NOTICE DATE: August 31, 2012
NOTICE TYPE: M-B073112-02 Legal
SHORT DESCRIPTION: 2012 Digital Certificate Audit
INTENDED AUDIENCE: Market Participant USAs
DAY AFFECTED: October 1, 2012
LONG DESCRIPTION: Each Market Participant (MP) in the ERCOT Region is allowed access to ERCOT’s computer systems through the use of Digital Certificates. A Digital Certificate is an electronic file installed
on a programmatic interface or an individual’s assigned computer used to authenticate that the interface or individual is authorized for secure electronic messaging with ERCOT’s computer systems. Digital Certificates expire after a period of one (1) year.
A User Security Administrator (USA) is responsible for managing the MP’s access to ERCOT’s computer systems through Digital Certificates and each MP must, as part of the application for registration with ERCOT, designate an individual employee or authorized
agent as its USA (and optionally a Backup USA).
Additionally, pursuant to ERCOT Protocol §16.12.3 and PUCT Subst. R. §25.361(g), ERCOT is providing your organization with a Digital Certificate Audit Attestation (DCAA) form. The ERCOT Protocols
require that each MP, that holds active Digital Certificates, generate a list of its registered USA and Certificate Holders (the List) for each Data Universal Numbering System Number (DUNS #), including DUNS #s for each Counter-Party (CP), Congestion Revenue
Right Account Holder (CRRAH), Load Serving Entity (LSE), Qualified Scheduling Entity (QSE), Sub-QSE, Resource Entity (RE) and Transmission and/or Distribution Service Provider (TDSP). The List is to be generated through the MPIM Application on the ERCOT MIS.
Each MP must review and audit the List and the manner in which your organization handles Digital Certificates. If you identify discrepancies in the List (e.g. errors, Digital Certificate holders whose names should be removed from the List or people whose names
should be added to the List), you must use the process for managing Digital Certificates as included in the guide “Introduction and Use of MPIM and Digital Certificates” to correct the discrepancies.
At a minimum, you must confirm that:
1.
Your organization, each listed USA and each Digital Certificate holder meet the applicable requirements of ERCOT Protocol §16.12.1(a) and (b);
2.
Each listed USA and Digital Certificate holder is currently employed by or is an authorized agent contracted with your organization;
3.
You have verified that the listed USA is authorized to be the USA;
4.
Each Digital Certificate holder is authorized to retain and use the Digital Certificate; and
5.
Each listed Digital Certificate holder needs the Digital Certificate to perform his or her job functions.
ACTION REQUIRED: Once all corrections/changes have been made to the List,
you are responsible for submitting a signed DCAA form from an officer or an executive with authority to bind your organization. A separate DCAA form should be submitted for each DUNS #. For example, one DCAA should be submitted for each of the following
registrations: CP, CRRAH, LSE, QSE, Sub-QSE, RE and TDSP. This form MUST be submitted to ERCOT no later than October 1, 2012
(see ERCOT Protocol §16.12.3). If your organization cannot comply with the October 1, 2012, deadline, you must contact ERCOT’s External Relations Specialist at
[log in to unmask] to request an extension.
Please send your DCAA form(s) and/or requests for extension by: (i) email to
[log in to unmask]; (ii) fax to 512-225-7079; or (iii) regular mail to ERCOT, Market Participant Registration, 7620 Metro Center Drive, Austin, Texas 78744.
CONTACT: If you have any questions, please contact your ERCOT Account Manager. You may also call the general ERCOT Client Services phone number at (512) 248-3900 or contact ERCOT Client Services via email
at [log in to unmask].
If you are receiving email from an ERCOT distribution list that you no longer wish to receive, please follow this link in order to unsubscribe from this list:
http://lists.ercot.com.
dh