Skip Ribbon Commands
Skip to main content
Inherent Risk Assessment (IRA)

​During an Inherent Risk Assessment (IRA), ReliabilityFirst reviews the potential risks posed by an individual entity to the reliability of the Bulk Power System.  ReliabilityFirst considers factors such as assets, system, geography, interconnectivity, prior compliance history and factors unique to the entity. 

  • The IRA may refine of the scope of an audit to include more, fewer, or different Standards.
  • ReliabilityFirst currently schedules and performs IRAs for each entity based upon the CIP and Operations and Planning audit schedules. 
  • However, this schedule and the IRAs may be revised based on emerging risks, an entity’s performance, or any other changes that may impact the entity’s risk to the Bulk Power System. 
  • After ReliabilityFirst completes an IRA, it establishes an entity-specific Compliance Oversight Plan (COP) which includes the compliance monitoring scope, monitoring interval, and the CMEP monitoring tool(s) (e.g., audit, self-certification). 
  • For entities where ReliabilityFirst has not conducted an IRA, compliance monitoring will be targeted based upon the ERO and Region risks in the Annual CMEP Implementation Plan. 

If you have any questions about the Inherent Risk Assessment, please visit our Contact Us page and direct your question to the Risk Analysis & Mitigation group.