Washington (Platts)--4Feb2015/532 pm EST/2232 GMT

The US Department of Energy's Inspector General issued a highly critical report Wednesday faulting the Federal Energy Regulatory Commission's handling of information about potential vulnerabilities of the electric grid.

"Our review revealed that the commission's controls, processes and procedures for protecting non-public information were severely lacking. Specifically, we found that staff inconsistently handled and shared commission-created analyses that identified vulnerability of the nation's electric grid without ensuring that the data was adequately evaluated for sensitivity and classification," said DOE IG Gregory Friedman.

The report focuses on how former FERC Chairman Jon Wellinghoff and FERC staff handled an analysis of the vulnerabilities of the electric grid, which was shared in meetings with industry and officials in Congress and other agencies. In February 2014, the Wall Street Journal cited the FERC analysis in reporting that a coordinated attack on just nine of the 55,000 electric transmission substations in the US would cripple the grid and produce a nationwide blackout.

The IG found that FERC officials failed to have the analysis in question reviewed to determine if it should be classified despite concerns that the information was a matter of national security. The report also said that FERC staff were "not prepared to deal with internally created documents that may have national security implications," while noting confusion between FERC and DOE over responsibilities for classifying FERC-created information.
More broadly, the report found a "culture of reluctance to classify certain nonpublic information" within FERC, DOE and the Department of Homeland Security, given that it would block federal officials from sharing information with industry and working to mitigate threats.

"Thus, in their opinion, the ability to share certain nonpublic information (like the electric grid analysis) with industry outweighed the benefit of classifying certain non-public information. While we agree that sharing information with public-sector utilities is important when attempting to address grid vulnerabilities, we noted that there were mechanisms to permit such exchanges without simply declaring the information to be unclassified," the IG said.

The IG's report recommended that FERC take several actions in response to its findings, including steps to ensure employees are prepared to handle classified information as well as so-called critical energy infrastructure information. In a letter responding to the report dated January 15, FERC Chairman Cheryl LaFleur said that the commission has begun to implement the IG's recommendations.

LaFleur said in a statement Wednesday that the commission has made "substantial progress" toward implementing the report's recommendations and appreciated the IG's efforts on the matter. "We are focused on learning from this experience and improving our processes going forward," she said.

--Bobby McMahon, bobby.mcmahon@platts.com
--Edited by Valarie Jackson, valarie.jackson@platts.com

© 2014 Platts, The McGraw-Hill Companies Inc. All rights reserved.  To subscribe or visit go to:  http://www.platts.com

http://www.platts.com/latest-news/electric-power/washington/us-ferc-criticized-for-handling-of-sensitive-21947721