National Security Inspectorate Sentinel House, 5 Reform Road Maidenhead SL6 8BY Website: nsi.org.uk NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 1 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 Systems Silver management and technical requirements for installers of electronic security systems ICP 1 Issue 10 October 2024 Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 2 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 Contents 1 Documented management system ………………………………………………………………………………………. 3 2 Administration control ……………………………………………………………………………………………………………. 3 3 Sales, quotations & contracts ………………………………………………………………………………………………… 3 3.1 Code of ethics regarding selling and pre-contract stages …………………………………………………………………………. 3 3.2 Quotation ……………………………………………………………………………………………………………………………………………………………… 4 3.3 Contracts ……………………………………………………………………………………………………………………………………………………………….. 4 4 Security screening and personnel identification ………………………………………………………………… 4 4.1 Identity cards………………………………………………………………………………………………………………………………………………………… 5 5 Monitored alarm systems……………………………………………………………………………………………………….. 5 6 Management of false alarms …………………………………………………………………………………………………. 5 7 Complaints ………………………………………………………………………………………………………………………………… 5 8 Training ……………………………………………………………………………………………………………………………………… 6 9 Test equipment care and maintenance ……………………………………………………………………………….. 6 10 Subcontracting …………………………………………………………………………………………………………………………. 6 11 Certificates of Compliance ……………………………………………………………………………………………………… 7 12 Engineering work instructions ……………………………………………………………………………………………….. 7 12.1 General…………………………………………………………………………………………………………………………………………………………………… 8 12.2 Design ……………………………………………………………………………………………………………………………………………………………………. 8 12.3 Installation practices …………………………………………………………………………………………………………………………………………… 8 12.4 Maintenance practices ……………………………………………………………………………………………………………………………………….. 8 13 Technical standards …………………………………………………………………………………………………………………. 8 14 Document control and records ……………………………………………………………………………………………… 9 15 Concessions ……………………………………………………………………………………………………………………………. 10 Appendix A: The concession procedures …………………………………………………………………………………….. 11 A.1 Procedure 1: Self-authorisation by the Approved Company……………………………………………………………………. 11 A.2 Procedure 2: Authorisation endorsed by NSI Systems Silver …………………………………………………………………… 11 A.3 Customer documentation (Procedure 1 and Procedure 2) ………………………………………………………………………. 12 Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 3 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 In this document, material (such as guidelines, information, recommendations, advice) that does not form a mandatory requirement of this code of practice is shown in italics 1 Documented management system Companies holding Systems Silver approval or seeking Systems Silver approval by NSI shall operate to a written Company documented management system covering the topics given in these Management and Technical Requirements. The documented management system shall be so structured that it can be updated easily, as circumstances demand. Applicants should expect that, as part of its appraisal of the Systems Silver application, NSI will wish to review the Company’s documented management system. Similarly, any amendments made by the Company after the date Systems Silver Approval is granted may be reviewed by NSI, for example during a routine inspection visit. Whilst all staff within the Company should be conversant with the whole documented management system, some sections may not be relevant to all staff. For example, engineering work instructions may not need to be issued to office-based staff. 2 Administration control The documented management system shall demonstrate how administration is controlled within the Company, covering such processes as handling enquiries, preparing quotations, planning and controlling installations, planning and controlling maintenance, and covering such aspects as purchasing and stock control, document and data control, filing of correspondence and system information, care of vehicles. There shall be a code of conduct for staff and suitable health and safety policy statements. 3 Sales, quotations & contracts 3.1 Code of ethics regarding selling and pre-contract stages In all cases where your organisation employs or authorises individuals to visit customer premises at a pre-contract stage, must develop and adopt a written code of ethics and good practice for visits to customer premises and the selling of security systems. You must also ensure that this code of ethics and good practice is taught to all relevant individuals and is effectively enforced. You must observe and maintain high standards of fairness and integrity, ensuring that no individual engages in misleading, unfair, or pressurised selling techniques. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 4 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 Any instances of reported issues or breaches of the code of ethics must be investigated and addressed promptly. These incidents must be documented, and corrective actions must be taken where necessary. 3.2 Quotation The content of quotations and system design specifications is compatible with the requirements of the applicable Product Standards, regulatory standards, and NSI Codes of Practice. 3.3 Contracts The Company shall create and approve contracts for the installation and/or maintenance of security systems. Before a contract is entered into, the company shall ascertain by correspondence and/or discussion the prospective customer’s needs, expectations, and patterns of usage of the premises to be protected as outlined in the Standards and NSI codes of practice. Terms and conditions shall be provided for each customer as defined in Appendix C of the System silver approval criteria Each contract shall be supported by and refer to a clear specification for the installation. The specification shall state the relevant Standard to which the security system conforms. For a security system incorporating VSS (CCTV), the specification shall draw attention to the Data Protection Act and to the fact that the customer may have a duty to register the system with the Information Commissioner. Prior to installation commencing, a Company shall either (1) have a signed acceptance of the contract or (2) where oral acceptance has been given, have sent to the customer a written confirmation of that acceptance. In all cases where maintenance service is discontinued, the Company shall immediately inform the customer by writing to him at his last known address. Note: It is a requirement of the NPCC Policy that all security systems requiring a police response shall be maintained in line with the applicable Standard. 4 Security screening and personnel identification The Company shall adhere to and comply with the requirements given in BS 7858 and the NPCC policy, there shall be a documented procedure covering security screening of personnel, including any subcontract personnel. Records of all screening processes shall be maintained on file. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 5 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 4.1 Identity cards All staff coming into contact with customers and their representatives must carry an identity card and have clearly defined procedures to recover identity cards from leavers. Identity cards must, as a minimum, include the following information as per PD6662: a) The name, address and telephone number of the organisation. b) The name of the employee and the employee’s signature. c) The expiry date of the identity card (not more than three years from the date of issue). d) A current photograph of the employee. Depending upon the client base and the type of sites visited, the organisation may also need to consider incorporating additional information on their identity cards; for example, issue numbers. 5 Monitored alarm systems Intruder alarm systems monitored by an alarm receiving centre (ARC) for police response shall comply with the applicable provisions of the relevant Police Force Security Systems Policy. Where a Company contracts to provide monitoring of intruder alarms, it shall use only ARCs that are approved by NSI (or other ARCs recognised by an independent third- party approvals organisation acceptable to NSI and complying with ISO 9001 and BS 5979). 6 Management of false alarms The Company shall adhere to and comply with the recommendations contained in British Standard Code of Practice BS 8473 and there shall be a documented procedure for the management of false alarms complying with the recommendations contained in BS 8473. 7 Complaints You must have a process for the management of complaints. This process must cover all complaints whether they are from customers or from stakeholders including the police and the insurers. This process must also cover situations where we contact you about a complaint made to us about your organisation. The Company shall provide information to each customer on how to avoid false alarms. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 6 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 8 Training You must maintain records for all staff training as evidence of competence, including any subcontract personnel, to demonstrate that appropriate skills have been gained by those undertaking tasks. This should include Design, installation, commissioning, handover and Maintenance of all systems that they work on. Specific skills required by office or administration staff shall also be included. You must ensure these persons are competent based on appropriate education, training and experience. Where applicable, you must take actions to enable people to acquire the necessary competence and you must evaluate the effectiveness of the actions taken. The fact that someone receives training does not guarantee they will be competent in carrying out their duties and therefore there has to be a system for confirming competency. We suggest you should consider a probationary period for all new people and review their competency formally before granting confirmed employment. The objective here is to identify and address any areas where competency is not immediately indicated and which could indicate a need for further training/development. Thereafter, you should have a process for verifying ongoing competency which could include feedback from internal and external audits, formal staff appraisal/evaluation and so on. 9 Test equipment care and maintenance The Company shall take reasonable and appropriate steps to ensure that essential test equipment is functional and gives indication which is accurate within appropriate tolerances. Procedures for achieving this shall be documented as part of the documented management system. 10 Subcontracting Installation, commissioning and servicing of security systems shall be undertaken with competency by at least one trained and experienced technician, who may also be the proprietor or a director of the Company. Where subcontractors are used for installation and/or maintenance of security systems, they shall be security screened in accordance with the Systems Silver Approval Criteria and these Management and Technical Requirements. Records of work carried out shall be maintained. There shall be a written agreement between the Company and the subcontractor covering confidentiality of information, training and assignment to agreed tasks. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 7 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 ** Surveying, designing, specifying, and pre-contract negotiations These tasks (on site) are restricted to the staff personnel (proprietors, directors and PAYE employees) of the Systems Silver approved company (or of some other Systems Silver approved company). (For the purposes of this requirement, “site” means the location or premises supervised (or to be supervised) by the security system (or proposed security system), or other location or premises occupied by the customer or prospective customer). ** Installing The Company is allowed to use subcontract personnel, provided that final inspection and handover to the customer are carried out by a member of staff (proprietors, directors and PAYE employees) of the Systems Silver approved company (or of some other Systems Silver approved company), or by an established and long-standing subcontract person having knowledge and experience of the Company’s standards, procedures, practices etc., and whose work is routinely subject to documented internal audit by the Company. ** Maintenance The Company is allowed to use any suitable subcontract person for carrying out maintenance activities provided that he or she is an established and long- standing subcontract person having knowledge and experience of the Company’s standards, procedures, practices, etc., and whose work is routinely subject to documented internal audit by the Company. 11 Certificates of Compliance Systems Silver Certificates of Compliance shall be issued in accordance with Regulation 10 of the Regulations for NSI approval applicable to the Systems Silver Service. 12 Engineering work instructions Engineering work instructions shall document how personnel used by the Company are to undertake design, installation, testing and maintenance of all applicable types of security system installations for which approval is required, i.e. intruder alarms, CCTV and access control systems. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 8 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 12.1 General The purpose of the work instructions is to provide guidance, clarification and expansion of the technical requirements and to provide specific instructions which the Company requires personnel to follow. These work instructions do not need to duplicate the technical requirements. 12.2 Design The work instructions relating to design shall provide general guidance in the design and surveying tasks. The work instructions should include a checklist of items which need to be discussed with the customer, e.g. perceived risks, limitations such as pets (intruder alarm) and lighting (CCTV), budgetary limitations etc. and also items which need to be considered when surveying the premises/protected area, e.g. coverage, blind spots etc. A record of any survey carried out shall be kept on file. Note: It is prudent to keep a record of significant aspects of discussions held with the customer covering the customer’s security needs, expectations, patterns of use of the premises, and any criteria or constraints stated by the customer that may affect decisions regarding the design. 12.3 Installation practices The work instructions relating to installation practices shall provide general technical guidance and shall include specific guidance on commissioning, engineering checklists, electrical measurements, objective tests, system handover, completion certificate and system amendments. 12.4 Maintenance practices The work instructions relating to maintenance practices shall provide guidance to engineers carrying out preventative and/or corrective maintenance tasks and shall include specific guidance on the use of engineering checklists, engineering report forms, on-site records and actions to be taken when a call-out is caused by a false alarm activation on a signalled intruder alarm. 13 Technical standards Except as permitted under Section 15 of these Management and Technical Requirements, all work shall be carried out in compliance with the relevant British and European Standards, BSI Published Documents (PDs) and BSI Drafts for Development (DDs) and Systems Silver Codes of Practice (ICPs and NCPs). Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 9 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 BSI PD 6662 and all the standards called-up by PD 6662 are applicable to intruder and hold-up alarm systems and the requirements and the recommendations contained in them shall be adhered to and complied with. PD 6662 and the “system standards” listed in the PD need to be obtained. However, of the four standards in the BS EN 50136-1-X series, only BS EN 50136-1-1 and those which relate to the individual Company’s activities need to be obtained. The Company should produce and use for each class of security system: a) Commissioning checklists that list the checks and tests required to be carried out during the commissioning of an installation to ensure compliance with the appropriate technical requirements. b) Electrical measurement and objective test record sheets that list the measurements and objective tests required by the appropriate technical standard. c) Preventative maintenance checklists that list the tests and checks required to be carried out as part of preventative maintenance in order to be satisfied that the system is still meeting the appropriate technical requirement. d) Engineering report forms to record details of any corrective maintenance or miscellaneous work carried out, times of arrival and departure, any outstanding work and details of any parts of the system disconnected or temporarily repaired. The customer shall be asked to authorise, by signature, any agreed amendments made to the security system. These changes shall be included as an updated As Fitted Document (System Record), describing the “as installed” specification of the security system. At the end of the handover, the customer shall be asked to sign a completion certificate confirming that he or she accepts the security system; that its operation has been demonstrated to him or her; and that security codes or keys for the system, written operating instructions, and a system log book have been provided to him or her. 14 Document control and records The Company shall ensure that the documented management system, the engineering work instructions and all the customer’s contractual documents, e.g. specification etc. are authorised and subject to amendment controls. Amended documents shall be clearly identified so that it can be identified that authorised changes have been made. Records of contractual documents and of work carried out (including checklists and test records) shall be kept for a period as specified in the appropriate Technical Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 10 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 Standard or where such a period is not specified then for a period of two years after a contract has been terminated. 15 Concessions “Limited Systems Silver Approval” shall mean Systems Silver approval together with any limited, or restricted, or conditional, or provisional, or probationary, or interim form of Systems Silver approval, the terms and nature of the limitation, restriction, provision or other conditions (whether being as to duration of the Systems Silver approval or otherwise) being as the Inspectorate sees fit to impose, and for which the Inspectorate may from time to time designate such name or names or description or descriptions as it sees fit. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 11 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 Appendix A: The concession procedures A.1 Procedure 1: Self-authorisation by the Approved Company 1) Each request for a concession shall be considered individually on a case-by-case basis by a senior manager within the Approved Company (normally by the Executive Manager), and each shall be separately documented. 2) Each concession shall apply only to a single security system, and not to a block or group of systems. 3) The number of concession allowed shall be kept to a minimum, and only a limited number of concession may be authorised. 4) No concession shall be authorised under this Procedure unless there is evidence in writing to the effect that the customer is content for such a concession to be allowed. 5) No concession shall be allowed under this Procedure unless there is evidence in writing to the effect that the customer is his own Insurer, or that the customer’s insurer is aware that such a concession is proposed and is content for such a concession to be allowed. 6) In the case of any security system that is or may be intended to be police-calling, no concession shall be authorised under this Procedure unless the Company has evidence in writing issued by the relevant Police Service to the effect that the relevant Police Service is content for such concession to be allowed. The file relating to the concession must include a photocopy of the letter (or other document) issued by the relevant Police Service evidencing that the relevant Police Service is content for the concession to be allowed. A.2 Procedure 2: Authorisation endorsed by NSI Systems Silver In the cases where it is not practical or not possible for the full provisions of 1 to 5 of Procedure 1 to be satisfied, the Company may approach NSI, giving such information regarding the proposed concession, the reasons for requesting a concession, and regarding the attendant circumstances generally, as NSI may require, and NSI may (notwithstanding that not all the provisions under 1 to 5 of Procedure 1 above have been satisfied) agree that the Company may authorise the concession, which agreement by NSI must be evidenced in writing. Systems Silver management and technical requirements for installers of electronic security systems NSI reference only Document no. ICP 1 Issue no. 10 Issue date October 2024 Page 12 of 12 Document owner Director of Technical Services and Field Operations Document classification PUBLIC (RESTRICTED) © NSI 2024 However, in the case of any security system that is or may be intended to be Police- calling, NSI will not authorise a concession unless the provisions of 6 of Procedure 1 above have been satisfied. Note: NSI is unlikely to agree a concession under this Procedure unless the circumstances are close to the circumstances set out in Procedure 1 above, or are such that NSI is satisfied that overall it would be appropriate for NSI to agree that such a concession may be authorised. A.3 Customer documentation (Procedure 1 and Procedure 2) In all cases where a concession applies, the documentation issued by the Approved Company to the customer shall clearly state that full compliance with the relevant Standards, Codes of Practice or the like has not been achieved, and shall clearly state the nature and extent of the non-compliance, and the Systems Silver Certificate of Compliance relating to the security system installation shall be endorsed to the effect that full compliance has not been achieved, and either giving clear details of the nature and extent of the non-compliance or alternatively giving the identifying reference of documentation upon which such details are recorded.