Security Sub-Committee »

Security Sub-Committee

The Security Sub-Committee (SSC) was established by the SEC Panel to oversee, review and advise on SEC security arrangements.

The SSC meets twice a month. Its objectives are set out in Section G7 of the SEC and include, but are not limited to, the following:

  • Document Development and Maintenance:
    • Development and maintenance of various pieces of Security documentation, including the Security Controls Framework and the Risk Treatment Plan;
  • Security Assurance:
    • At least annually review the Security Obligations and Assurance Arrangements to ensure they remain fit for purpose;
    • Monitoring Devices that are certified by the Commercial Products Assurance Scheme, and ensuring the Scheme remains fit for purpose;
  • Monitoring and Advice:
    • Provide assistance to the DCC and Users in relation to the causes of security incidents and management of any vulnerabilities; and
    • Monitor Anomaly Detection Thresholds and provide opinions on means of detecting Compromises to the DCC.
  • Transitioned duties:
    • The SSC has taken on CPL Removal Monitoring duties and CPA Security Characteristics from the Department for Business Energy & Industry Strategy (BEIS).

The Security Sub-Committee is made up of:

  • 6 Large Suppliers
  • 2 Small Suppliers
  • 2 Network Parties
    (1 Gas, 1 Electricity)
  • 1 Other User
  • 1 Shared Resource Provider
  • 1 TABASC Representative
  • Independent Chair


SSC CPA Issue Resolution Sub-Group (SCIRS):

SCIRS is a sub-group of the SSC, which includes all participants involved in or affected by the CPA process. This includes:

  • SSC members
  • Device Manufacturers
  • NCSC
  • CPA Test Laboratories
  • MAPs
  • Triage Facility Providers

Its purpose is to:

  • Facilitate the CPA evaluation process by providing a working level forum through which SSC, DESNZ and NCSC can work together with key industry partners to review issues arising from or in anticipation of CPA evaluations.
  • To reach a consensus where possible on the application of security controls and the interpretation and implementation of the CPA Security Characteristics and any associated Guidance to facilitate the CPA evaluation process. SCIRS has its own Terms of Reference approved by the SSC.


You can view the current SSC members below, and enquire about our current vacancies here.

Meeting documentation for the Panel and its Sub-Committees can be accessed by visiting the Meeting Calendar page and selecting the applicable meeting calendar entry.