MP091 Updating Security Assurance Status

Proposer Gordon Hextall
Lead Analyst SEC Change
Date raised 22/10/2019
StageImplemented
Implementation date 27 February 2020 (February 2020 SEC Release)
Latest update The Change Board approved MP091 on 20 December 2019 for implementation in the February 2020 SEC Release.

What is the issue?

Once a Party completes their Full User Security Assessment (FUSA) the SEC Panel assigns them one of four assurance statuses. Two of these, “Provisionally Approved” and “Deferred”, indicate significant security deficiencies that require substantial remediation, the severity of which are not reflected in the current SEC terminology.

The Security Sub Committee (SSC) believes that the assurance status set should be clear to Parties and accurately reflect the situation. As such it proposes to amend these assurance status as follows:

  • “Provisionally Approved” to “Deferred”; and

  • “Deferred” to “Rejected”.


Additionally, there is no current provision for the SSC to require a Party to undertake a second FUSA. The SEC only allows for updates to the original User Security Assessment Response. The SSC believes it would be more appropriate that where a Party is set a status of “Rejected” a second FUSA is more appropriate than an updated User Security Assessment Response. A second FUSA would provide assurance for all Parties, and the DCC, that the (significant) deficiencies have been addressed.

What is the solution?

MP091 will amend SEC Section G to reflect the new Assurance Statuses and, where a User has a status set as “rejected”, allow the SSC to require a further FUSA be completed.

Who is impacted?

Large Suppliers
Small Suppliers
Electricity Network Parties
Gas Network Parties

What SEC documents are affected?

Section G 'Security'

Timeline

22 Oct 2019
Modification Raised
15 Nov 2019
Modification Report presented to Panel
18 Nov 2019
to
09 Dec 2019
Modification Report Consultation
20 Dec 2019
Modification presented to Change Board
27 Feb 2020
Modification Implementation

Modification documents

MP091 Change Board Vote
23/12/2019
MP091 Modification Report Consultation
18/11/2019
DP091 Problem Statement
22/10/2019
No files
No files
No files
No files
No files

If you believe there is a problem with this modification, please let us know HERE.

Feedback
close slider