National Security Inspectorate Sentinel House, 5 Reform Road Maidenhead SL6 8BY Website: nsi.org.uk Page 1 of 14 © NSI 2018 ARC Gold approval criteria SF 006 – Issue 3 Oct 2018 ARC Gold approval criteria SF 006 – Issue 3 Page 2 of 14 Oct 2018 © NSI 2018 These approval criteria are to be read in conjunction with the NSI Regulations. No company may hold out or claim it meets the ARC Gold approval criteria, save by virtue of holding NSI ARC Gold Approval. ARC Gold approval criteria SF 006 – Issue 3 Page 3 of 14 Oct 2018 © NSI 2018 Contents 1 Scope and introduction ………………………………………………………………………………………………………….. 4 2 Premises …………………………………………………………………………………………………………………………………….. 4 3 Equipment …………………………………………………………………………………………………………………………………. 5 4 Insurances …………………………………………………………………………………………………………………………………. 5 5 Experience of management……………………………………………………………………………………………………. 5 6 Repute of management ………………………………………………………………………………………………………….. 6 7 Finance ………………………………………………………………………………………………………………………………………. 6 8 Twenty-four hour cover ………………………………………………………………………………………………………….. 7 9 Level of trading ………………………………………………………………………………………………………………………… 7 10 Contracts (general) ………………………………………………………………………………………………………………….. 7 11 Monitoring contracts ………………………………………………………………………………………………………………. 7 12 Staff…………………………………………………………………………………………………………………………………………….. 8 13 Security screening of personnel ……………………………………………………………………………………………. 8 14 Management of sub-contracting (outsourcing) …………………………………………………………………. 8 15 Management of complaints …………………………………………………………………………………………………… 8 16 Compliance with statutory and legal requirements …………………………………………………………… 9 17 Compliance with standards, codes of practice and so on ………………………………………………… 9 18 Documented quality management system …………………………………………………………………………. 9 19 British Standards and so on …………………………………………………………………………………………………… 9 20 Police policies ………………………………………………………………………………………………………………………… 13 21 Agreed deviations …………………………………………………………………………………………………………………. 13 ARC Gold approval criteria SF 006 – Issue 3 Page 4 of 14 Oct 2018 © NSI 2018 1 Scope and introduction This document lists the criteria for Alarm Receiving Centre Gold approval, known as NSI ARC Gold approval. The criteria apply to NSI ARC Gold approved companies and to companies applying for NSI ARC Gold approval. Definitions are as stated in the NSI regulations. In this document, paragraphs identified with the word Criterion are criteria for approval. Paragraphs identified with the word Guideline are guidelines for assessing compliance with the stated criteria. Nevertheless, we reserve a right to refuse approval if you do not meet the guidelines or to end your approval if you do not meet the guidelines. 2 Premises Criterion Guideline You must operate from suitable and adequate secure premises. We expect non-residential business / commercial premises. When you apply for approval, you need to show us that you have reasonable security of tenure of the premises (for example, freehold; leasehold with at least three years to run; or a long history of occupying the premises and no reason to expect that you will have to leave). In addition, your ARC must meet and keep to the recommendations given in: • BS 5979: Remote centres receiving signals from fire and security systems – Code of practice, or • BS 8591: Remote centres receiving signals from alarm systems – Code of practice (including the BS EN 50518 series), or • BS EN 50518 series for intruder and hold-up alarms only. The scope of the BS EN 50518 series is under review and is likely to be widened to include other types of alarm and security systems. None ARC Gold approval criteria SF 006 – Issue 3 Page 5 of 14 Oct 2018 © NSI 2018 3 Equipment Criterion Guideline You need to have tools, equipment, alarm systems, test instruments and other facilities such that you are able to operate the ARC in accordance with BS 5979 or BS 8591 (including the BS EN 50518 series) and the other relevant industry standards in criterion number 19. None. 4 Insurances Criterion Guideline You need to hold employer’s liability insurance and public liability insurance. You need to hold products liability insurance extending to wrongful advice and failure to perform. Your insurance cover must be wide enough to cover all of your work and services of receiving, monitoring and processing signals from fire and/or security system installations. The limit of indemnity for any one event and also in total for any one twelve month period of insurance needs to be not less than one million pounds sterling. `Wrongful advice’ and `failure to perform’ are specialised forms of insurance cover not necessarily included in ordinary business policies. We advise you to check the scope and extent of your cover before you apply for approval. Some of your contracts are likely to require you to hold cover for more than one million pounds sterling. 5 Experience of management Criterion Guideline You need to have suitably experienced managers, (known as “qualifying managers”). These are the people within your company who are responsible for the monitoring side of the business and also for the overall business and financial management of the business. This includes being responsible for all the work and service provided by any sub-contractors. At least one of the “qualifying managers” needs to have relevant monitoring and The number of qualifying managers you need will depend on the size of your company and on the nature and extent of the company’s monitoring operations. Sometimes one qualifying manager is enough, if he (she) has the appropriate monitoring and technical experience and also the appropriate business management experience. A qualifying manager is normally expected to have at least three years’ relevant experience in a management or supervisory ARC Gold approval criteria SF 006 – Issue 3 Page 6 of 14 Oct 2018 © NSI 2018 Criterion Guideline technical experience, which needs to include experience of receiving, monitoring and processing signals from fire and/or security system installations. At least one of the “qualifying managers” needs to be a director or senior manager who has relevant business management and commercial experience. capacity in monitoring alarms from electronic security systems (for example intruder and hold-up alarms, CCTV, social alarms) and/or monitoring fire alarms. The experience may have been gained within your company or during previous employment/trading. The experience needs to be of a standard acceptable to us. 6 Repute of management Criterion Guideline The people who manage, control and have principal interests in the ownership of your company must be demonstrably reputable and of good standing. During the application process and at any time subsequent to approval being issued, we may ask specific individuals within your organisation to provide, through completion of NSI personal data forms and / or other methods, relevant personal information, evidence of character and repute, references, guarantors and so on, to our satisfaction. When we are assessing whether a company meets this criterion, we can take into account all the information we have about the people concerned. The mere absence of information against a person is not necessarily enough. We can refuse to approve a company if we are not satisfied that we have the necessary positive evidence of repute and good character. Similarly, if we are not satisfied, we can end approval or set a condition (for example a condition that your approval can only continue if you remove a named individual from office). 7 Finance Criterion Guideline We can withhold approval or end approval if we have reason to believe that: • your company does not have sufficient financial stability to be able to trade; • the financial affairs of your company are not being (or have not been) carried on in a responsible and prudent manner; or • your company is not trading lawfully, meeting its just debts and other financial obligations. We usually get a report from a credit reference agency. We may view public records such as statutory accounts, county court judgments. To help us form a clear picture, we may ask you to send us financial information such as annual accounts, monthly management accounts, forward financial plans (projections). We do not usually grant Gold approval to companies that have been trading for less than two years. However, we can allow an exception if there is evidence of substantial financial backing. ARC Gold approval criteria SF 006 – Issue 3 Page 7 of 14 Oct 2018 © NSI 2018 8 Twenty-four hour cover Criterion Guideline You must provide a monitoring service in accordance with the standards, codes of practice and published documents in criterion number 18. None. 9 Level of trading Criterion Guideline You must maintain a level of trading activity in monitoring intruder and hold-up alarms and/or in monitoring signals from other types of electronic security system (for example CCTV, lone worker devices, after theft systems with vehicle immobilisation for vehicle recovery) and/or in monitoring fire alarms enough for our representatives to assess and examine the standard of work carried-out and the management system applicable. None. 10 Contracts (general) Criterion Guideline You must not try to get customers to accept contract conditions that are un-reasonable. We draw your attention to consumer protection law and good practice. 11 Monitoring contracts Criterion Guideline You need to provide monitoring contracts that are consistent with the relevant industry standards (for example BS 5979 or BS 8591 (including the BS EN 50518 series)) and with the policies of the relevant emergency services (for example Association of Chief Police Officers (ACPO) and Police Scotland, Chief Fire Officers Association (CFOA)). None. ARC Gold approval criteria SF 006 – Issue 3 Page 8 of 14 Oct 2018 © NSI 2018 12 Staff Criterion Guideline You need to have suitably trained and qualified people, sufficient to meet your obligations to your customers and to NSI. Also, as a minimum, your ARC needs to meet the relevant industry standards (for example BS 5979 or BS 8591 (including the BS EN 50518 series)) in relation to such matters as staffing levels and alarm handling performance. None. 13 Security screening of personnel Criterion Guideline You must keep to the recommendations given in BS 7858 — British Standard code of practice for security screening of individuals employed in a security environment. None. 14 Management of sub-contracting (outsourcing) Criterion Guideline You must keep to the requirements for sub- contracting in NSI quality schedule SSQS 102 for the application of BS EN ISO 9001 to ARC Gold approval. None. 15 Management of complaints Criterion Guideline You must keep to the requirements for management of complaints in NSI quality schedule SSQS 102 for the application of BS EN ISO 9001 to ARC Gold approval. None. ARC Gold approval criteria SF 006 – Issue 3 Page 9 of 14 Oct 2018 © NSI 2018 16 Compliance with statutory and legal requirements Criterion Guideline You must keep to statutory and legal requirements that are relevant to the service provided, for example Security Industry Authority (SIA) licensing, Private Security Authority (PSA) licensing and working time regulations. None. 17 Compliance with standards, codes of practice and so on Criterion Guideline You must make sure that all your monitoring of fire and/or security system installations is done to the regulations and approval criteria. This includes any work or other functions or activities that you sub- contract. It also includes work or other functions or activities that you accept as a sub-contractor. None. 18 Documented quality management system Criterion Guideline You must have a documented quality management system to BS EN ISO 9001 and the NSI quality schedule SSQS 102. None. 19 British Standards and so on Criterion Guideline You must keep to the versions of the following standards, codes of practice and published documents that we declare to you from time to time: For intruder and hold-up alarms: • BSI PD 6662: Scheme for the application of European Standards for intruder and hold up alarm systems; None. ARC Gold approval criteria SF 006 – Issue 3 Page 10 of 14 Oct 2018 © NSI 2018 Criterion Guideline • BS 8473: Intruder and hold – up alarms – management of false alarms – code of practice; • NSI NACP 11: Supplementary NACOSS Gold code of practice for the planning, installation and maintenance of intruder alarms. Note: BSI PD 6662 calls up certain other standards and documents as normative. At the time of writing, the standards and documents called up as normative by BSI PD 6662:2010 include BS EN 50131- 1:2006+A1:2009, BS 8243:2010, and several other parts or sections of BS EN 50131, BS EN 50136 and BS 4737. For security fog device/systems: • BS EN 50131-8: Alarm systems – intrusion and hold-up systems – Part 8: security fog device/systems. For detector activated CCTV systems claiming compliance with BS 8418: • BS 8418: Installation and remote monitoring of detector activated CCTV systems – code of practice. Note: BS 8418 calls up as normative BS EN 50132-7: alarm systems – CCTV surveillance systems for use in security applications – Part 7 – application guidelines. For other CCTV systems: • NSI NCP 104: Code of practice for the design, installation and maintenance of CCTV systems. Note: NSI NCP 104 calls up as normative BS EN 50131-7: alarm systems – CCTV surveillance systems for use in security applications – Part 7 – application guidelines. For access control systems: • NSI NCP 109: Code of practice for the design, installation and maintenance of access control systems; ARC Gold approval criteria SF 006 – Issue 3 Page 11 of 14 Oct 2018 © NSI 2018 Criterion Guideline • BS EN 50133 – 1: A larm systems – access control systems for use in security applications – Part 1: system requirements; • BS EN 50133-7: Alarm systems – access control systems for use in security applications – Part 7 – application guidelines. For scaffolding alarm systems: • NSI NCP 115: Code of practice for the design, installation and maintenance of scaffolding alarm systems. You must keep to the versions of the following standards, codes of practice and published documents that we declare to you from time to time: Alarm receiving centres: • BS 5979: Remote centres receiving signals from fire and security systems – code of practice, or • BS 8591: Remote centres receiving signals from alarm systems – code of practice (including the BS EN 50518 series), or • BS EN 50518 series: Monitoring and alarm receiving centre (for intruder and hold-up alarms only). The scope of the BS EN 50518 series is under review and is likely to be widened to include other types of alarm and security systems. • NSI Directive NAD 2: Policy in relation to keyholders. For alarm receiving centres monitoring intruder and hold-up alarms: • BSI PD 6662: scheme for the application of European standards for intruder and hold up alarm systems. • BS 8243: installation and configuration of intruder and hold- up systems designed to generate None. ARC Gold approval criteria SF 006 – Issue 3 Page 12 of 14 Oct 2018 © NSI 2018 Criterion Guideline confirmed alarm conditions – code of practice. • BS 8473: intruder and hold-up alarm systems – management of false alarms – code of practice. • BSI DD 263: intruder and hold-up alarm systems – commissioning, maintenance and remote support – code of practice. For alarm receiving centres (known as remote video response centres or RVRCs) monitoring detector activated CCTV systems claiming compliance with BS 8418: • BS 8418: installation and remote monitoring of detector activated CCTV systems – code of practice. BS 8418 includes normative references to the BS EN 62676 series for video surveillance systems for use in security applications. For alarm receiving centres monitoring CCTV systems claiming compliance with NSI NCP 104: • NCP 104: code of practice for the design, installation and maintenance of CCTV systems. NCP 104 calls up as normative BS EN 50132-7: alarm systems – CCTV surveillance systems for use in security applications – Part 7 – application guidelines. NCP 104 and BS EN 50132-7 contain certain limited provisions relating to the configuration of CCTV control centres. For alarm receiving centres monitoring social alarms: • BSI DD CLC/TS 50134-7: alarm systems – social alarm systems – Part 7: application guidelines. For alarm receiving centres monitoring lone worker devices: ARC Gold approval criteria SF 006 – Issue 3 Page 13 of 14 Oct 2018 © NSI 2018 Criterion Guideline • BS 8484: code of practice for the provision of lone worker device (LWD) services. For centres (known as systems operating centres or SOCs) providing Thatcham “Category 5” monitoring and tracking of after theft systems with vehicle immobilisation for vehicle recovery: • Thatcham: Criteria for systems operating centres monitoring and tracking Category 5 after theft systems with vehicle immobilisation for vehicle recovery. These criteria are issued by The Motor Insurance Repair Research Centre, colloquially known as “Thatcham”. • Home Office Publication No. 14/02: stolen vehicle tracking – ACPO and Home Office guidance to companies on police policy. • DD CEN/TS 15213-5: road transport and traffic telematics – after theft systems for the recovery of stolen vehicles. 20 Police policies You must adhere to the relevant policies and provisions of the emergency services including ACPO, Police Scotland and the individual police forces and the individual fire and rescue services. 21 Agreed deviations ARC Gold approval is based on the approved ARCs (and the monitoring services they provide) meeting the standards, technical codes and published documents identified in these approval criteria. However, we recognise that there are particular circumstances where fully meeting the standards, technical codes and published documents may not be necessary (or may not be practically possible). With this in mind, you are allowed limited use of agreed deviations against the standard, technical code or published document, as explained ARC Gold approval criteria SF 006 – Issue 3 Page 14 of 14 Oct 2018 © NSI 2018 below. Criterion Guideline ARCs and the monitoring services they provide may deviate from the standards, technical codes and published documents if the deviations are limited in nature and extent, provided we have authorised the deviation in writing. You must not apply any deviation unless you have received our agreement in writing. You should expect that we will not agree unless we are satisfied that the circumstances are exceptional and that they justify allowing the deviation. If the proposed deviation directly affects or may directly affect the standard of the monitoring service provided for a security system installation that is or may be intended to be police-calling, we will not agree a deviation unless you satisfy us that you have evidence in writing issued by the relevant police service that the relevant police service is content for such deviation to be allowed. None.