This PRR documents, in Section 16.11.3, Market Participant Audits of User Security Administrators and Digital Certificates, the requirement that Market Participants generate their own list of USA and Digital Certificate holders for audit purposes and use an automated process to manage (i.e., enroll, renew, revoke, and audit) their Digital Certificates. This PRR also clarifies the language describing the responsibilities of the Market Participant, its USA and ERCOT.
ERCOT has undergone several audits of its Digital Certificate policies and procedures that have suggested improvements to and tightening of those policies and procedures. Specifically, exceptions to the NERC audit regarding Market Participant management and audit of Digital Certificates will be addressed by automating the process for Market Participants to manage their Digital Certificates. That automation will be implemented through PR 60013_01. Furthermore, the NMPIM has deliverables scheduled for December 2007 and January 2008 that are directly dependent on completion of PR60013_01.