock audit methodology that is tailored to the ERO’s new

Risk-Based Compliance

Monitoring approach. The goal is to help organizations articulate their strong internal compliance systems to regulators in order to reduce regulatory intrusion.

Risk-based Mock

Audits

(5)

The focus of the practice includes using industry standard Root Cause Analysis (RCA) methodology and the associated tools to address and eliminate recurring regulatory risk, violations, and audit findings. Additionally, RCA is utilized to increase mitigation plan quality.

Root Cause Analysis

Training describes the phases of investigation for undesirable conditions or problems, and it addresses the attributes and appropriate application for each of the following causal analysis methods and associated tools:

GridSME assists organizations in the following areas:

 Application of the RCA methods and tools to identify and analyze

compliance or reliability issues at the root level, enabling the identification of corrective actions and mitigation that is adequate to prevent reoccurrence.

 Providing expert training on the fundamentals of systematic event causal

analysis for task level employees.

 Event and Causal Factor

Analysis

 Change Analysis  Barrier Analysis  Task Analysis

 Fault Tree Analysis

 Management Oversight and Risk

Tree (MORT)

 Human Performance Evaluation  ERO Cause Coding

Symptom (Obvious)

Underlying Root Cause (Not Obvious)

(6)

If you are interested in obtaining more information about risk-based mock audits, root cause analyses, or Internal Risk Control Systems (IRCS), as well as how they can help your organization better manage regulatory risk while efficiently maintaining compliance, contact GridSME today. Our team will arrange an informational meeting in a format that works best for your organization.

Obtaining Risk Management Services

Consider the return on investment of IRCS...

 Reduce audit preparation resource hours

 Reduce/eliminate violations and penalties

 Reduce organizational risk

 Reduce human drift

 Reduce latent organizational deficiencies

 Improve operating efficiency

 Improve grid reliability

 Increase compliance certainty

 Have smaller compliance engagements

 Reliability and integrity of critical information

 Safeguard assets

 Cost savings, profit, and growth

Reliability Excellence  Best practices &

benchmarking  Engrained behaviors  Compliance margin  Continuous improvement Compliance Excellence  Senior management engagement  Preventive measures  Detection, cessation, reporting  Remediation 1847 Iron Point Rd #140 Folsom, CA 95630 (916) 800-4545 customerservice@gridsme.com www.gridsme.com

(7)

About Earl Shockley

Risk Management Services Team Lead

Earl Shockley is a decisive, action-oriented, senior executive with a unique blend of managerial, regulatory, and technical experience in the electric utility industry. He has focused the previous 8 years on directing business unit start-ups and operational sustainability of the North American Electric Reliability Corporation (NERC) ERO programs.

Earl has over 35 years of industry experience spanning military service and east/west coast power system grid operations. He has achieved greater levels of responsibility and authority during the course of his accomplishments. His leadership was key in the development and deployment of many of the ERO’s key programs, including the following:

 Reliability Risk Management program

 Event Analysis & Cause Code Assignment program

 Bulk Power System Crisis Management program

 Human Performance Fundamentals / Lessons Learned program Earl was instrumental in the shift from the “zero-defect”

compliance and enforcement approach to one that focus-es on a company’s inherent risk and ability to manage re-liability risk with associated internal risk control programs. Earl has also led many NERC analytical and investigative efforts, including the FERC/NERC Inquiry & Investigation of the September 8, 2011, Arizona-California Blackout, the joint FERC/NERC Compliance Investigation of the February 2008 Florida Blackout, and the FERC/NERC in-quiries of the February 2011 Southwest Cold Snap event and October 2011 Northeast Snow Storm event.

References

Download now ( PDF - 7 Page - 2.38 MB )

Related documents

Perit Tariff Guidelines_2014

Periti fees for providing agreed services may be calculated on Lump Sum, Time Charge, or Percentage fee bases, or a combination of these appropriate to the nature

Climacteric fruit ripening: Ethylene-dependent and independent regulation of ripening pathways in melon fruit

Suppression of ethylene production by antisense ACC oxidase RNA in Charentais melon has shown that, while many ripening pathways were regulated by ethylene (synthesis of

CuTauLeaping : a GPU-powered tau-leaping stochastic simulator for massive parallel analyses of biological systems

In order to compare the computational costs of cuTauLeaping with respect to a standard CPU-based implementation of the original tau-leaping algorithm, we carry out different batches

Food security in South Africa : first steps toward a transdisciplinary approach

Thus, as demonstrated by this special section of the journal, the reasons for the persistence of hunger and malnutrition in South Africa are complex and interrelated, spanning

Mental Health Clinicians’ Perceptions of the diagnosis of Bipolar Disorder: A Q-study

Due to the variety of clinicians using these criteria, the diversity of service users receiving a diagnosis, the range of functions of a diagnostic label and this

Understanding Blood Stem Cell Transplantation

leukemia effect occurs when a donor’s mature immune cells come along with the stem cells in the transplant, and these immune cells recognize and attack as “foreign” the cancer

Policy-based abstention in Brazil’s 2002 presidential election

based abstention, and his definition of indifference and the decision-rule followed by citizens differ from the ones adopted in this paper.. Section 3 describes the data

ENGINEERING GRAPHICS (ENGINEERING DRAWING) by P.H.Jain

Please Refer Sample pages of the book.. Draw the projections of following points on the same reference line, keeping the projectors 30 mm apart. Also mention the quadrant in which