Authors: Dwayne Stradford & Lawrence Fitzgerald | Décembre 15, 2025

Prioritizing risks in the latest Compliance Monitoring and Enforcement Program – Implementation Plan

The NERC Rules of Procedure require the annual development of a Compliance Monitoring and Enforcement Implementation Plan (CMEP-IP). The newly released 2026 CMEP-IP outlines the power system risks that will be prioritized in NERC’s compliance monitoring and audit activities. It also specifies the standards and requirements that will receive heightened focus during 2026 audits. NERC’s 2026 activity will focus on: 

  • Remote connectivity risks 
    • Increased reliance on the telecommunication networks for real time monitoring 
  • Supply chain risks 
    • AI-powered attacks that can disrupt operations and inventory systems 
  • Physical Security 
    • Ballistic damage, vandalism and tampering 
  • Grid transformation 
    • Resource adequacy 
    • Voltage and frequency fluctuations 
    • Interconnection modeling 
  • Facility Ratings 
    • Observation of Facility Ratings based on inaccurate equipment inventories, or ratings not being updated 
  • Extreme Weather response 
    • Challenges due to factors including location, intensity, duration and frequency of extreme weather. 

Each of these topics is examined in detail in the report, along with the specific standards and requirements that will be emphasized in 2026 audit activity. TRC encourages clients to review the report and assess the readiness of their internal NERC compliance programs and subject matter experts to respond to auditor inquiries. 

If you have concerns about your NERC compliance program, TRC’s experts across the relevant technical disciplines are available to help. We can support your organization’s audit readiness for 2026 and the years ahead. 

Related Services

View All Services

About TRC’s NERC Compliance and Security Practices 

TRC’s approach to power system security balances solutions that incorporate appropriate standards, regulatory requirements, best practices and operational goals and budgets. Our work for public and private sector utility clients is a testament to our understanding of NERC compliance related aspects of your business. Our successful application of technology solutions in a constantly evolving business and regulatory landscape will provide you with confidence regarding your power system compliance programs. Our power system security experts help you stay ahead of changing regulatory expectations because they stay engaged with the regulatory process and know how to plan, design and install programs that address your financial, technical and scheduling goals including compliance with changing NERC standards and guidelines as well as industry “best practices” and the latest technology developments. 

This regulatory update is a service to TRC’s utility clients, helping keep you informed of issues that increase your company’s electric compliance risks along with related topics regarding future regulatory developments to help you achieve your company’s business goals.  

Resources

picture_as_pdf_24dp-black NERC Compliance Monitoring and Enforcement Plan – 2026

October 2025

télécharger le fichiersim_card_download_24dp-black
Dwayne-Stradford-e1750340651571
Dwayne Stradford

Dwayne Stradford serves as TRC’s NERC Compliance Director in the Power Division. He is leading and coordinating TRC’s NERC compliance support services with our various power utility clients. He is an accomplished, diverse energy professional with over 30 years of engineering experience regarding real-time transmission operations, short/long term transmission planning, NERC Reliability Compliance Standards (both NERC-CIP and NERC O&P), Transmission Reliability Assurance, utility scale renewables integration, FERC Regulatory/RTO policy, and Project Management. He spent the bulk of his career (close to two decades) working for AEP but has considerable working experience in the electric utility industry as a professional consultant. He has worked with utility clients on transmission and generation related projects in all three interconnections, so he has breadth of regional BES experience throughout the entire country. Please contact Dwayne Stradford for more information.

Larry-Fitzgerald_headshot-rotated-e1764878633691
Lawrence Fitzgerald

Lawrence Fitzgerald is a Certified Protection Professional (CPP) and a Physical Security Professional (PSP) with over 30 years of experience consulting on and resolving security matters across the United States and Canada. He earned a BA from the University of Rhode Island and currently manages various staff for TRC throughout New England. Larry participated in the investigation of the 2001 terrorist attacks involving anthrax in the US mail, and he has assisted colleges and universities as well as public schools address various types of life safety and security issues. He has helped various types of Critical Infrastructure (CI) such as chemical plants, law enforcement agencies, refineries, utilities and transportation systems prepare for a terrorist attack or resolve a specific security issue. Larry co-authored the first three chapters of a 394 page security reference text book entitled “Building Vulnerability Assessments” by CRC Press published in 2009, and has presented numerous times on various topics related to security.