Skip to main content

Federal Energy Regulatory Commission

Jump To:

Open Recommendations (4 total)

Electricity Grid Resilience: Climate Change Is Expected to Have Far-reaching Effects and DOE and FERC Should Take Actions

Show
1 Open Recommendations
Agency Affected Recommendation Status
Federal Energy Regulatory Commission The Chairman of FERC should direct staff to take steps to identify and assess climate related risks to the electricity grid, and plan a response, including identifying actions to address the risks and enhance the resilience of the grid to climate change. (Recommendation 2)
Open – Partially Addressed
FERC agreed with our recommendation and has taken several steps to identify and assess climate-related risks. For example, in June 2021, FERC held a technical conference on climate change that addressed how utilities might assess climate-risks, ways to increase resilience to climate change, improving transmission and generation outage management, and potential changes to mandatory reliability standards. In addition, since the June 2021 technical conference, FERC took several additional steps to identify and address climate change risks to the grid. For example, in June 2023, FERC issued two orders to address challenges in planning for extreme heat and cold weather events. Specifically, FERC issued Order No. 896-Transmission System Planning Performance Requirements for Extreme Weather-which directs NERC to develop a new or modified Reliability Standard no later than December 23, 2024, to address reliability concerns pertaining to transmission system planning for extreme heat and cold weather events that impact the reliable operation of the Bulk-Power System. In the order, FERC noted consensus among panelists at the June 2021 technical conference that planners cannot simply project historical weather patterns forward to effectively forecast the future, since climate change has made the use of historical weather observations no longer representative of future conditions. In addition, FERC issued Order No. 897-One-Time Informational Reports on Extreme Weather Vulnerability Assessments, Climate Change, Extreme Weather, and Electric System Reliability-directing transmission providers to file a one-time informational report on whether and how they conduct extreme weather vulnerability assessments, as well as how they use the results of those assessments to develop risk mitigation measures. Through gathering this information, FERC seeks to address the increasing risks of extreme weather to bulk-power system reliability and jurisdictional rates, and to better understand how transmission providers assess and mitigate those risks. The reports were filed, and FERC staff are currently evaluating the reports. We believe FERC has partially addressed our recommendation. To fully address our recommendation, FERC should identify actions needed to address extreme weather and other climate-related risks.

Natural Gas Exports: Updated Guidance and Regulations Could Improve Facility Permitting Processes

Show
1 Open Recommendations
Agency Affected Recommendation Status
Federal Energy Regulatory Commission FERC should review its current interagency agreements that pertain to its onshore LNG permitting process, and implement any needed updates. FERC's review should include input from cooperating agencies and CEQ. (Recommendation 1)
Open – Partially Addressed
In January 2024, FERC officials stated that FERC had completed a review of the two agreements cited in our report regarding permitting liquefied natural gas (LNG) export facilities. FERC conducted a review in 2022 and found that one of the agreements remained relevant and did not require further updates. With regard to the second agreement, officials stated that FERC is collaborating with the other agencies cited in the agreement to finalize an updated agreement. We believe FERC's actions demonstrate progress toward implementing our recommendation, and we will consider closing the recommendation once FERC has finalized the updated agreement.

Critical Infrastructure Protection: Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid

Show
1 Open Recommendations
Agency Affected Recommendation Status
Federal Energy Regulatory Commission FERC should (1) evaluate the potential risk of a coordinated cyberattack on geographically distributed targets and, (2) based on the results of that evaluation, determine whether to direct NERC to make any changes to the threshold for mandatory compliance with requirements in the full set of cybersecurity standards. (Recommendation 3)
Open – Partially Addressed
FERC agreed with our recommendation and has taken steps to partially address this recommendation. Specifically, in June 2020, FERC issued a Notice of Inquiry seeking comments on whether modifications to the cybersecurity standards would be appropriate to address the potential risk of a coordinated cyberattack on geographically distributed targets. FERC officials told us that the agency completed its review of public comments on the Notice of Inquiry in June 2023. In addition, FERC officials also engaged with NERC on a project that identified the risk posed by an orchestrated coordinated cyberattack against multiple distributed targets that individually would generally be a localized event. The project resulted in an October 2022 whitepaper on low impact criteria that made a variety of recommendations including revising Critical Infrastructure Protection Reliability Standards, developing security guidelines, and continuous monitoring of access attempts. According to FERC officials, NERC is currently working to implement these recommendations and FERC officials remain actively engaged and will assess new or modified Reliability Standards when they are developed and filed by NERC. Further, the Commission issued Order No. 893, Incentives for Advanced Cybersecurity Investment. The Order revises FERC regulations for incentive-based rate treatments to encourage advanced cybersecurity technology and participation in cybersecurity threat information sharing programs in accordance with the Infrastructure Investment and Jobs Act of 2021. For example, for an entity to receive an incentive, the Commission will evaluate whether a voluntary investment in security controls satisfies an objective found in the NIST Cybersecurity Framework and protects against cybersecurity risks for cyber assets that are not currently protected by the Critical Infrastructure Protection Reliability Standards. Although FERC has evaluated the potential risk of a coordinated cyberattack on geographically distributed targets, it has not yet determined whether to direct NERC to make any changes to the threshold for mandatory compliance with requirements in the full set of cybersecurity standards. We will continue to monitor FERC's progress to implement our recommendation.

Critical Infrastructure Protection: Actions Needed to Address Significant Cybersecurity Risks Facing the Electric Grid

Show
1 Open Recommendations
Agency Affected Recommendation Status
Federal Energy Regulatory Commission FERC should consider our assessment and determine whether to direct the North American Electric Reliability Corporation (NERC) to adopt any changes to its cybersecurity standards to ensure those standards more fully address the NIST Cybersecurity framework and address current and projected risks. (Recommendation 2)
Open – Partially Addressed
FERC agreed with our recommendation and has taken steps to partially address this recommendation. Specifically, in June 2020, FERC issued a Notice of Inquiry seeking comments on whether NERC's cybersecurity standards adequately address certain NIST Cybersecurity Framework categories. Although FERC officials told us that the agency completed its review of public comments on the Notice of Inquiry in June 2023, FERC has not provided the results of its assessment or any relevant changes to the cybersecurity standards based on this assessment. We will continue to monitor FERC's progress to implement our recommendation.