Anna M. Wang, Principal Security and Compliance Consultant

Professional Experience

Anna has 29 years of process control system security design, energy and telecom regulatory compliance, audit, asset management, business continuity, data warehousing, change and configuration management, security policy design and development, process control and continuous improvement. She specializes in providing consulting services pertaining to: Compliance program governance, organization and leadership development, NERC 693 Reliability Standard compliance and mock audit, NERC 706 CIP Standard compliance and mock audit, Nuclear Energy Institute (NEI) Cyber Security Controls compliance, NEI 08-09 critical digital asset identification and compliance reporting, International Instrument Users’ Association (WIB) security process control domain security designs, AURORA mitigation, compliance & security awareness and in-depth training.

Credentials

• 16 years of electric and telecom utility security and compliance experience
• Has provided NERC 693 Reliability Standard and 706 CIP Standard compliance support for more than 42 utilities including large investor-owned utilities, cooperatives, municipalities, independent power producers in various NERC regions.
• Has completed extensive audit readiness support including participating in on-site and off-site NERC Readiness Assessment and Audits, TFE Reviews, Mitigation Plan Reviews, and NERC GridEx 2011 Grid Security Exercise.
• Has completed over 50 critical infrastructure security risk and vulnerability assessments in support of generation and transmission security enhancement, configuration and change management projects.
• Extensive experience providing infrastructure design for purpose-built telecom and energy control centers, energy trading floors, and disaster recovery network operating centers in US and internationally.
• Extensive experience providing project design and support for RTO Blackstart studies, AURORA Mitigation, Synchrophasor measurement implementation in the PJM and WECC regions, Smart Grid Security, Substation asset management automation, and Distributed Control System Integrated Factory Acceptance Test (IFAT).
• Extensive experience providing the development and delivery of FERC Standard of Conduct training, Smart Grid Consumer Privacy training, physical and cyber security awareness training, and NERC, Sarbanes-Oxley (SOX), and TL9000, NEBS, and CE compliance training.
• Extensive experience providing the development of business continuity, disaster recovery, as well as pandemic flu plans for major utilities and design drill exercises as well as measurement and evaluation of the plans.
• Extensive experience with GE, Toshiba, Bently, and Emerson DCS and ABB EMS. Served as the technical and market intelligence advisor of an of Industrial Control System vendor in architecting the next generation of Industrial Control Systems security control appliance.
• Developed and managed physical and cyber security programs for electric and telecom utilities as well as academic computing centers.
• Presenter at the January 2011 DistribuTech and May 2011 DHS Industrial Control System JWG Security Programs; presenter at the 2012 IEEE PES Smart Grid Conference in January 2012 and Society of Corporate Compliance and Ethics Utilities & Energy Compliance & Ethics Conference presenter in February 2012 and 2013.
• Participated in the North American Transmission Forum (NATF) performance review of member entities with other industry experts and served as program chair of the Compliance Workshop on Best Practices in 2008. Team Lead of the NATF Compliance Evidence and Documentation Teams. Presented two papers on the development of establishing corporate compliance culture and critical information classification at the September 2009 NATF Compliance Workshop.

Certifications / Education / Training

• Certified Strategic and Competitive Intelligence Professional (SCIP)
• GAGAs for Reliability Auditors, RFC, Dec. 2010.
• Western Electricity Coordinating Council (WECC) VK Auditor Training, September, 2009.
• Dale Carnegie Training. Leadership Training, June 2001.
• Fuld-Gilad-Herring Academy of Competitive Intelligence. Competitive Intelligence Certificate, January 2001.
• The Ohio State University Fisher College of Business, Executive Education. Marketing Certificate, 2000.
• The Ohio State University Fisher College of Business, Executive Education. Management Certificate, 1998.
• University of Illinois at Urbana-Champaign. Master of Sciences in Library and Information Science, October 1982.
• Hong Kong Baptist University. Bachelor of Arts in English, June 1981.

Professional Awards and Recognition

• Recognized by the National Association of Professional Women as Woman of the Year 2011/2012 for dedication and contribution to the compliance profession.
• Instrumental in helping AEP to win the recognition by NERC as an Example of Excellence for industry engagement and the reliability compliance program, 2007.
• American Electric Power (AEP) Chairman’s Key Contributor Award, 2008.
• Applied Innovation Inc. Gold Chip Award for Outstanding Performance, 1997.
• The Ohio State University Office of Research Digital Research Grant Award, 1993.