
Compliance Oversight Plan (COP)
COP conveys a tailored compliance monitoring oversight strategy for each registered entity, based on entity specific factors such as compliance history and events, IRA, EIC and other performance factors.
This browser is not supported.
NPCC’s Entity Risk Assessment efforts are comprised of key functions including:
Entity Risk Assessment Resources
Compliance Oversight Plan (COP)
COP conveys a tailored compliance monitoring oversight strategy for each registered entity, based on entity specific factors such as compliance history and events, IRA, EIC and other performance factors.
Inherent Risk Assessments (IRA)
The Inherent Risk Assessment (IRA) is a review of potential risks posed by an individual entity to the reliability of the bulk power system (BPS).
Evaluation of Internal Controls (EIC)
The evaluation of Internal Controls is to focus compliance oversight efforts by recognizing the internal controls as an entity that employs to mitigate risks for specific Reliability Standards and reliability, security & resilience to the BPS.
Internal Compliance Program (ICP)
The Internal Compliance Program describes the entity’s organization, communication and implementation of Compliance obligations and culture. ERA evaluates the ERO ICP questionnaire and informs the audit and enforcement staff of strengths, weaknesses and recommendations.
Presentations, Forms, Examples
This page provides NPCC Compliance Workshop and Webinar Presentations related to Risk Assessment, Controls, Operations and Planning, Cybersecurity, Forms, Better Practices and other Self-help information.
Latest Documents
NPCC GO_GOP Cold Weather Preparedness Assessment Questions.docx
741.6 KB
01/27/2022
26.5 KB
08/25/2021
Inherent Risk Assessment (IRA) Update Template - superseded 2021
25.6 KB
06/01/2021
233.9 KB
02/15/2021
90.3 KB
02/05/2021
NPCC IRA Update Letter - generic
164.2 KB
02/05/2021
144.7 KB
01/14/2021
NERC Compliance Guidance Webpage link(.url)
146.0 bytes
12/30/2020
CMEP Practice Guide - Deference for Implementation Guidance.pdf
192.5 KB
12/30/2020
ERO Compliance Guidance FAQs (sources of Controls Questions)
209.4 KB
12/16/2020
There are no events scheduled
VIEW ALL
Compliance Announcement: Reminder - Certification Review Due to Changes to Control Center Operations
February 21, 2022
NPCC Security Bulletin: CISA Advisory: Schneider Electric Easergy P5 and P3 Hard-coded Credentials and Classic Buffer Overflow Vulnerabilities
March 02, 2022
NPCC Electrical System Map
NPCC Directory
Security Notice
This is a Northeast Power Coordinating Council, Inc. (NPCC) information system. You have no reasonable expectation of privacy regarding communications or data transiting or stored on NPCC’s information system. At any time and for any lawful purpose, NPCC may monitor, intercept, record, and search any communications or data transiting or stored on this information system. At NPCC’s sole discretion, NPCC may disclose pertinent information to the U.S. Government and its authorized representatives to protect the security of critical infrastructure and key resources, ensure information security, or to comply with any applicable law, regulation, legal process, or enforceable governmental request. By continuing, you acknowledge that you understand and consent to the terms and conditions described in this notice. The actual or attempted unauthorized access, use, or modification of this system is strictly prohibited and may subject violators to criminal, civil, and/or administrative action.