Self Assessment Document (SAD): Qualification Process for SVA Parties, SVA Party Agents and CVA MOAs V9.0

Effective From Date:
Status:SUPERSEDED
Other versions
Download

Balancing and Settlement Code

SELF ASSESSMENT DOCUMENT (SAD)

QUALIFICATION PROCESS FOR SVA PARTIES, SVA PARTY AGENTS, AMVLP AGENTS AND CVA MOAs

Version 9.0

Date23 Februarey 2023

Self Assessment Document (SAD)

1. Reference is made to the Balancing and Settlement Code for the Electricity Industry in Great Britain and in particular, to the definition of “Qualification Document” and Section J.

2. This is Version 9.0 of the Self Assessment Document (SAD).

3. This document is effective from23 Februarey 2023

Intellectual Property Rights, Copyright and Disclaimer

The copyright and other intellectual property rights in this document are vested in Elexon or appear with the consent of the copyright owner. These materials are made available for you for the purposes of your participation in the electricity industry. If you have an interest in the electricity industry, you may view, download, copy, distribute, modify, transmit, publish, sell or create derivative works (in whatever format) from this document or in other cases use for personal academic or other non-commercial purposes. All copyright and other proprietary notices contained in the document must be retained on any copy you make.

All other rights of the copyright owner not expressly dealt with above are reserved.

No representation, warranty or guarantee is made that the information in this document is accurate or complete. While care is taken in the collection and provision of this information, Elexon Limited shall not be liable for any errors, omissions, misstatements or mistakes in any information or damages resulting from the use of this information or action taken in reliance on it.

4. This document has been approved by the Panel.

AMENDMENT RECORD

Version

Date

Description of Changes

Changes Included

Mods/Panel/

Committee Refs

1.0

25/06/20

June 2020 Release

P404 Self-Governance

Panel 301/07

2.0

06/07/20

PAB Update

PAB233/06

3.0

05/11/20

November 2020 Release

P411 Self - Governance

PAB236/11

4.0

11/08/21

PAB Update

PAB244/05

5.0

01/09/21

1 September 2021 Non-Standard Release

P420

Panel 316/05

6.0

30/06/22

30 June Standard Release

P375, P433, P429

Panel 318/06, 312/08, 322/05

7.0

18/07/22

18 July 2022 Non-Standard Release

P436

Panel 325/05

8.0

05/10/2022

05 October Special Release

P425

Panel 329/03

9.0

23/02/23

23 February Standard Release 2023

P376,P419

Panel314/06 ,Ofgem

INTRODUCTION

Scope and Purpose of the Self Assessment Document

The Self Assessment Document is to be completed by an Applicant in accordance with Section J3.3.5.

The Main Users of the Self Assessment Document are:

      1. CVA Meter Operator Agents;

      2. Data Collectors;

      3. Data Aggregators;

      4. Meter Administrators;

      5. Suppliers;

      6. Licensed Distribution System Operators when acting in their capacity as Unmetered Supplies Operators;

      7. Supplier Meter Registration Agents;

      8. Virtual Lead Parties;

      9. Asset Metering Virtual Lead Parties; and

      10. Asset Metering Meter Operator Agents.

Review Procedure and Change Process

For the purposes of BSC Procedure (BSCP) 40 (Change Management) this document is a Category 3 BSC Configurable Item, meaning that it is not subject to the Modification Procedures in Section F (‘Modification Procedures’) of the BSC, or the Change Proposal process described in BSCP40.

The Panel has agreed the following process for the review of and changes to this document:

    • The PAB shall review this document at least every 12 months, and may review this document from time to time as necessary outside the annual review process if there are any relevant changes in circumstances or if requested to do so by BSCCo.

    • In reviewing this document and considering potential changes the PAB shall:

      1. assess whether any amendments to this document may help to reduce risks;

      2. consider that the amendments to this document are more efficient; or

      3. establish that any proposed changes to this document align with emerging risks as identified in the Risk Evaluation Register (RER), the Risk Operating Plan (ROP) and PAB Strategy.

    • The PAB may request assistance from BSCCo e.g. in analysing whether a change is needed.

    • Unless otherwise agreed by the PAB, changes to this document will be drafted by BSCCo.

    • The PAB is not required to consult with Parties on changes to the Qualification Document, however it may choose to do so if it believes appropriate, before approving the changes. If the PAB does determine consultation is appropriate, this consultation shall be for a period no less than 10 Working Days.

    • Following review, the PAB may approve amendments to this document and these will be published as an updated version.

Whilst there is no process provided for BSC Parties to directly propose changes to the Qualification Document, BSCCo will notify the PAB of any significant concerns about the Qualification Document raised with BSCCo in writing by a BSC Party.

Self Assessment Document (SAD)

Guidance for completing the SAD

Qualification process

The SAD embodies the requirements for both Qualification and re-Qualification. Applicants are required to complete the SAD in accordance with BSCP537 ‘Qualification Process for SVA Parties, SVA Party Agents, VLPs, AMVLPs, AMVLP Agents and CVA Meter Operators’ and Section J of the BSC. References and abbreviations used in the SAD are based on BSC definitions, where this is not possible further guidance has been provided in BSCP537 section 1.6 List of Definitions. BSC documents referred to within this SAD are available on the BSCCo website and in all cases the most recent versions should be applied.

Section J of the BSC and BSCP537 explain that the Qualification process will be based on self assessment by Applicants, with limited follow up work to be undertaken by BSCCo rather than an audit of the system development being undertaken. BSCCo, through limited risk based review and, where required, follow up visits, will determine whether an Applicant’s responses to the questions within the SAD adequately support their self assessment conclusions as to whether they have met the Qualification Requirements.

The Qualification process is not designed to identify whether the Applicant will be in full compliance with all of the requirements in the BSC and the Code Subsidiary Documents. The aim is to reduce the risk to Settlement that may be introduced as a result of a new Qualified Person entering the market. The process is designed to indicate whether, in certain key areas identified as high risk, an appropriate standard has been achieved.

The full set of requirements to which the Applicant must adhere on entry and on an ongoing basis is as set out in the BSC and the Code Subsidiary Documents. The guidance provided in this SAD should not be deemed as a comprehensive interpretation of those requirements.

Re-Qualification process

Qualified Party Agents may identify a need to apply for re-Qualification of their Agency Service. This process is required when there is a Material Change to the functionality of a Party Agent’s systems or processes used for the delivery of that service. Examples of possible re-Qualification triggers are outlined in BSCP537. The agent is required to determine which SAD questions should be re-addressed and these questions should be completed afresh in order to reflect the changes to be implemented. Section 1 (Introduction) should be completed in all cases, with particular reference to Section 1.3.

Throughout the SAD the term ‘service’ is used to describe the systems and processes that an Applicant will utilise to fulfil its obligations as a Qualified Person. When answering questions you should consider all aspects of your service that are relevant and that you intend to use in order to fulfil that requirement.

Guidance for completing the SAD (continued)

Completing the SAD

The SAD is split into 20 sections. Sections 1 to 7 are generic and should be responded to in full in respect of all Qualification applications, with the exception of Virtual Lead Parties (VLPs). VLPs are only required to complete Section 1 to 6, but Asset Metering Virtual Lead Parties (AMVLPs) are required to complete Section 1-7. The remaining sections relate to specific services, Applicants should address these as relevant to their application. Each section contains a series of questions, for each of which guidance is provided in order to either provide clarification or to set out the areas the response should address.

When completing the SAD, Applicants should provide sufficient detail for the reader (which could be, for example, the director reviewing the responses prior to sign off, or BSCCo) to be able to evaluate whether the requirements have been addressed without requiring the reader to examine the supporting documentation or to perform additional enquiries. Responses should document not only the activities undertaken to address the requirements but should also document the control procedures, such as authorisation, review or testing processes, which have been performed in order for the Applicant to have assured themselves that the requirements have been met in a satisfactory manner. The responses to questions will depend on the size of the Applicant and the sophistication of the systems involved.

The Applicant should also indicate what evidence is available to support the responses given. This evidence will need to be available to BSCCo should any review take place. This evidence should not be attached to the return but a cross reference to the material should be included in the SAD.

References to ‘systems’ within the SAD do not relate solely to the functionality of computer hardware and software, but extend to the supporting business and operational processes (including manual processes). The term ‘development’ in relation to a system refers to either the development of a new system or to any significant changes or upgrades in respect of a previously Qualified system.

A number of the questions may require the Applicant to seek assistance from a third party developer, where that third party has developed all or part of the service, in order to provide a response. However, in all cases the responses are the responsibility of the Applicant. There may be an overlap in responses given and the Applicant should consider the most appropriate way to co-ordinate their own responses with those of the third party provider,VLPs and AMVLPs, after successfully completing Qualification, will be able to register Secondary BM Units and allocate MSID Pairs to them for use in Settlement. Any Applicant that wants to register Asset Metering Systems and allocate AMSID Pairs to their Secondary BM Units must complete Qualification as an AMVLP.

Suppliers after successfully completing Qualification will Qualify as either a HH Supplier or a NHH Supplier. If a HH Supplier wishes to then operate as a NHH Supplier or vice versa they would then have to complete the Qualification Process (not the re-Qualification process) to act in that different capacity.

Additional guidance on the completion of the SAD can be found in Appendix 1 of this document and further guidance on the Qualification and re-Qualification processes are can be found in the Overview of Qualification document.

Director Sign off page

NAME OF APPLICANT:

Qualified Person:

Except for the matters detailed below (delete if not applicable), having made appropriate enquiries of other directors and officials of the organisation, we confirm that:

1. the BSC Qualification Documentation (SAD) in respect of the above service is true, complete and accurate and not misleading because of any omission or ambiguity or for any other reason; and

2. in our opinion, the arrangements as documented are adequate and appropriate for that service.

Please detail any exception here:

Approved by

___________________________

Print Name

___________________________

Signature

___________________________

Position

______________________________

Date

Note: The SAD should be authorised by a registered Director of the company (verifiable with Companies House, or in the case of a non-UK company a person having an equivalent position) for and on behalf of their company in respect of Qualification issues.

SECTION 1 – INTRODUCTION

Objectives of this section

This section is designed to gather factual information about the Applicant and the service that they have applied to operate.

Guidance for completing this section

This section has been split as follows:

1.1 Generic Section (to be completed in all cases);

1.2 Re-Qualification Application Section (to be completed by those Applicants applying for Re-Qualification); and

1.3 Additional Information.

The final question, in this and every section, is not mandatory and is provided so that Applicants can provide any additional information that they consider to be relevant to their application.

For Supplier Qualification please state clearly which market you wish to operate in: Non Half Hourly, Half Hourly or both. Applicants who are currently operating in a market and who wish to Qualify for the other market will have to Qualify again for the second market they wish to operate in.

1.1 Generic Section

Question

Guidance

Response

Evidence

1.1.1 What is the name of the organisation applying to become a Qualified Person?

The company name should be the statutory entity applying for Qualification (or re-Qualification), as registered with Companies House.

1.1.2 What is the company number of the organisation applying to become a Qualified Person?

The company number refers to the registered company number.

1.1.3 What is (are) the MPID(s) that will be associated with this service?

The process for registering an MPID in MDD is given in BSCP509.

1.1.4 What service is this application for?

Please tick the appropriate box(s).

Descriptions of the service are in BSC Section S.

Qualification

Re-Qualification

NHHDA

NHHDC

HHDA

HHDC

AMHHDC

SMRA

AMMOA

CVA MOA

Meter Administrator

NHH Supplier

HH Supplier

UMSO

VLP

AMVLP

LDSO

NHHDA

NHHDC

HHDA

HHDC

AMHHDC

SMRA

AMMOA

CVA MOA

Meter Administrator

UMSO

1.1.5 What are the contact details for this application?

A key contact will act as the central point of communication for BSCCo in relation to this application.

Key contact name:

Address:

Email address:

Telephone number:

1.1.6 Who are the authorised signatories for the service(s) for Qualification matters?

Qualification-related documentation should be authorised by a registered Director of the company (verifiable with Companies House), for and on behalf of their company in respect of Qualification issues. A sign off sheet has been provided for this purpose (page 4).

1.1.7 What is the background to this application?

Include details of the trigger for this application and a description of the service to be operated.

Provide a simple description or diagram as to how your service will operate and how elements of the service fit together.

Include a description of IT systems that are to be used in the operation of this service. Specify where any of the software used has been centrally developed (e.g. the NHHDA software) or is commonly used by other participants within the industry.

1.1.8 What is your intended scale of operation within the first 3 to 5 years of live operations?

This is the volume of MSIDs, or AMSIDs for Asset Metering, at which you expect to operate in the market. This should correlate to the level of testing which has been performed. For VLP applicants, please state the number of MSID Pair Allocations you expect to operate in the market.

For AMVLP applicants, please state the number of MSID Pair Allocations and the number of AMSID Pair Allocations you expect to operate in the market.

This will provide guidance as to the extent of the operation and the relative risk to Settlement.

Guidance on volume and performance testing is provided in the SAD Additional Guidance document.

1.1.9 Has the system that you intend to operate been developed internally or have you relied on a third party provider?

Please tick the appropriate box and enter the names of any third party developers. Please provide a brief description of the role of each third party developer.

A number of the sections in this SAD include additional questions that should be completed where the Applicant has relied on a third party provider for system development.

Please also provide details of the software/applications you intend to use to operate the services if not already included in your response to 1.1.7.

Internally developed 

Third party developer 

1.1.10 Do you intend to rely on any subcontractors or service providers during the operation of the service and how do you intend to manage the relationship(s)?

Enter all subcontractors or service providers that you intend to rely on in operating the service once Qualified.

Please provide a brief description of the role of each subcontractor or service provider in operating the service on an ongoing basis.

1.1.11 Are you currently a Qualified Person?

If any other services are currently provided by your organisation, please provide details of the market role, Market Participant ID and number of MSIDs currently managed. Please provide the date(s) on which your Qualified status was obtained for these stated role(s).

1.2 Re-Qualification Application Section

Question

Guidance

Response

Evidence

1.2.1 What is the nature of the Material Change to systems and processes which has triggered re-Qualification?

Please give a description of the reason for the application for re-Qualification. Further guidance for re-Qualification triggers is provided in BSCP537 section 3.4

1.2.2 What questions/ sections of the SAD do you propose completing in respect of this application?

Enter a list of all questions that are to be revised in respect of this re-Qualification application.

1.2.3 For any outstanding BSC Audit issues please provide details of your rectification plans.

Please provide an audit issue reference and a description of the rectification plan you have in place.

1.3 Additional information

This section is not mandatory but is provided so the applicant can provide any additional information that they consider to be relevant to their application

Question

Guidance

Response

Evidence

1.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 2 – PROJECT MANAGEMENT

Objectives of this section

To ensure that the Applicant is capable of managing the delivery/implementation of the service in a controlled manner so as to minimise any adverse risk to Settlement, including the impact on other Market Participants.

Guidance for completing this section

It is expected that regardless of the size of the Applicant’s organisation and/or complexity of the development that a level of senior management control would be exercised over the project to ensure that what is delivered by the project meets the organisation’s requirements as well as those of the BSC.

A number of the other sections within the SAD address specific aspects/tasks that the project would undertake, e.g. testing and data migration. This section is aimed at the management control processes that are in place over the entire project, and all of its constituent parts. The section has been split as follows:

2.1 Generic Section (to be completed in all cases);

2.2 Additional questions for a system developed by a third party (to be completed in addition where the Applicant has relied upon a third party for all or part of their system development); and

2.3 Additional Information.

The questions in subsection 2.2 may require the Applicant to seek assistance from the third party in order to provide a response, however in all cases the responses are the responsibility of the Applicant. There may be an overlap in responses given and the Applicant should consider the most appropriate way to co-ordinate their own responses with those of the third party provider.

2.1 Generic Section

Question

Guidance

Response

Evidence

2.1.1 How have you ensured that the development or modification of the service, including systems and processes, has been planned, monitored and controlled properly using a structured project management framework in accordance with Good Industry Practice?

Good Industry Practice should include the following:

(1) The development or modification should have a senior management supporter or ‘sponsor’ and/or an appropriate project board.

(2) The scope, and as appropriate, the deliverables, phases and/or milestones of the project should be clearly defined.

(3) Risks/issues which threaten project timescales, costs or overall success should be identified and planned for.

(4) Formal mechanisms to initiate the project, grant financial approval, instruct relevant parties to proceed, monitor progress and, finally, close the project should exist.

(5) On completion of a project/phase there should be an evaluation of the success of that project/phase.

(6) All documentation relating to the project should be retained, either through a physical central location or a document register.

2.2 Additional Questions for a System developed by a third party

Question

Guidance

Response

Evidence

2.2.1 How have you managed your third party developers during the project?

Where aspects of system development/ modification have been subcontracted to a third party, the Applicant should ensure it has exercised adequate control to ensure the systems developed/modified by the third party are of acceptable quality.

The response should address the following areas:

(1) A defined scope should be agreed between each of the parties.

(2) Clear roles and responsibilities for each of the parties should be set.

(3) Regular checkpoint meetings and progress reporting should be in place.

(4) Formal processes for signing off the delivery of the third party’s activities should be agreed.

2.3 Additional information

Question

Guidance

Response

Evidence

2.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 3 – TESTING

Objectives of this section

To ensure that the testing carried out by the Applicant can be relied upon to check that additional risk does not enter Settlement and that current and future Market Participants are not adversely impacted. To provide assurance that the testing plans and procedures followed (in respect of IT and/or manual processes) are of sufficient rigour to ensure that these risks are adequately addressed.

Guidance for completing this section

The Applicant should be able to demonstrate that they have a comprehensive, documented approach to testing of the systems being developed that is appropriate for the complexity of the system.

In completing the response the Applicant will need to demonstrate that they have satisfied themselves that the BSC requirements have been met and that the Applicant can demonstrate that they understand and can execute all business processes in the defined timescales. Testing should be designed to thoroughly test systems, manual processes, operational staff and local working procedures.

The section has been split as follows:

3.1 Generic Section (to be completed in all cases); and

3.2 Additional questions for a system developed by a third party (to be completed in addition where the Applicant has relied upon a third party for all or part of their system development).

The questions in subsection 3.2 may require the Applicant to seek assistance from the third party in order to provide a response; however, in all cases the responses are the responsibility of the Applicant. There may be an overlap in responses given and the Applicant should consider the most appropriate way to co-ordinate their own responses with those of the third party provider.

3.1 Generic Section

Question

Guidance

Response

Evidence

3.1.1 How have you developed and implemented your test strategy and/or plans to demonstrate that you are able to operate the service?

The response should address the following areas:

(1) A clear approach to testing should be documented. Please provide a brief description of your overall approach to testing.

(2) Responsibilities for each element of the plans should be defined and assigned.

(3) Any risks associated with the plans should be documented and a risk analysis should have been performed. Where any risks identified are to be mitigated by testing this should be made clear.

(4) Success or acceptance criteria should be defined for each stage of testing activity together with an explanation as to how these will be measured.

(5) A policy for the performance of regression testing should be set out (when individual parts of the system fail their test requirements then any link between these and the rest of the system should be re-tested - (this is optional for Simple systems).

3.1.2 How have you demonstrated that these plans have been formally approved?

A project board and/or sponsor and/or senior member of the organisation should have approved all aspects of the test planning and documentation (including where relevant test strategy, test criteria, test specification and data and test schedules) prior to testing taking place. Evidence of the sign off of key documentation should be made available.

3.1.3 How have you determined the extent and coverage of testing that you intend to perform?

The extent and coverage of testing should be set out together with an explanation as to how this has been determined.

Please also detail any procedures or performance monitoring processes in place if/when your intended capacity is exceeded (for Supplier, Virtual Lead Party and Asset Metering Virtual Lead Party applicants only).

3.1.4 What types of testing have you performed to ensure that all aspects of your service have been tested appropriately?

Refer to Appendix 1 for additional information on the requirements for certain aspects of testing. Examples of business processes that require testing are referenced in the service specific sections.

Please note whether or not your testing covers each of the following areas and describe the level of testing carried out in each area:

(1) Unit testing.

(2) System testing.

(3) Factory testing.

(4) Integration testing.

(5) Interface testing between the Applicant and other participants that you might reasonably be expected to interact with.

(6) BSC Compliance (a documented link/audit trail between the BSC requirements identified as relevant to the operation of the service and the testing performed should be maintained, it is anticipated that this will be demonstrated by some form of mapping document showing each requirement and linking this to the system specifications or local working procedures with evidence as to how each has been tested). This is considered to be a key requirement of the Qualification process.

(7) Performance, resilience and capacity testing (including a description as to how testing has demonstrated that the service will be able to perform at the level of activity predicted by your intended maximum scale of operations as detailed in Section 1).

(8) Regression testing.

(9) Business processes or user acceptance testing (a formal acceptance of the systems by the users is considered to be a key criteria for Qualification).

(10) Testing of local working procedures (local working procedures should provide the link between the requirements that have to be complied with and the practical reality of operating the service).

(11) Negative Testing.

(12) Testing scenarios using the SVA Storyboards, including exceptions and smart-meter variations. This is not required for VLP or AMVLP applicants.

(13) Rollback plan (for Re-Qualification applicants only).

(14) Any other types of testing that may have been performed.

For Applications that will include a migration of data from one system to another, section 7 sets out the requirements for data cleansing, migration strategy planning and migration testing.

3.1.5 How have you monitored the progress and results of testing at each stage?

The response should address the following areas:

(1) A formal record should be maintained of the progress of each of the testing activities planned in the test strategy or plans, including a record of actual test results against expected test results in order to determine whether testing is complete.

(2) A formal record should be maintained of each fault, problem or issue encountered during the testing process. Each fault, problem or issue should be given a severity and priority for resolution and tracked to closure/resolution. Evidence should be retained that failed scripts have been followed up and problems resolved.

(3) A formal assessment should be performed at the end of each stage of the testing process in order to determine whether all testing activities are complete.

3.1.6 How have you ensured that all high severity faults, problems and issues identified have been addressed and do you have a plan in place to address any non-high severity faults, which you consider can be addressed at a later stage?

The response should address the following areas:

Reports should be produced on all outstanding faults and issues identifying for each the nature of the fault, severity, steps to be taken to resolve the fault and impact on the organisation’s ability to operate the service.

Evidence to support the response to this question is expected to include an issue log/report.

3.1.7 How are you able to demonstrate that all planned testing has been completed?

Evidence of completion is expected to include a test completion report. Where planned testing has not been completed an explanation as to why this has been the case should be provided within the supporting evidence.

It is anticipated that all high severity faults will have been cleared and this should be confirmed within any test completion report provided.

3.2 Additional Questions for a System developed by a third party

Question

Guidance

Response

Evidence

3.2.1 How have you co-ordinated your test strategy and plans with that of the third party provider and how involved have you been in the development of a test strategy by the third party provider?

The response should address the following areas:

(1) Details of how testing has been divided between the Applicant and the third party provider should be provided. This should indicate how the Applicant has ensured that this provides full coverage of testing.

(2) Evidence should be available that there has been liaison with any external third party provider setting out the testing requirements and evidence that the third party provider will be required to retain in order to demonstrate that the system has been adequately tested.

3.2.2 How have you monitored the progress and results of the testing at each stage?

The response should address the following areas:

(1) A process should be put in place in order to report and monitor the progress and success of the testing performed by the third party. This should include progress meetings, regular reporting, a comparison of actual test results against expectation, reporting of faults or issues identified during testing together with a report on progress to address these problems.

(2) A record of testing and results should have been received and reviewed by the Applicant.

3.2.3 How have you been able to satisfy yourselves that the system provided by the third party meets your expectations?

Please note that as a minimum it would be anticipated that user acceptance testing has been performed by your own organisation.

3.3 Additional Information

Question

Guidance

Response

3.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 4 – OPERATIONAL SECURITY AND CONTROLS

Objectives of this section

To ensure that appropriate controls are in place to maintain the on-going integrity, confidentiality and availability of the data, systems and processes required for the effective operation of the service. The plans in place should ensure the availability of the service in the event that an incident occurs which results in the inability to operate any part of the service, and that these meet the requirements of the BSC and related requirements in the Code Subsidiary Documents for each service.

Guidance for completing this section

The Applicant should be able to demonstrate that they have comprehensive, documented procedures in place to support the ongoing operation and back-up of the service. The section has been split as follows:

4.1 Generic Section (to be completed in all cases).

4.2 Additional questions for a system developed by a third party (to be completed in addition where the Applicant has relied upon a third party for all or part of their system development); and

4.3 Additional Information.

Where the SAD is being completed for re-Qualification purposes, existing Disaster Recovery plans and any contracts with third parties to provide such services should be updated to incorporate all changes to the systems, processes and people supporting the service.

Computer operations or housekeeping’ activities refer to the tasks performed regularly/periodically by the IT data centre staff to ensure the smooth running and availability of IT systems. Examples of such activities include system performance monitoring, capacity monitoring of servers and databases, network traffic monitoring, virus scanning, initiating and monitoring back-ups and batch processes, and the identification and re-starting of failed/timed out processes.

4.1 Generic Section

Question

Guidance

Response

Evidence

4.1.1 How do you ensure that you have appropriate security and control arrangements in place that are reviewed on a regular basis?

The response should address the following areas:

(1) The assignment of accountable owners for the security of business data and/or systems.

(2) Existence of a Security Policy that complies with good industry practice such as ISO27001 and on-going communication and education of this to all staff.

(3) Clear assignment of responsibilities for the review and update of the Security Policy.

(4) Competence and independence from day-to-day operations of the individual(s) responsible for review and update of the Security Policy.

(5) Formal procedures and schedules in place for reviewing the Security Policy and adherence thereto, and reporting findings to Senior Management.

(6) Procedures for resolving issues identified through the above review, updating the Security Policy and communicating the changes to all staff.

4.1.2 How do you ensure the confidentiality of your data?

The response should address the following areas:

(1) Communication of confidentiality requirements to all staff either via a formal policy or within employment contracts.

(2) Formal procedures to update policies / contracts and to communicate changes to all staff as and when they occur.

(3) System controls in place to ensure data confidentiality is applied appropriately where relevant.

4.1.3 What plans does your organisation have in place to address Disaster Recovery of all key data, systems and processes and how will you ensure business continuity considering the people, knowledge resources and office space required to operate the service?

Your answer will need to cover each data centre and key process.

Refer to Appendix 2 for additional guidance on Disaster Recovery and business continuity planning and testing.

The response should address the following areas:

(1) Existence of a Disaster Recovery Plan that complies with good industry practice. This should consider the following key areas:

(a) A comprehensive assessment of the risks facing the service, mitigating actions required to address these risks and the assumptions made in the plan, such as the availability of key staff to implement the plan.

(b) IT infrastructure, i.e. hardware and software, (including the identification of replacement sources of hardware and access to a copy of the latest live version of relevant software).

(c) Surrounding procedures and supporting documentation, (including the invocation procedures in place to initiate the plan, clear assignment of responsibilities to appropriate staff within the plan for invocation).

(d) Supporting services such as telecommunications.

(2) Clear assignment of roles and responsibilities for the ongoing maintenance of the Disaster Recovery plan.

(3) The existence of an alternative location from which to operate the full service.

(4) The plans in place to transfer IT and business staff from the existing site to an alternative location.

(5) Arrangements to bring in additional staff with an adequate level of knowledge to run the service in the event that existing staff are unavailable.

(6) Existence of comprehensive IT and business local working procedures and system documentation and its suitability to be used by new staff unfamiliar with the service.

(7) The back-up of local working procedures, system documentation and training material.

(8) Documentation and back-up of key management reports and information used to monitor the service.

(9) Commitment to the plan by Senior Management, e.g. Director review and sign-off.

4.1.4 How have you tested your Disaster Recovery plans prior to go-live (or for a re-Qualification within the 12 month period prior to your re-Qualification application)?

Refer to Appendix 2 for additional guidance on Disaster Recovery and business continuity planning and testing.

Disaster Recovery and business continuity plans should have been tested, with reasonable results within the 12 month period prior to your application.

4.1.5 How will you ensure that your Disaster Recovery plans continue to be tested on an ongoing basis?

Refer to Appendix 2 for additional guidance on Disaster Recovery and business continuity planning and testing.

The plans should be reviewed, update and tested on an ongoing basis (this should include the establishment of frequency and trigger criteria for updating the plan(s), and demonstration of commitment to test).

4.1.6 How has your business taken steps to ensure appropriate physical security and control procedures are in place to prevent unauthorised / inappropriate access to services and the supporting infrastructure?

The response should address the following areas:

(1) Service premises should be physically secure, with full supervision over visitors.

(2) Location of key server hardware in a physically secure location or data centre that has appropriate environmental controls in place.

(3) Access restricted to only key personnel needing to perform essential support activities.

(4) Regular review of the employees permitted physical access to key server hardware.

(5) Visitors requiring data centre or server room access (e.g. contractors) should be fully supervised and a record of their access retained.

(6) ‘Desktop’ workstations only held in physically secure locations.

(7) Review of the security of any remote working performed outside of business premises.

4.1.7 How has your business taken steps to ensure appropriate application security and control procedures have been developed with respect to your service to guard against unauthorised logical access to data and programs?

The response should address the following areas:

Application level security controls in place over the service including:

(1) Formal procedures in place for authorising the set up of application-level user access.

(2) Provision of individual user IDs/profiles and passwords for application-level access only (multiple concurrent logons and generic user IDs should be prohibited, application-level passwords should adhere to the good practice / security policy requirements).

(3) Access to service system(s) assigned to individual users according to training undertaken and roles and responsibilities assigned.

(4) Account lock-out procedures following repeated failure by a user to logon.

(5) Formal requirements to periodically review existing user access to applications (and remove access where necessary) to ensure that changes to employee roles and responsibilities are mirrored by the application-level access.

4.1.8 How has your business taken steps to ensure appropriate operating system and privileged security and control procedures have been developed with respect to your service to guard against unauthorised logical access to data and programs?

The response should address the following areas:

Operating system level security and privileged access controls in place including:

(1) Access to operating systems (e.g. UNIX, NT) restricted to IS support staff only.

(2) Assignment of individual user IDs and passwords to all users authorised to have operating system access (e.g. For UNIX authorised users should log onto their own accounts and then “SU” to “root”; in the case of NT, authorised administrators should be assigned an individual profile in the “Administrator” group).

(3) Invocation of audit trails to enable tracing of any activities to individual user ID accounts.

(4) Segregation of duties between IS Support (e.g. IS support staff and security administrators) and business users carrying out day-to-day input and processing of data within the service system.

4.1.9 How has your business taken steps to ensure appropriate database administration security and control procedures have been developed with respect to your service to guard against unauthorised logical access to data and programs?

The response should address the following areas:

Database Administration security and access controls in place including:

(1) Formal procedures to manage database administrator access to the live production environment.

(2) Assignment of individual user IDs and passwords to database administrators (wherever possible) adhering to good practice / policy.

(3) Application of changes to production only upon formal authorisation from the appropriate data owners.

(4) Audit trail controls in place over DBA access to production data, including regular review of the audit trail produced.

4.1.10 How has your business taken steps to ensure appropriate security and control procedures have been developed over external connections with respect to your service to guard against unauthorised logical access to data and programs?

The response should address the following areas:

Security and controls in place over external connections (including email, internet, web servers, connections to third parties, removable media, etc.) including:

(1) Use of firewalls, (including regular review over firewall configuration and monitoring over firewall reporting).

(2) Virus detection and cleansing controls and procedures over all external network connections, servers and desktops (including regular update of anti-virus software and email monitoring over attachments).

(3) Additional security controls in place over dial-up access (including additional risk assessment procedures over third party connections into the organisation’s information systems to ensure appropriate controls are in place).

4.1.11 How do you ensure that your IT ‘housekeeping’ procedures, such as initiating data processing, system monitoring and back-ups are managed in an effective manner to ensure appropriate system availability?

Refer to Appendix 2 for additional guidance on Disaster Recovery and business continuity planning and testing.

The response should address the following areas:

(1) ‘Housekeeping’ activities performed by the core operations/data centre team. Please define the extent to which these procedures are automated.

(2) Formal documentation and training in place to ensure IT staff are aware of their responsibilities and are competent to perform them.

(3) Scheduling/monitoring performed to ensure that all daily/weekly/monthly housekeeping tasks are completed as necessary.

(4) Procedures to ensure timely identification, logging and resolution of errors and/or problems.

(5) Formal senior management review procedures to ensure that all IT operations/’housekeeping’ activities are performed as required in a timely manner.

4.1.12 How have you ensured that appropriate data back-up, archive and restoration arrangements have been established and operate effectively?

This question is not referring to the specific Disaster Recovery plans you have in place (4.1.3) but to daily operational back-up processes that should be performed.

The response should address the following areas

(1) The back-up strategy implemented through user or computer operations procedures and task schedules.

(2) Procedures and processes in place to regularly test back-up data to ensure it could be used to restore lost business data.

(3) Regular and independent reviews of the back-up practices and formal reporting back to management.

(4) Procedures and processes in place to ensure the security of any physical storage of back-up data (including USB drives, hard copies of documents).

(5) Procedures and processes in place to ensure that any personal data is not kept for longer than is necessary, in accordance with the General Data Protection Regulation (GDPR).

4.2 Additional Questions for IT functions managed by a third party

Question

Guidance

Response

Evidence

4.2.1 Where any aspect of your IT function is outsourced to a Third Party, how is this relationship managed?

The response should address the following areas:

(1) Service Level Agreements / Procedures to formally define the IT services provided by Third Parties.

(2) Monitoring over the performance of Third Parties against agreed service levels / contractual obligations.

(3) Regular review and update of Service Level Agreements.

(4) Processes that you have put in place to ensure that you have an on-going assurance as to the integrity, confidentiality and availability of data, systems and processes where these are maintained and/or managed by a third party provider.

4.3 Additional information

Question

Guidance

Response

4.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 5 – CHANGE MANAGEMENT AND RISK ASSESSMENT PROCESS

Objectives of this section

To ensure that the Applicant has appropriate change management processes and procedures, which should include an on-going risk assessment process in order that any risks identified as a result of system, process or organisational changes either arising internally or as a result of changes to BSC requirements can be managed in a controlled manner so as to minimise any adverse risk to Settlement.

Guidance for completing this section

Changes to either computer systems or manual processes and procedures may arise as a result of either change made internally by the Applicant or due to changes in the BSC requirements. Appropriate procedures need to be in place in order to identify these changes on a timely basis, to assess their impact and to ensure that they are implemented in a controlled manner to all areas and that documentation impacted by the change is updated appropriately. The responses provided should consider changes arising both internally and externally.

The section has been split as follows:

5.1 Generic Section (to be completed in all cases); and

5.2 Additional Information.

Section F of the BSC sets out the Modification process for changes to be made to the BSC itself. BSCP40 sets out the required change management processes for changes arising as a result of Code Subsidiary Document changes.

Additional guidance on a recommended Risk Assessment process is included within BSCP537. One element of this Risk Assessment process should be geared to considering when a re-Qualification application may be required.

5.1 Generic Section

Question

Guidance

Response

Evidence

5.1.1 How do you ensure that any risks arising as a result of changes to be made to your organisation, systems and processes are identified and assessed?

Ongoing procedures should exist to ensure that all risks identified are assessed to ensure that any issues which present a risk to Settlement are identified and addressed.

These procedures should also identify whether the risk arising from the changes being made would trigger a need for re-Qualification as required by BSCP537.

Procedures to ensure that where a risk has been identified, a link has been provided to the mitigating action to be taken to address the risk.

5.1.2 What change control procedures do you have in place and how do you ensure that these procedures are operating effectively?

The response should address the following areas:

(1) An individual (or team) is responsible for co-ordinating the change control process to ensure that it operates effectively and for ensuring that any potential issues are addressed.

(2) Management have developed and documented change control procedures covering the implementation of (where relevant) new system software, application software, network systems, computer hardware operating programs as well as manual processes and procedures.

(3) Change control procedures are in place to identify all changes made to the relevant sections of the BSC and other relevant Code Subsidiary Documents and ensure that the necessary changes to the service and relevant local working procedures are implemented within the required timescale.

(4) Formally documented procedures have been developed and implemented to ensure that only authorised changes are processed.

(5) Staff are aware of the change control procedures and their individual roles and responsibilities.

(6) Appropriate data (including paper files or simple spreadsheets and databases) and system back-ups are taken prior to and after each change to ensure an operational system can be recovered if the change does not function as expected.

(7) Management instigates regular reviews, perhaps by internal or external auditors, of the practices adopted by staff to ensure compliance with the change control procedures.

(8) Procedures to identify whether any changes made internally will impact interfaces with other relevant BSC Systems and the services operated by other participants to ensure that these are notified to BSCCo and executed in accordance with the BSCP40.

5.2 Additional Information

Question

Guidance

Response

5.2.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification that they consider necessary. This field is optional.

SECTION 6 – MANAGEMENT, RESOURCE PLANNING AND LOCAL WORKING PROCEDURES

Objectives of this section

To ensure that, in delivering the service, the Applicant has adequate processes and procedures in place to enable staff at all levels to understand the objectives/aims of the service they are delivering, their roles and responsibilities within the service and to ensure that as the service develops and expands that appropriate resources are in place to maintain the service and to minimise the risk to Settlement.

Guidance for completing this section

In order for your service to work effectively it is essential that you have business procedures, referred to within this SAD as local working procedures, defining the requirements of the service you are delivering and how individual staff members fit in and support those requirements. It is also essential that your staff know how to operate those procedures, understand fully their responsibilities and the consequences to your organisation if the service should fail to operate as intended. Consequently, your staff must be trained in their duties and understand your business procedures.

It is also important that senior management within the service have the processes in place which will provide them with the information to assess whether the systems, processes and controls they have established are and remain effective in delivering the overall service.

6.1 Generic Section

Question

Guidance

Response

Evidence

6.1.1 What processes do you have/operate to ensure senior management can monitor the ongoing delivery of your service and identify and resolve any risk to Settlement that may be highlighted?

It is important for senior management to be able to confirm that the objectives of the service they are delivering are met and continue to be met. Senior management should be able to demonstrate their commitment to these objectives and any corrective actions required.

The response should address the following areas:

(1) In addition to roles and responsibilities in respect of the day to day activities of the service clear reporting lines exist which include senior management. This may be through an organisational chart and/or job/role descriptions.

(2) Senior management hold regular service update/progress meetings and/or receive activity reports from staff.

(3) Independent reviews are conducted on key aspects of the service, this may be senior management themselves or perhaps by internal audit staff.

(4) Senior management receive and review communications from external third parties, which may provide an indication as to whether the service is delivering to its objectives. Examples of this may be that all complaints are reviewed by senior management, that any communication from/to BSCCo is handled by senior management and that ‘customer’ or ‘client’ satisfaction surveys are instituted by senior management.

(5) Organisation wide communication processes are in place to both demonstrate commitments and receive staff feedback, e.g. company magazine/newsletter/intranet, staff suggestion process.

6.1.2 How are you able to demonstrate that your organisation has got local working procedures at an appropriate level of detail for the service you propose to operate?

For local working procedures to be developed in an organised and comprehensive way, which allows them to be easily communicated to staff and applied consistently, they will need to be documented.

In answering this question, you need to identify the business processes/procedures for which you need to prepare local working procedures.

Where you are applying for re-Qualification, and where the changes to your service impact your local working procedures, your response should describe the procedure(s) you have performed to ensure that local working procedures have been appropriately updated. This may overlap with your response to questions in Section 5, Change Management. You are advised to compare the response to questions in Section 5 with this question in order to minimise the level of duplication or repetition in your responses.

Assurance that the local working procedures are operating as intended and/or are ‘fit for purpose’ may also be derived from an independent review. If such a review has been performed any reports should be available as part of the evidence open to inspection by BSCCo as part of the follow-up process.

6.1.3 What staff development processes do you have in place to ensure that your service operates effectively and in accordance with your local working procedures?

The response should address the following areas:

(1) Regular staff appraisals or skills reviews are conducted to ensure knowledge / skills / resource gaps are identified and actions taken to resolve them, this may include the use of individual staff training plans.

(2) Service/Development training plans are implemented to ensure that staff know and understand (both before go-live and during their ongoing operation of the live service) their roles and responsibilities and how to operate in accordance with local working procedures.

(3) As appropriate, supporting guidance material has been developed and made available to staff.

Where you are applying for re-Qualification your response should specifically address the procedure(s) you have performed to assess the need for staff training in respect of the specific changes you are making to the service. This may overlap with your response to questions in Section 5, Change Management. You are advised to review the questions in Section 5 so as to minimise the level of duplication or repetition in your responses.

6.1.4 What planning have you undertaken and/or what ongoing monitoring processes do you have in place to ensure you have sufficient resources to operate your service, particularly as you move from your start up volume to your intended maximum scale of operations (in terms of the numbers of MSIDs)?

Refer to Appendix 1 for additional information on capacity planning and testing.

The response to questions in section 3 with regard to capacity testing will have demonstrated that the systems are capable of operating to the intended maximum scale of operations (level of MSIDs). This question is aimed at ensuring that after go live all resources (IT infrastructure, IT systems, staff at all levels/functions, office space, etc.) are capable of assessment to ensure that as capacity is approached actions can be taken to maintain the service provided.

Different assessment approaches may be employed depending upon the resource. As illustrative examples:

(1) IT infrastructure: you may operate a combination of formal future capacity planning – (documenting the technical specifications of the IT infrastructure and the configurations to be used as volumes increase), together with ongoing monitoring of network downtime/usage/response times to identify stress points and act as the trigger to assess the need to upgrade the infrastructure.

(2) Operational staff – you may operate a number of processes to assess whether the levels of operational staff are sufficient to meet the day to day workloads of the service. Such processes may be monitoring the levels of manual processing/exception backlogs, staff appraisal/development reviews and independent reviews by internal audit.

The response to this question should address all resource elements of the service and all the activities employed in relation to each element. It is acknowledged that you may have already described the processes you employ in responding to other questions within this SAD. If that is the case it is recommended that you make brief reference to the process employed and cross refer to the detailed response where the process is described fully.

6.2 Additional Information

Question

Guidance

Response

Evidence

6.2.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 7 – INITIAL DATA POPULATION AND/OR DATA MIGRATION

Objectives of this section

This section looks at the controls in place to ensure that the data used to initially populate the systems supporting your service is of reasonable quality. The section focuses on MSID-related data only. Other data, required to run your service effectively, such as Market Domain Data (MDD) and Daily Profile Co-efficients (DPC) which are not related to a specific MSID is considered in the service specific SAD sections.

Guidance for completing this section

In the following circumstances there is no requirement to complete this section:

  • Where you plan to use the Change of Agent process alone (with no bulk data fixes) to populate your system.

  • Where Applicants are applying for re-Qualification of their existing, operating service without making any changes to the supporting systems or data on the systems.

The section has been split as follows:

7.1 Generic Section (to be completed in all cases); and

7.2 Additional Information.

7.1 Generic Section

Question

Guidance

Response

Evidence

7.1.1 How have you ensured that a data population / migration strategy has been developed to an appropriate level of detail to demonstrate that you are able to operate the service following data population / migration?

Evidence would be expected to include a data population / migration strategy defining:

(1) A clear approach to the initial data population / migration of the records/systems.

(2) Responsibilities and timescales for each element of the plans.

(3) Any risks associated with the plans and mitigating controls to be implemented.

(4) Success or acceptance criteria for each stage of data population / migration activity together with an explanation as to how these will be measured.

(5) Contingency procedures to ensure a continuing service in the event that the migration process fails.

7.1.2 How can you ensure that the service is populated with data that has a level of accuracy such that it meets the data quality requirements and performance standards as set out in the BSC, BSCPs, PSL100 and, where relevant, data cleansing is performed?

The response should address the following areas of the data population / migration process:

(1) The measures put in place to ensure the timely transfer of all MSID-related data to the system supporting the service prior to go-live.

(2) Controls implemented to ensure the completeness, accuracy and integrity of the migration of data (including procedures for ensuring incoming and outgoing data flows are processed appropriately during the data migration process).

(3) Procedures to ensure that any poor quality data is cleansed prior to migration onto the new system.

(4) Procedures to identify and resolve any data migration failures / exceptions.

(5) Demonstration of an appropriate audit trail.

7.2 Additional Information

Question

Guidance

Response

7.2.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 8 – NHHDC

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the operational requirements of the BSC, BSCP504 and PSL100 are met. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a NHHDC agent.

Guidance for completing this section

The NHHDC agent collects and processes Meter readings and performs the calculation of Estimated Annual Consumption (EAC) and Annualised Advance (AA) values. Settlement of Non Half Hourly Metering Systems is performed on the basis of profiled EAC and AA values for onward submission to the NHHDA agent. The section is split as follows:

Business Processes and Mitigating Controls: This set of questions looks at the controls over the input of Meter readings to the NHHDC system, the subsequent creation of EAC and AA values and the transmission of these to the NHHDA agent. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the provisions for a full audit trail history of the data used by your Agency Service, and any changes made to it as outlined in BSCP504 and PSL100.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the Agency Service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

8.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

8.1.1 How do you ensure that data flows are received and processed completely, accurately and in a timely manner, in line with the requirements of BSCP504 and PSL100?

The NHHDC agent receives a number of key inputs, including the following:

(1) Appointment and termination notifications on D0155 and D0151 data flows (including read frequency requests) from Supplier (BSCP504 3.2, 3.3 & 3.4).

(2) Metering System Settlement detail affirmations on a D0052 data flow (including D0052 received for Unmetered Supply Metering Systems) from Suppliers (BSCP504 3.2 & 3.3).

(3) Notification of mapping details, Non Half Hourly Meter Technical Details and Auxiliary Meter Technical Details on D0149, D0150 and D0313 data flows from Meter Operator Agents (BSCP504 3.2 & 3.3).

(4) Confirmation or rejection of energisation status change on a D0139 data flow from SVA Meter Operator Agents (BSCP504 3.3.3, 3.3.4, 3.3.5).

(5) Notification of change to other Parties from Suppliers on a D0148 data flow (BSCP504 3.2, 3.3 & 3.4).

(6) Market Domain Data on D0269 and D0270 data flows and Daily Profile Coefficients on a D0039 file from SVAA. (BSCP504 3.1).

The response should address the following areas:

(a) The identification, review and authorisation of all flows prior to processing.

(b) Controls in place to ensure that all data required or expected is received. This may be through controls within the update routines or through manual controls.

(c) The validation of data for formats and lengths, e.g. the MSID is valid.

(d) The validation of standing data received against the latest version of MDD, data items and combinations such as Profile Class, Standard Settlement Configuration, Data Aggregator ID, Data Collector ID, SVA Meter Operator Agent ID, Supplier ID, GSP Group or energisation status.

(e) The validation of data for its internal consistency.

(f) The controls over the completeness and accuracy of MDD in line with the go-live dates as published in the MDD circulars, including controls to ensure that where MDD items are selectively applied to the database, that the appropriate items are selected and that all are applied completely and accurately. Please specify whether this process will require manual intervention.

8.1.2 How do you ensure that Meter reads are scheduled in line with BSCP504 and PSL100?

Please provide a response for all types of Metering Systems for which you operate as NHHDC, e.g. standard cyclic Metering Systems, remote pre-payment Metering Systems, de-energised Metering Systems, Automated Metering Systems, etc.

8.1.3 Where your retrieval system is separate from your data processing system, what controls do you have in place to ensure that Meter readings collected by one system are transferred completely and accurately to the other?

This question is only relevant to Agents operating separate data retrieval and data processing systems. Where this is not relevant please state “not applicable”.

8.1.4 How do you ensure that all appropriate Meter readings are collected, to satisfy BSCP504 and PSL100?

The response should address the following areas:

(1) The controls in place to ensure the completeness of Meter read collection and upload onto the system. This should include both manual and electronic Meter reads including the following read types:

(a) Hand held unit.

(b) D0010 – from Supplier or SVA Meter Operator Agent.

(c) Other electronic files.

(d) Interactive voice recognition system.

(e) Operator phone conversation.

(f) Read sheet or read card.

(g) Automated Meter Readings.

(2) When visiting a site or remotely contacting a site the checks are performed as detailed in BSCP504 Appendix 4.1.

(3) Procedures to ensure consistency between manual and remote meter reads so that invalid reads are not accepted and valid reads are not rejected, especially for smart meters.

(4) The processes to ensure that any consumption for Metering Systems recorded as de-energised on your Agency Service is identified and processed to Settlement.

(5) The controls in place to check that all scheduled reads have been performed.

(6) The controls in place to identify discrepancies in number of register digits between readings captured manually and those obtained remotely.

8.1.5 How do you ensure that Meter readings are validated to satisfy BSCP504 and PSL100?

The response should address the type and level of validation undertaken against each of the read types, including those defined in question 8.1.4 above.

The minimum validation requirements for Meter readings are set out in BSCP504 Appendix 4.2.

The response should specify where the validation is performed (may be split between different parts of the system).

Controls should be in place to ensure that the validation is performed on all Meter read types – reads may be input by different methods.

(Question 8.2.1 relates to how you would deal with reads that have failed validation)

8.1.6 What controls do you have in place to ensure that Meter reads are only withdrawn in the circumstances given in BSCP504 3.3.8?

The response should address the following areas:

(1) The controls in place to identify circumstances in which a read withdrawal is required (either internally or as a result of an external instruction).

(2) The controls in place to ensure the accuracy of the read withdrawal and application of roll back procedures.

(3) The controls in place to ensure that the corrected consumption for a Metering System is calculated and then passed to NHHDA.

8.1.7 What controls do you have in place to ensure that a correct EAC/AA is calculated on receipt of consumption data as per the BSC Section S Annex 2 4.3?

The response should address the controls in place to ensure that all appropriate data is passed to, and from, the EAC/AA system and the NHHDC system, which may include:

(1) Validation of input/output files, e.g. by control totals, checksums.

(2) Procedures to re-submit data that has failed validation.

(3) Controls in place to ensure the complete receipt of downloads, e.g. a one to one matching process or file sequencing.

8.1.8 Where it is necessary for your Agency Service to deem a read to meet the requirements of the BSC, BSCP504 and PSL100 how do you ensure that the read calculated is accurate and in line with specified procedures?

The response should address all approaches to deeming reads such as electronically via the EAC/AA calculator, manual calculation etc. For each of the methods utilised, the response should consider the following:

(1) The procedures in place for identifying the need to calculate a deemed read.

(2) The controls in place to ensure that all appropriate data is passed to, and from, your EAC/AA system and your NHHDC system.

(3) The procedures for ensuring deemed reads are calculated as per the BSC where the EAC/AA Calculator is not used.

8.1.9 How do you ensure that all calculated, estimated and actual consumption data is transmitted to the appropriate Data Aggregator (on a D0019 data flow – Metering System EAC/AA Data) completely, accurately and on a timely basis?

The response should address the following areas:

(1) A schedule of expected transmission dates/times is drawn up and maintained, such that staff are made aware and the transmissions made are monitored, to ensure the timetable is met.

(2) All relevant data for transmission is collated completely, accurately and in the required format, including:

(a) All EAC and AA values calculated by the EAC/AA calculation process.

(b) Initial EAC values for new Metering Systems or on change of Profile Class or Standard Settlement Configuration.

(c) Revised EACs for Unmetered Supplies.

(d) Revisions to EAC/AA values sent previously.

(3) The correct Data Aggregator(s) is identified.

(4) File sequence numbers are maintained for each recipient Data Aggregator to ensure all are processed, and in the correct order.

(5) Record counts and check sums are provided in the data transmitted to ensure completeness.

(6) Where the DTN is not used for transmission, an acknowledgement check is performed to confirm receipt of the files by the NHHDA.

8.1.10 What controls do you have in place to ensure that the requirements of BSCP504 are met when Change of Supplier/Change of Agent notifications are processed? (BSCP504 3.2.3, 3.2.4, 3.2.5, 3.2.6 & Appendix 4.8)

The response should include the following key events, which may take place as part of the Change of Agent (‘CoA’)/ Change of Supplier (‘CoS’) process:

(1) The processing of request for Metering System related details on a D0170 data flow both as the incoming and outgoing agent.

(2) The processing of an instruction to obtain change of Supplier reading on a D0072 data flow on a CoS or CoA event.

(3) The controls in place over your Agency Service to ensure the creation and complete and accurate sending of historic Meter reading data on a D0010 data flow and Metering System historical EAC/AA data on a D0152 data flow per BSCP504 3.2.3.

(4) The mechanisms in place to monitor the timescales in which the above data flows: into and out of your Agency Service; and is processed.

8.1.11 How do you ensure that appropriate procedures are in place to revise the EAC/AA in the event that historic standing data or Meter reads change in line with the requirements of BSCP504 and PSL100?

The response should address the following areas:

(1) The procedures for identifying changes that may affect the EAC/AA calculated for an MSID.

(2) The procedures for re-submitting changed data to the EAC/AA Calculator and ensuring that the new EAC/AA data is transmitted to the Data Aggregator.

8.1.12 What action have you taken to ensure that where a read has been received post Final Reconciliation Settlement Run (RF) but no read pre RF, that the BSC rule is applied as specified in BSCP504 Appendix 4.5.

The response should address the following areas:

BSCP504 Appendix 4.5 specifies that where the EAC for a Metering System supplied to NHHDA for inclusion in a Final Reconciliation Settlement Run has not been submitted with an AA for the Metering System, the NHHDC should have procedures in place to:

(1) Determine a Deemed Meter Advance (DMA) for each Settlement Register using the specified formula.

(2) Determine an EAC/AA value for each register substituting the value of Meter Advance (MA) with the DMA and the Meter Advance Period (MAP) with the Deemed Meter Advance Period (DMAP).

(3) Determine an MA for each register for the period as specified.

(4) Determine EAC/AA for each register using the MA and the new MAP as calculated.

8.1.13 What action have you taken to ensure that where a Supplier requests that a site should be treated as Long Term Vacant (LTV) (or where this ceases to be the case) the appropriate BSC rules are applied as set out in S-2?

BSCP504 sections 3.3.13 and 3.3.14 set out the process to be followed by the NHHDC when notified by a Supplier that either a site qualifies or no longer qualifies for LTV treatment. Please detail the processes and controls in place to address the following:

At the start of the LTV period:

(1) Processing of notifications from Suppliers of zero-EACs received on D0052 data flows.

(2) Sending of notifications of deemed Meter readings (as appropriate) for the EFD of the LTV period to the Supplier and LDSO on D0010 data flows.

At the end of the LTV period:

(1) Processing of non-zero EACs received from the Supplier on D0052 data flows.

(2) Obtaining or processing Meter readings.

(3) Notification of deemed Meter readings to the Supplier and LDSO as appropriate.

8.1.14 How do you ensure that appropriate procedures are in place to visit de-energised sites annually, in accordance with BSCP504?

The response should include:

(1) Processes in place to identify which sites are due a visit.

(2) Processes in place to report any detection of consumption to the Supplier and SVA MOA using the D0001 flow.

8.1.15 How have you ensured that appropriate audit trails are in place per BSCP504 Sections 4.16 and 4.17 and PSL100 Section 9.1, 10.2 and 10.3?

The response should address the existence of audit trails over the following areas:

(1) Changes to standing data.

(2) Changes to Meter reads.

(3) Changes to EAC/AA or DMA calculations.

(4) A history of all data flows (manual and electronic) received and sent out.

In all circumstances you should consider whether there is enough information available for an independent person to identify the source and nature of the change (archived information should be stored so that it is available for enquiry). This should include a rationale for decisions that were made.

8.1.16 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Section 10.2.1?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra-Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

8.2 Exception Management

Question

Guidance

Response

Evidence

8.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the service there are a number of points at which delays in processing data could occur, which, if not addressed, could result in the timescale requirements, as set out in BSCP504 or PSL100, being exceeded. This could consequentially have an adverse impact on the quality of data used by other Party Agents or Parties in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms in place to identify rejections, errors and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify:

(a) all points of rejection/failure in data flow processing.

(b) all areas where backlogs may occur in processing e.g. where there are dependent flows such as D0149/D0150/D0313 data flows or where manual review is required to validate data.

(3) Management processes in place to monitor performance against the standards as set out in BSCP504.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 8.1.1 above and also addresses the following:

  • EAC/AA requests.

  • D0010 – electronic Meter reads.

  • Manual reads.

  • Failed reads.

For Meter reads controls should be in place to monitor and review the level of manual validation override performed by operators (in order to determine how often reads that have initially failed validation have then subsequently processed as a result of the application of judgement by the operator). Specify the processes and procedures that will be in place to ensure that where manual validation override is applied it is carried out completely and accurately and only in the appropriate circumstances.

BSCP504 Appendix 4.8 sets out the limited circumstances in which a Meter read which has failed validation can be manually adjusted and subsequently re-processed. Controls should be in place to ensure that adjustment is only applied in the circumstances set out in the BSCP. Management controls should be in place to monitor and review this activity.

8.2.2 How do you ensure that all P35 and D0023 flows received from Data Aggregators are identified, investigated and resolved?

Questions 8.1.9 addresses the sending of Metering System EAC/AA data on a D0019 data flow to the appointed NHHDA. If the D0019 is rejected by the NHHDA, the following may be returned to the NHHDC:

(1) For transmission problems an Invalid Instruction P0035 data flow will be returned.

(2) For instruction level validation problems a failed instruction on a D0023 data flow will be sent.

The response should address the following areas:

(a) Controls to identify when these rejection data flows are received.

(b) The action required to follow up the error should be detailed, including notifying the Data Aggregator and/or registered Supplier where the NHHDC considers the fault to lie with other parties’ systems/processes.

(c) Procedures to identify whether a file resend or new D0019 is the appropriate response.

(d) The timescales within which actions should be taken to resolve the P0035/D0023.

(e) Management monitoring processes to ensure all P0035/D0023 data flows received are being progressed and resolved in a timely manner.

8.2.3 What procedures do you have for identifying and resolving data discrepancies between your NHHDC Agency Service and the SMRA (reported via the D0095 data flow)?

The NHHDA system performs a comparison between the data it receives from both the SMRA and the NHHDC Agent. Any discrepancies arising from this comparison would then be notified to the Supplier on the NHHDA exception report (on a D0095 data flow). The Supplier may then report these discrepancies to the NHHDC Agent for resolution/investigation.

The response should address the following areas:

(1) The controls and processes in place to resolve any exceptions reported on the D0095 data flows received from Suppliers, including procedures which specify the action to be taken for each error code reported.

(2) The monitoring controls in place for analysing and controlling the level of outstanding D0095 exceptions in order to facilitate root cause analysis.

8.2.4 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter reads) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Agency Service).

(2) Review of data quality statistics by senior management.

8.3 Additional information

Question

Guidance

Response

8.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 9 – HHDC

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the operational requirements of the BSC, BSCP502 and PSL100 are met. for SVA Metering Systems and where providing services for Asset Metering Systems ensure the additional requirements of BSCP603 for Asset Metering Systems are met. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a HHDC agent.

Guidance for completing this section

The HHDC agent collects and validates metered data for HHDC-serviced Metering Systems1 , HHDC-serviced Asset Metering Systems2 or receives (and may validate) metered data from Supplier-serviced Metering Systems3 for onward submission to the relevant HHDA agent or from an AMHHDC for onward submission to the SVAA. The HHDC agent is required to send active energy data to the HHDA or SVAA in kWh. The section is split as follows:

Business Processes and Mitigating Controls: This set of questions looks at the controls over the input of Meter, or Asset Meter readings to the HHDC service and the subsequent transmission of data to the HHDA agent. for SVA Metering Systems or to the SVAA for Asset Metering Systems. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the provisions for a full audit trail history of the data used by your Agency Service, and any changes made to it as outlined in BSCP502 and BSCP603.

Exception Management: This set of questions looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

9.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

9.1.1 How do you ensure that standing data is received and processed completely, accurately and in a timely manner, in line with the requirements of BSCP502 and PSL100 for SVA Metering Systems and BSCP603 for Asset Metering Systems?

The HHDC Agent receives a number of key inputs, including the following:

(1) Appointment and termination notifications from Suppliers on D0155 and D0151 data flows (including read frequency requests) (BSCP502 3.2, 3.3) or from AMVLPs on D0155 and D0151 data flows; (including read frequency requests) (BSCP603 2.1, 2.2); and where an AMHHDC has been appointed a P0314 data flow.

(2) Notification of change to other parties from Suppliers or AMVLPs on a D0148 data flow (BSCP502 3.2 & 3.3, BSCP603 2.1).

(3) Confirmation or rejection of energisation status change on a D0139 data flow from SVA Meter Operator Agents (BSCP502 3.3, & 3.3; BSCP603 2.2).

(4) MDD data flows from SVAA on D0269 and D0270 data flows (BSCP502 3.1).

(5) Notification of Measurement Class /EAC/Profile Class on a D0289 data flow (BSCP502 3.2 & 3.3).

(6) Half Hourly Meter Technical Details on a D0268 data flow (BSCP502 3.2, 3.3, 3.4 3.5; BSCP603 2.1, 2.2, 2.4 and 2.5), including those for Unmetered Supplies and, where relevant, a Complex Site Supplementary Information Form or an Asset Metering Complex Site Supplementary Information Form.

(7) Notification of address details on a D0131 data flow.

8) Notification of Asset Metering Type in a P0303 from AMVLP.

The response should address the following areas:

(a) The identification, review and authorisation of all data flows prior to processing.

(b) Controls in place to ensure that all data required or expected is received. This may be through controls within the update routines or through manual controls.

(c) The validation of data for formats and lengths, e.g. the MSID or AMSID is valid.

(d) The validation of standing data received against the latest version of MDD and data held such as Measurement Class, Data Aggregator ID, Data Collector ID, SVA Meter Operator Agent ID, Supplier ID, GSP Group or energisation status.

(e) The validation of data for its internal consistency.

(f) The controls over the completeness and accuracy of MDD data in line with the go-live dates as published in the MDD circulars, including controls to ensure that where MDD items are selectively applied to the database, that the appropriate items are selected and that all are applied completely and accurately. Please specify whether this process will require manual intervention.

9.1.2 For Metering Systems where you retrieve the data and where your retrieval system is separate from your data processing system, what controls do you have in place to ensure that Meter readings collected by one system are transferred completely and accurately to the other?

This question is only relevant to Party Agents operating separate data retrieval and data processing systems. Where this is not relevant please state “not applicable”.

Controls should be in place to ensure that, where these activities are separate, each system is updated with all required standing data in order for it to perform its function. Procedures should ensure that data held by different parts of the system is consistent.

9.1.3 For Asset Metering Systems where you retrieve data from the Asset Metering System, how have you demonstrated that your data retrieval systems (including Hand Held Units and any third party systems) are appropriate to communicate with Metering Equipment in accordance with BSCP601?

The response should address the following areas:

The HHDC agent is required to ensure that any data retrieval carried out by it or a third party on its behalf is in accordance with the approved protocol. The HHDC agent achieves this by performing protocol testing. BSCP601 sets out the tests and requirements relating to Metering Equipment protocols.

In your response, please also confirm that Protocol Approval for a Meter or Asset Meter Types has been achieved or where not that the Elexon Metering Team have been contacted to apply for Protocol Approval.

(1) The controls in place to ensure that for any AMSID appointed to that Protocol Approval has been achieved for the relevant Asset Meter Type.

9.1.4 How do you ensure that all appropriate Meter readings are collected or have been received to satisfy BSCP502 and BSCP603 requirements? (BSCP502 3.4; BSCP603 2.3)

The response should address the following areas:

(1) The controls in place to ensure the completeness of Meter, or Asset Meter, read collection and upload onto the system; this should include both manual and electronic Meter, or Asset Meter, reads (including both dial up reads and those received on D0010 data flows).

(2) The controls in place to ensure the completeness of upload of Asset Meter read data onto the system where this is collected by the AMHHDC; this should include receipt of D0390 ‘Asset Metering System Half Hourly Metered Data’ advances flow and Asset Meter reads.

(3) Reporting processes in place to identify failed dial up attempts (non collection of read data).

(4) Appropriate review, follow-up (e.g. investigation of communication links, notification to the HHMOA and AMMOA) for HHDC-serviced Metering Systems or HHDC-serviced Asset Metering Systems, and resolution of exceptions reported on a failed dial-up report.

(5) Estimation of data where meters are missing data for a specific time period (refer to question 9.1.6).

9.1.5 Where you are responsible for validating Metering System, or Asset Metering System, data how do you ensure that Meter data is validated to satisfy BSCP502 and BSCP603?

The response should address the type and level of validation undertaken. The minimum validation requirements for Meter, or Asset Meter, data are set out in BSCP502 Appendix 4.1 for SVA HH Metering Systems, or BSCP603 Appendix 3.1 for Asset Metering Systems.

The response should specify where the validation is performed (may be split between different parts of the system where data retrieval is separate to data processing).

Controls should be in place to ensure that the validation is performed on all Meter, or Asset Meter, read types – including manual and those received on D0010 data flows.

Where relevant controls should be in place to ensure that the ‘mini-MAR’ is performed as required by BSCP502 Appendix 4.1.5 for SVA Metering Systems, or BSCP603 Appendix 3.1.5 for Asset Metering Systems.

9.1.6 For metering Systems where you are estimating data and actual reads cannot be collected, how do you ensure that appropriate procedures for the estimation of reads in line with BSCP502 and BSCP603 are imposed?

Estimation has to be performed by the HHDC when data is invalid or is missing, and the HHDC has to notify the relevant Supplier, or AMVLP and where appropriate the LDSO, of the method used to produce the data estimate.

The methods of estimation are set out in BSCP502 Appendix 4.2 for SVA Metering Systems, or BSCP603 Appendix 3.2 for Asset Metering Systems.

The response should address the following areas:

(1) The estimation methods undertaken by your Agency Service and how these calculations are checked for completeness and accuracy.

(2) Controls in place to ensure that the estimation method applied follows the order of precedence set out in BSCP502 Appendix 4.2 or BSCP603 Appendix 3.2 as applicable.

(3) Processes in place to ensure that the method of estimation used and the rationale behind the application of that method are recorded.

(4) Specific procedures for abnormal consumption patterns should be in place.

(5) Controls should be in place to ensure that where more accurate data becomes available (either actual of estimated), this is applied.

(6) Where relevant controls should be in place to ensure that when estimation due to high energy recorded is carried out that a P0313 flow is sent to BSCCo.

9.1.7 How do you ensure that appropriate procedures are in place to collect consumption data for de-energised sites in accordance with BSCP502?

The response should include:

(1) Specific procedures for collecting and validating consumption data at least once every calendar month for metering systems where communications equipment is available.

(2) Processes in place to identify which sites are due an annual site visit where remote data collection is not available.

(3) Processes in place to report any detection of consumption to the Supplier and SVA MOA within two working days, using the D0001 flow.

9.1.8 How do you ensure that all consumption data is transmitted completely, accurately and on a timely basis to the appropriate Data Aggregator (on a D0036 or D0380 data flow or to SVAA on a D0390 data flow – Validated half hourly advances)?

The response should address the following areas:

(1) A schedule of expected transmission dates/times is drawn up and maintained, such that staff are made aware and the transmissions made are monitored, to ensure the timetable is met.

(2) All relevant data for transmission is collated completely and accurately in the required format.

(3) The correct Data Aggregator(s) is identified.

(4) File sequence numbers are maintained for each recipient Data Aggregator or SVAA to ensure all are processed, and in the correct order.

(5) Record counts and check sums are provided in the data transmitted to ensure completeness.

(6) Where the DTN is not used for transmission, an acknowledgement check is performed to confirm receipt of the files by the HHDA or SVAA as applicable.

9.1.9 What controls do you have in place to ensure that the requirements of BSCP502 and BSCP603 are met when change of agent/concurrent change of agent and change of Supplier or AMVLP notifications are processed? (BSCP502 3.2.4 & 3.2.7; BSCP603 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.1.10, 2.1.11, 2.1.12 and 2.1.13

The response should consider the following key events, which may take place as part of the change of agent/concurrent change of agent and change of Supplier or AMVLP process:

(1) The processing of a request for Metering System or Asset Metering System related details on a D0170 data flow both as the incoming and outgoing Party Agent.

(2) The controls in place to ensure the creation and complete, accurate and timely sending of historic Meter, or Asset Meter, reading data, on request, for the requested period of time, on a D0010 data flow and D0036 or D0380 data flow – including the last physical and final register readings and a consumption history of up to 14 months.

(3) The controls in place to ensure the complete, accurate and timely processing of all D0010 and D0036 or D0380 data flows upon receipt from the old HHDC.

(4) The mechanisms in place to monitor the timescales in which the above data are processed.

Note. The upload of all other data flows in relation to a change of agent should already have been referred to in the response to question 9.1.1.

9.1.10 How have you ensured that appropriate audit trails are in place per PSL100 Sections 1.1.6 10.2, 10.3 and 5.2.1. for SVA Metering Systems and BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3 for Asset Metering Systems?

The system must record and store for audit purposes the information detailed below. The response should address the existence of audit trails over the following:

(1) Data collected by the HHDC from the SVA Metering Systems or Asset Metering Systems including Meter, or Asset Meter, period value data cumulative readings and maximum demand readings.

(2) Any metered data provided to the HHDC by the associated Supplier, AMHHDC or the associated SVA Meter Operator Agent.

(3) The details of the validation done on the collected data including:

(i) the alarm(s) returned by the Meter, or Asset Meter, resulting in changes to data;

(ii) a reason code where data is changed; and

(iii) the new value for changed data.

(4) All data totalled by SVA Metering System or Asset Metering System by the HHDC.

In all circumstances you should consider whether there is enough information available for an independent person to identify the source and nature of the change (archived information should be stored so that it is available for enquiry).

The audit trail and archiving requirements for HHDC are set out in PSL100 sections 10.2 and 10.3 for SVA Metering Systems and BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.13.2.3 for Asset Metering Systems.

9.1.11 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Sections 10.2 and 10.3 for SVA Metering Systems and BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3 for Asset Metering Systems?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra-Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

9.1.12 What procedures are in place to ensure that correct Supplier details are received and that authorised Allocation Schedules are applied in accordance with BSC requirements?

(optional question in respect of shared sva Meter arrangements fOR half hourly import and export active energy)

Only those Applicants seeking Qualification as a HHDC agent with shared Meter allocation functionality should address this question.

Shared SVA Meter Arrangements are where up to four Suppliers utilise the same Metering Equipment or Metering System in the measurement of Import and/or Export Energy, referred to as Meter splitting. This can apply to a single Supplier splitting energy between MSIDs, two Suppliers (one Import, one Export), and also where the Import and the Export can be split between two Suppliers (giving a total of four).

The response should consider the controls and processes in place to ensure:

(1) Primary and Secondary Supplier details and their associated MSIDs are notified and recorded accurately.

(2) Consistent Primary and Secondary Supplier SMRA registration details are received for each Shared SVA Meter arrangement and only one SVA MOA and one HHDC are appointed.

(3) The HHDC processes data in accordance with the BSC requirements. (In particular, the algorithm used in the Active Energy metering data split calculations supports both the percentage and block methods of allocation and is in accordance with BSC requirements).

(4) Receipt of authorised Allocation Schedules prior to Gate Closure, (including formal controls/ procedures to ensure that only correct and authorised amendments to the Allocation Schedules are processed).

(5) Allocation Schedules have been correctly applied for each whole (or part) Settlement day.

(6) Each Shared SVA Meter Arrangement, and in each half hour, the sum of the allocated Active Energy data between the two MSIDs equals the total for the Metering System.

(7) Timely and accurate transfer of the split Meter data allocations between each MSID, to the appropriate HHDAs and the LDSOs are in place.

(8) A full audit trail is maintained over the output data from the Algorithm used to split data. The metered Export or Import original data input to the algorithm and the calculated output values are retained.

(9) Documented procedures over the implementation of sole Supplier trading from existing Shared SVA Meter arrangements.

9.2 Exception Management

Question

Guidance

Response

Evidence

9.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the service there are a number of points at which delays in processing data could occur, which, if not addressed, could result in the timescale requirements, as set out in BSCP502 for SVA Metering Systems and PSL100 and for Asset Metering Systems BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3, being exceeded. This could consequentially have an adverse impact on the quality of data used by other Party Agents or Parties in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms you have in place to identify rejections, errors and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify:

(a) All points of rejection/failure in data flow processing.

(b) All areas where backlogs may occur in processing e.g. where there are dependent data flows or where a manual review is required to validate data.

(3) Management processes in place to monitor performance against the standards as set out in BSCP502 and PSL100 for SVA Metering Systems PSL100 and for Asset Metering Systems BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 9.1.1 above and also addresses the receipt of all types of Meter, or Asset Meter read.

9.2.2 What procedures do you have in place to address any exceptions reported to the HHDC on the half hourly aggregation exceptions report received on a D0235 data flow (BSCP502 3.4.2; BSCP603 2.3.3)?

BSCP502 3.4.2 and BSCP603 2.3.3 defines the requirements on the HHDC to investigate inconsistencies and rectify faults. The response should address the controls and procedures in place to resolve exceptions reported on the D0235 report. The response should address the following:

(1) The controls and processes in place to resolve any exceptions reported on the D0235 report, including procedures in place which specify the action to be taken for each error code reported.

(2) Any additional methods used by the HHDC to report on and resolve exceptions.

(3) Processes in place to monitor the level and type of exceptions received to facilitate root cause analysis.

9.2.3 Where you are collecting data from the Metering System how do you ensure that the clocks on Half Hourly Meters are checked on a regular basis and appropriate corrective action is taken if any errors are detected?

The response should address the following areas:

(1) Controls in place to ensure the regular checking of Outstation, or Asset Meter clocks (this process may have been addressed in response to question 9.1.5 on Meter, or Asset Meter, data validation – where this is the case please provide a cross reference).

(2) Formal reporting of clock inaccuracies.

(3) Formal rectification procedures.

(4) Monitoring in place to ensure completeness and accuracy of action taken.

9.2.4 Where you are collecting data from the Metering System what controls do you have in place to ensure that site visits are carried out completely, accurately and as per the timescales defined in BSCP502? (BSCP502 4.1.8 & Appendix 4.4 for SVA Metering Systems; BSCP603 Appendix 3.1.8 & Appendix 3.4 for Asset Metering Systems)

BSCP502 4.1.8 (SVA Metering Systems) and BSCP603 3.1.8 (Asset Metering Systems) stipulates that sites with polyphase Metering Systems should be visited at least annually and single phase at least at two yearly intervals to perform the checks described.

The response should address the controls and procedures in place to ensure the following:

(1) Site visits are scheduled and carried out in all required circumstances within timescales as defined in the BSCP.

(2) Site visits are carried out completely and accurately (with all required checks being made as defined in BSCP502 Appendix 4.1.8 for SVA Metering Systems and BSCP603 Appendix 3.1.8 for Asset Metering Systems).

(3) The local interrogation unit (IU) or hand held unit (HHU) is set to ensure agreement with UTC at least every week.

(4) Information received back from a site visit is processed in a timely manner with all exceptions being followed up as required.

(5) Monitoring over the completeness, accuracy and timeliness of the performance of site visits in line with the BSCP requirements.

9.2.5 For Metering Systems that require Meter Advance Reconciliations (MARs) what controls do you have in place to ensure that manual MARs are performed completely, accurately and as per the timescales defined in BSCP502? (BSCP502 Appendix 4.8 for SVA Metering Systems and BSCP603 Appendix 3.8 for Asset Metering Systems).

Meter Advance Reconciliations (MARs) should be performed at least every quarter for Metering Systems where the automatic cumulation/total consumption comparison (i.e. the mini-MAR as specified in BSCP502 Appendix 4.1.5 for SVA Metering Systems or BSCP Appendix 3.1.5 for Asset Metering Systems) cannot be performed.

The response should address the controls and procedures in place to ensure the following:

(1) Process and procedures should be in place to identify all Metering Systems that require a MAR to be performed, either an inventory or some form of identification on the systems should be available.

(2) MARs are scheduled and performed as per the requirements specified in BSCP502 Appendix 4.8 for SVA Metering Systems and BSCP603 Appendix 3.8 for Asset Metering Systems.

(3) Appropriate checks are performed when using the Meter, or Asset Meter, register readings taken during any site visit.

(4) MARs are calculated accurately as per the requirements in BSCP502 and BSCP603.

(5) Reports are produced and sent to the relevant Supplier or AMVLP (MAR confirmation report, MAR failure report and MAR overdue report) and for SVA Metering Systems the LDSO (Meter Advance Reconciliation report).

(6) Appropriate actions are taken in response to the failure to perform a MAR (action taken to identify the cause of the failure and subsequent MARs performed).

(7) Follow up of any exceptions identified in the completion of the MAR process.

9.2.6 For Metering Systems that require proving tests what controls do you have in place to ensure that proving tests are performed in all the circumstances and timescales as defined by BSCP502 3.2.4.5 and Appendix 4.6; BSCP603 2.5 and Appendix 3.6?

The HHDC agent is required to perform Proving Tests at the request of the SVA Meter Operator Agent. BSCP502 3.5 and BSCP603 2.5 specifies the procedures to be used for different proving methods. BSCP502 Appendix 4.6 for SVA Metering Systems and BSCP603 Appendix 3.6 for Asset Metering Systems sets out, the circumstances in which a proving test will be required, the methods which can be used, the timescales to be applied and the actions to be taken with exceptions. Your response should address the end to end procedures and controls in place to cover the following:

(1) Appropriate scheduling of proving tests to ensure that proving tests are carried out on both main and check Metering Systems, or Asset Metering Systems, in all the circumstances defined in BSCP502 Appendix 4.6 for SVA Metering Systems and BSCP603 Appendix 3.6 for Asset Meters where the HHDC knows that a proving test should have been performed (due to one of the circumstances set out in BSCP502 Appendix 4.6 or BSCP514 Appendix 3.6 arising) then the HHDC is required to report this to the SVA MOA and the Supplier or AMVLP.

(2) Monitoring controls to review the completeness over scheduling of proving tests.

(3) Utilisation of an appropriate proving method (BSCP502 3.5 & Appendix 4.6.2; BSCP603 2.4 and Appendix 3.6.2).

(4) Adherence to defined timescales for testing and re-testing (BSCP502 Appendix 4.6.5 for SVA Metering Systems and BSCP603 Appendix 3.6.5 for Asset Metering Systems).

(5) Monitoring controls to review the completeness over actioning of proving tests and adherence to timescales.

(6) Controls to ensure appropriate action is taken upon failed / incomplete proving tests (BSCP502 Appendix 4.6.6 & 4.6.7 for SVA Metering Systems and BSCP603 3.6.6 and 3.6.7 for Asset Metering Systems).

9.2.7 How do you ensure that within two working days of detecting consumption on de-energised metering, the HHDC reports any detection to the Supplier and SVA Meter Operator Agent as per BSCP502 3.4.1.6 for SVA Metering Systems and as per BSCP603 2.3.1.4 to the AMVLP and Meter Operator Agent for Asset Metering Systems?

The response should detail the controls in place to ensure:

(1) Complete reporting via a D0001 data flow to Supplier (SVA Metering Systems) or AMVLP (Asset Metering Systems) and the relevant SVA Meter Operator Agent of any consumption detected on a de-energised Metering System (BSCP502 3.4.1.6 for SVA Metering Systems and BSCP603 2.3.1.4 for Asset Metering Systems).

(2) Accurate and timely follow up of subsequent instructions received from the Supplier or AMVLP (as applicable) on a D0005 data flow – instruction on action.

9.2.8 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter, or Asset Meter, reads) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Party Agent service).

(2) Review of data quality statistics by senior management.

9.2.9 How have you demonstrated that your data retrieval systems (including HHUs and any third party systems) are appropriate to communicate with Metering Equipment or Asset Metering Equipment in accordance with BSCP601?

The HHDC agent is required to ensure that any data retrieval carried out by it or a third party on its behalf is in accordance with the approved protocol. The HHDC agent achieves this by performing protocol testing. BSCP601 sets out the tests and requirements relating to Metering Equipment protocols.

In your response, please also confirm that you have contacted Elexon Metering to apply for Protocol Approval.

9.3 Additional Information

Question

Guidance

Response

Evidence

9.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 9A – AMHHDC

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the operational requirements of the BSC and BSCP603 are met. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as an AMHHDC agent.

Guidance for completing this section

The AMHHDC agent collects and validates metered data for HHDC-serviced Asset Metering Systems4 for onward submission to the HHDC. The AMHHDC agent is required to send active energy data to the HHDC in kWh. The section is split as follows:

Business Processes and Mitigating Controls: This set of questions looks at the controls over the input of Asset Meter readings to the AMHHDC service and the subsequent transmission of data to the HHDC agent. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the provisions for a full audit trail history of the data used by your Agency Service, and any changes made to it as outlined in BSCP603.

Exception Management: This set of questions looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

9A.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

9A.1.1 How do you ensure that standing data is received and processed completely, accurately and in a timely manner, in line with the requirements of BSCP603?

The AMHHDC Agent receives a number of key inputs, including the following:

(1) Appointment and termination notifications from AMVLPs on D0155 and D0151 data flows; (including read frequency requests) (BSCP603 2.1, 2.2).

(2) Notification of change to other parties from AMVLPs on a D0148 data flow; (BSCP603 2.1).

(3) Confirmation or rejection of energisation status change on a D0139 data flow from Meter Operator Agents (BSCP603 2.2).

(4) Half Hourly Meter Technical Details on a D0268 data flow; (BSCP603 2.1, 2.2, 2.4 and 2.5), and where relevant, an Asset Metering Complex Site Supplementary Information Form.

(5) Notification of Asset Metering Type in a P0303 from AMVLP.

The response should address the following areas:

(a) The identification, review and authorisation of all data flows prior to processing.

(b) Controls in place to ensure that all data required or expected is received. This may be through controls within the update routines or through manual controls.

(c) The validation of data for formats and lengths, e.g. the AMSID is valid.

(d) The validation of data for its internal consistency.

9A.1.2 For Asset Metering Systems where you retrieve the data and where your retrieval system is separate from your data processing system, what controls do you have in place to ensure that Asset Meter readings collected by one system are transferred completely and accurately to the other?

This question is only relevant to AMHHDCs operating separate data retrieval and data processing systems. Where this is not relevant please state “not applicable”.

Controls should be in place to ensure that, where these activities are separate, each system is updated with all required standing data in order for it to perform its function. Procedures should ensure that data held by different parts of the system is consistent.

9A.1.3 For Asset Metering Systems where you retrieve data from the Asset Metering System, how have you demonstrated that your data retrieval systems (including Hand Held Units and any third party systems) are appropriate to communicate with Metering Equipment in accordance with BSCP601?

The response should address the following areas:

The AMHHDC agent is required to ensure that any data retrieval carried out by it or a third party on its behalf is in accordance with the approved protocol. The AMHHDC agent achieves this by performing protocol testing. BSCP601 sets out the tests and requirements relating to Metering Equipment protocols.

In your response, please also confirm that Protocol Approval for an Asset Meter Type(s) has been achieved or where not that the Elexon Metering Team have been contacted to apply for Protocol Approval.

(1) The controls in place to ensure that for any AMSID appointed to that Protocol Approval has been achieved for the relevant Asset Meter Type.

9A.1.4 How do you ensure that all appropriate Asset Meter readings are collected or have been received to satisfy BSCP603 requirements? (BSCP603 2.3)

The response should address the following areas:

(1) The controls in place to ensure the completeness of Asset Meter read collection and upload onto the system; this should include both manual and electronic Asset Meter reads (including both dial up reads and those received on D0010 data flows).

(2) Reporting processes in place to identify failed dial up attempts (non-collection of read data).

(3) Appropriate review, follow-up (e.g. investigation of communication links, notification to the HHMOA and AMMOA) for AMHHDC-serviced Asset Metering Systems and resolution of exceptions reported on a failed dial-up report.

(5) Estimation of data where meters are missing data for a specific time period (refer to question 9A.1.6).

9A.1.5 Where you are responsible for validating Asset Metering System data how do you ensure that Asset Meter data is validated to satisfy BSCP603?

The response should address the type and level of validation undertaken. The minimum validation requirements for Asset Meter data are set out in BSCP603 Appendix 3.1.

The response should specify where the validation is performed (may be split between different parts of the system where data retrieval is separate to data processing).

Controls should be in place to ensure that the validation is performed on all Asset Meter read types – including manual and those received on D0010 data flows.

Where relevant, controls should be in place to ensure that the ‘mini-MAR’ is performed as required by BSCP603 Appendix 3.1.5.

9A.1.6 For metering Systems where you are estimating data and actual reads cannot be collected, how do you ensure that appropriate procedures for the estimation of reads in line with BSCP603 are imposed?

Estimation has to be performed by the AMHHDC when data is invalid or is missing, and the AMHHDC has to notify the relevant AMVLP of the method used to produce the data estimate.

The methods of estimation are set out in BSCP603 for Asset Metering Systems Appendix 3.2.

The response should address the following areas:

(1) The estimation methods undertaken by your Agency Service and how these calculations are checked for completeness and accuracy.

(2) Controls in place to ensure that the estimation method applied follows the order of precedence set out in BSCP603 Appendix 3.2.

(3) Processes in place to ensure that the method of estimation used and the rationale behind the application of that method are recorded.

(4) Specific procedures for abnormal consumption patterns should be in place.

(5) Controls should be in place to ensure that where more accurate data becomes available (either actual of estimated), this is applied.

(6) Where relevant controls should be in place to ensure that when estimation due to high energy recorded is carried out that a P0313 flow is sent to BSCCo.

9A.1.7 How do you ensure that all consumption data is transmitted completely, accurately and on a timely basis to the HHDC (on a D0390 ‘Asset Metering System Half Hourly Metered Data’)?

The response should address the following areas:

(1) A schedule of expected transmission dates/times is drawn up and maintained, such that staff are made aware and the transmissions made are monitored, to ensure the timetable is met.

(2) All relevant data for transmission is collated completely and accurately in the required format.

(3) File sequence numbers are maintained for the HHDC to ensure all are processed, and in the correct order.

(5) Record counts and check sums are provided in the data transmitted to ensure completeness.

(6) An acknowledgement check is performed to confirm receipt of the files by the HHDC.

9A.1.8 What controls do you have in place to ensure that the requirements of BSCP603 are met when change of agent/concurrent change of agent and change of AMVLP notifications are processed? (BSCP603 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9 2.1.10, 2.1.11, 2.1.12 & 2.1.13)

The response should consider the following key events, which may take place as part of the change of agent/concurrent change of agent and change of AMVLP process:

(1) The processing of a request for Asset Metering System related details on a D0170 data flow both as the incoming and outgoing Party Agent.

(2) The controls in place to ensure the creation and complete, accurate and timely sending of historic Asset Meter, reading data, on request, for the requested period of time, on a D0010 data flow and D0036 data flow – including the last physical and final register readings and a consumption history of up to 14 months.

(3) The controls in place to ensure the complete, accurate and timely processing of all D0010 and D0036 data flows upon receipt from the old AMHHDC.

(4) The mechanisms in place to monitor the timescales in which the above data are processed.

Note. The upload of all other data flows in relation to a change of agent should already have been referred to in the response to question 9A.1.1.

9A.1.9 How have you ensured that appropriate audit trails are in place for Asset Metering Systems requirements in BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3?

The system must record and store for audit purposes the information detailed below. The response should address the existence of audit trails over the following:

(1) Data collected by the AMHHDC from the AMHHDC-serviced Asset Metering Systems including Asset Meter period value data cumulative readings and maximum demand readings.

(2) Any metered data provided to the AMHHDC by the associated AMVLP or the associated Meter Operator Agent.

(3) The details of the validation done on the collected data including:

(i) the alarm(s) returned by the Asset Meter resulting in changes to data;

(ii) a reason code where data is changed; and

(iii) the new value for changed data.

(4) All data totalled by Asset Metering System by the AMHHDC.

In all circumstances you should consider whether there is enough information available for an independent person to identify the source and nature of the change (archived information should be stored so that it is available for enquiry).

The audit trail and archiving requirements for AMHHDC are set out in BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3

9A.1109 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 or requirements in BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra-Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

9A.2 Exception Management

Question

Guidance

Response

Evidence

9A.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the service there are a number of points at which delays in processing data could occur, which, if not addressed, could result in the timescale requirements, as set out in BSCP603, being exceeded. This could consequentially have an adverse impact on the quality of data used by other Party Agents or Parties in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms you have in place to identify rejections, errors and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify:

(a) All points of rejection/failure in data flow processing.

(b) All areas where backlogs may occur in processing e.g. where there are dependent data flows or where a manual review is required to validate data.

(3) Management processes in place to monitor performance against the standards as set out in BSCP603.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 9A.1.1 above and also addresses the receipt of all types of Asset Meter read.

9A.2.2 What procedures do you have in place to address any exceptions reported to the AMHHDC (BSCP603 2.3.3)?

BSCP603 2.3.3 defines the requirements on the AMHHDC to investigate inconsistencies and rectify faults. The response should address the controls and procedures in place to resolve exceptions reported. The response should address the following:

(1) The controls and processes in place to resolve any exceptions reported, including procedures in place which specify the action to be taken for each error code reported.

(2) Any additional methods used by the AMHHDC to report on and resolve exceptions.

(3) Processes in place to monitor the level and type of exceptions received to facilitate root cause analysis.

9A.2.3 Where you are collecting data from the Asset Metering System how do you ensure that the clocks on Asset Meters are checked on a regular basis and appropriate corrective action is taken if any errors are detected?

The response should address the following areas:

(1) Controls in place to ensure the regular checking of Asset Meter clocks (this process may have been addressed in response to question 9A.1.5 on Asset Meter data validation – where this is the case please provide a cross reference).

(2) Formal reporting of clock inaccuracies.

(3) Formal rectification procedures.

(4) Monitoring in place to ensure completeness and accuracy of action taken.

9A.2.4 Where you are collecting data from the Asset Metering System what controls do you have in place to ensure that site visits are carried out completely, accurately and as per the timescales defined in BSCP603? (BSCP603 Appendix 3.1.8 & 3.4)

BSCP603 3.1.8 (Asset Metering Systems) stipulates that sites with polyphase Metering Systems should be visited at least annually and single phase at least at two yearly intervals to perform the checks described.

The response should address the controls and procedures in place to ensure the following:

(1) Site visits are scheduled and carried out in all required circumstances within timescales as defined in the BSCP.

(2) Site visits are carried out completely and accurately (with all required checks being made as defined in BSCP603 Appendix 3.1.8 for Asset Metering Systems).

(3) The local interrogation unit (IU) or hand held unit (HHU) is set to ensure agreement with UTC at least every week.

(4) Information received back from a site visit is processed in a timely manner with all exceptions being followed up as required.

(5) Monitoring over the completeness, accuracy and timeliness of the performance of site visits in line with the BSCP requirements.

9A.2.5 For Metering Systems that require Meter Advance Reconciliations (MARs) what controls do you have in place to ensure that manual MARs are performed completely, accurately and as per the timescales defined in BSCP603? (BSCP603 Appendix 3.8 for Asset Metering Systems).

Meter Advance Reconciliations (MARs) should be performed at least every quarter for Metering Systems where the automatic cumulation/total consumption comparison (i.e. the mini-MAR as specified in BSCP603 Appendix 3.1.5 for Asset Metering Systems) cannot be performed.

The response should address the controls and procedures in place to ensure the following:

(1) Process and procedures should be in place to identify all Asset Metering Systems that require a MAR to be performed, either an inventory or some form of identification on the systems should be available.

(2) MARs are scheduled and performed as per the requirements specified in BSCP603 Appendix 3.8 for Asset Metering Systems.

(3) Appropriate checks are performed when using the Asset Meter register readings taken during any site visit.

(4) MARs are calculated accurately as per the requirements in BSCP603.

(5) Reports are produced and sent to the relevant AMVLP (MAR confirmation report, MAR failure report and MAR overdue report).

(6) Appropriate actions are taken in response to the failure to perform a MAR (action taken to identify the cause of the failure and subsequent MARs performed).

(7) Follow up of any exceptions identified in the completion of the MAR process.

9A.2.6 For Asset Metering Systems that require proving tests what controls do you have in place to ensure that proving tests are performed in all the circumstances and timescales as defined by BSCP603 2.5 and Appendix 3.6?

The AMHHDC agent is required to perform Proving Tests at the request of the Meter Operator Agent. BSCP603 2.5 specifies the procedures to be used for different proving methods. Appendix 3.6 sets out, the circumstances in which a proving test will be required, the methods which can be used, the timescales to be applied and the actions to be taken with exceptions. Your response should address the end to end procedures and controls in place to cover the following:

(1) Appropriate scheduling of proving tests to ensure that proving tests are carried out on both main and check Asset Metering Systems in all the circumstances defined in BSCP603 Appendix 3.6 where the AMHHDC knows that a proving test should have been performed (due to one of the circumstances set out in BSCP603 Appendix 3.6 arising) then the AMHHDC is required to report this to the MOA and the AMVLP.

(2) Monitoring controls to review the completeness over scheduling of proving tests.

(3) Utilisation of an appropriate proving method (BSCP603 2.5 & Appendix 3.6).

(4) Adherence to defined timescales for testing and re-testing (BSCP603 Appendix 3.6).

(5) Monitoring controls to review the completeness over enacting proving tests and adherence to timescales.

(6) Controls to ensure appropriate action is taken upon failed / incomplete proving tests (BSCP603 2.5 Appendix 3.6).

9A.2.7 How do you ensure that within two working days of detecting consumption on de-energised metering, the AMHHDC reports any detection to the AMVLP and Meter Operator Agent as per BSCP603 2.3.2.4 for Asset Metering Systems?

The response should detail the controls in place to ensure:

(1) Complete reporting via a D0001 data flow to AMVLP consumption detected on a de-energised Metering System (BSCP603 2.3.2.4 for Asset Metering Systems).

(2) Accurate and timely follow up of subsequent instructions received from the AMVLP on a D0005 data flow – instruction on action.

9A.2.8 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter reads) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your AMVLP Agent service).

(2) Review of data quality statistics by senior management.

9A.3 Additional Information

Question

Guidance

Response

Evidence

9A.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 10 – NHHDA

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the requirements of the BSC, BSCP505 and PSL100 are met. Whilst sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a NHHDA agent.

Guidance for completing this section

The NHHDA agent aggregates non half hourly EAC and AA values received from NHHDC agents according to the registration data held by the SMRA. The aggregated data is then passed to the SVAA in accordance with the Settlement timetable. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of EAC/AA values and the transmission of aggregated data to the SVAA agent. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the provision for a full audit trail history of the data used by your Agency Service and any changes made to it as outlined in PSL100.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, or letter).

10.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

10.1.1 How do you ensure that the data is received and processed completely, accurately and in a timely manner, in line with the requirements of BSCP505 and PSL100?

The NHHDA receives a number of key inputs:

(1) Registration data from SMRA (standing data and Metering System data) on a D0209 data flow (BSCP505 3.2.1 and 3.2.2).

(2) EAC and AA data received from NHHDC agents on a D0019 data flow (BSCP505 3.3.1).

(3) MDD, Data Aggregation timetable and Settlement timetable on D0269, D0270 and D0286 data flows (BSCP505 3.1.3).

The response should address the following areas:

(a) The identification, review and authorisation of flows prior to processing.

(b) Controls in place to ensure that all data required or expected is received. This may be through controls within the update routines or through manual controls.

(c) The validation of data for formats and lengths, e.g. the MSID is valid (instruction file validation BSCP505 Appendix 4.2.1).

(d) The validation of standing data received against the latest version of MDD, data items and combinations such as Profile Class, Standard Settlement Configuration, Data Aggregator ID, Data Collector ID, SVA Meter Operator Agent ID, Supplier ID, Measurement class, GSP Group or energisation status (NHHDA appointment changes – BSCP505 4.2.2, NHHDC appointment changes - BSCP505 4.2.3).

(e) The validation of Metering System data received e.g. Measurement Class is non half hourly for the whole of the Meter Advance Period (MAP), Standard Settlement Configuration, Supplier, energisation status and Measurement Class have not changed in the middle of a MAP and sets of history data include Metering System data effective on the Settlement date of the earliest MAP (SVA Metering System standing data changes - BSCP505 4.2.4).

(f) The validation of consumption data received, e.g. all MAPs are contiguous and if data contains EAC and AA data then EAC effective from Settlement date is the day after the latest AA effective to Settlement date (NHHDC Consumption data BSCP505 4.2.6).

(g) The validation of data for its internal consistency.

(h) Controls to ensure that where MDD items are selectively applied to the database, that the appropriate items are selected and that all are applied completely and accurately. Please specify whether this process will require manual intervention.

10.1.2 How do you ensure that the aggregation process is performed in accordance with the Settlement timetable and that the transmission of the Supplier Purchase Matrix to the SVAA is complete and accurate?

The NHHDA agent transmits the Supplier Purchase Matrix to SVAA on a D0041.

The response should address the following areas:

(1) A schedule of aggregation runs and expected transmission times and dates is prepared and issued to staff.

(2) Aggregation run numbers are allocated to ensure that all are processed in the correct order.

(3) All appropriate GSP Group combinations are included in the aggregation run.

(4) Aggregation runs and files sent are monitored/reviewed to ensure that timetables are met.

(5) File sequence numbers, record counts and check sums are included in the data transmitted to ensure completeness.

(6) Where the Data Transfer Network has not been utilised, receipt acknowledgements received from SVAA are checked to ensure completeness of transmission.

(7) Processes are in place to re-run an aggregation/transmission should processing problems be encountered.

10.1.3 How will you ensure that a full refresh and any selective refreshes are requested from the SMRA as required as per BSCP505 section 3.2.3?

The response should address the following areas:

(1) Procedures should be in place to ensure that the NHHDA agent requests a full refresh from SMRA when requested by BSCCo or the PAB.

(2) Procedures are in place to identify circumstances in which a selective refresh is required.

(3) Controls should be in place to ensure that where a selective refresh is required, the SMRA is notified in a timely manner.

(4) Controls should be in place to ensure that the refresh is applied in accordance with the requirements set out in BSCP505.

10.1.4 How have you ensured that you have appropriate audit trails in place?

The systems should be capable of reporting (or archived information should be stored so that it is available for enquiry) sufficient information so as to enable a user to obtain, in a timely fashion:

(1) A breakdown of any aggregated information calculated.

(2) Any changes to standing data held or used by the system.

The audit trail and archiving requirements for NHHDA are set out in PSL100 sections 10.2 and 10.3.

10.1.5 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Sections 10.2 and 10.3?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra-Settlement Determination.

The response should address the following:

(4) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(5) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

10.1.6 What version of the NHHDA software will you go-live with and how will you ensure that the correct version is used on an ongoing basis?

Change management procedures should be detailed in section 5. In addition to providing information as to version of software at go-live provide any additional controls with respect to version control if not covered by section 5.

The response should address the following areas:

(1) Controls should be in place to ensure that the developer supports the version of software in use.

(2) On an ongoing basis, controls should be in place to ensure that, as new versions of software are received and implemented, that these are tested in the Party Agent’s own environment – i.e. some form of user acceptance testing is carried out and where relevant regression testing.

10.2 Exception Management

Question

Guidance

Response

Evidence

10.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the service there are a number of points at which delays in processing data could occur which if not addressed could exceed the timescale requirements as set out in BSCP505. The performance standards to be attained are set out in BSCP505 Section 4.8.

The response should address the following areas:

(1) An analysis of data processing by your Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in data flow processing.

(2) Internal reporting mechanisms are in place in order to monitor levels of rejections/failures and backlogs on a daily basis.

(3) Management processes are in place to monitor performance against the standards as set out in BSCP505.

(4) Procedures set out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 10.1.1 above.

10.2.2 What procedures do you have in place to ensure that all transmission failures are detected and advised to sender and that any data validation failure results in a D0023 rejection?

Validation failure may result in the following:

(1) For file transmission failures a P0035 flow will be returned.

(2) For instruction processing errors a D0023 will be returned.

The response should summarise local working procedures for this area and should address the following:

(1) Controls to detect all failures that have occurred.

(2) Controls to ensure that all failures result in the appropriate response to sender.

(3) Management monitoring of processes to detect whether there is any delay or backlog in sending the appropriate flows.

(4) Processes are in place to re-send transmissions should a failure occur.

10.2.3 What controls are in place to send the D0095 to the correct recipient in a complete, accurate and timely manner and to deal with any exceptions or rejections?

The D0095 report is considered to be a key control in the Settlement process. BSCP505 3.3.3 specifies the required procedures in relation to the production of the D0095 report.

The NHHDA agent is responsible for generation of the D0095 'Check Data Collector' report. A suggested timetable is published on the BSC Website.

The report is provided to the Metering System Supplier and shows the following:

(1) Where no instruction affecting the individual Metering System concerned has been received since the exception was recorded then the exception is ignored as it has not been affected.

(2) Where an instruction affecting an individual Metering System has been received since the exception was recorded then the exception record is deleted.

(3) Where an inconsistency still remains after the new instruction has been processed then a new exception record is created.

The response should address the following areas:

(a) Controls should be in place to ensure that all requested D0095 reports are sent in the appropriate format to each Supplier in accordance with the timetable.

(b) Management monitoring processes to detect whether there is any backlog or delay in sending the exception report.

10.2.4 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter advances) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Agency Service.

(2) Review of data quality statistics by senior management.

10.3 Additional Information

Question

Guidance

Response

10.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 11 – HHDA

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the requirements of the BSC, BSCP503 and PSL100 are met. Whilst sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a HHDA agent.

Guidance for completing this section

The HHDA agent aggregates half hourly Meter readings received from the HHDC agents. The aggregated data is then passed to the SVAA in accordance with the Settlement timetable. Upon request from the SVAA the HHDA will also forward individual half hourly meter readings to the SVAA. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of Half Hourly Meter readings and the transmission of data to the SVAA. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the processes for identifying errors (monitoring data quality), the provision for a full audit trail history of the data used by your Agency Service and any changes made to it as outlined in BSCP503.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic data flows received via the Data Transfer Network and also manual data flows received via any other means (e.g. email, letter).

11.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

11.1.1 How do you ensure that data is received and processed completely, accurately, and in a timely manner in line with the requirements of BSCP503 and PSL100?

The HHDA receives a number of key inputs:

(1) Registration data from SMRA on D0209 data flows (BSCP503 3.2.1 and 3.2.2).

(2) Estimated and actual consumption data received from HHDC agents on D0036 data flows (BSCP503 3.3.1).

(3) MDD, Data Aggregation timetables and Settlement timetables from the SVAA on D0269 and D0270 data flows (BSCP503 3.1.3).

(4) Line Loss Factor changes from LDSOs on D0265 data flows (BSCP503 3.3.1).

(5) BM Unit allocations or changes from Suppliers on D0297 data flows (where the Applicant is seeking Qualification as a HHDA following agreement with its associated Supplier(s) to implement additional BM Units) (BSCP503 3.5).

(6) Metering System Reporting Notification from SVAA (D0354) (BSCP503 3.7).

The response should address the following areas:

(a) The identification, review and authorisation of flows prior to processing.

(b) Controls are in place to ensure that all data required is received. This may be by controls within the update routines or by manual controls (you should include details as to how you will ensure that you have been notified of all changes to Line Loss Factors).

(c) The validation of data for formats and lengths (e.g. the MSID is valid) (BSCP503 Appendix 4).

(d) The validation of data for its internal consistency.

(e) The validation of standing data received against the latest version of MDD, data items such as Measurement Class, Data Aggregator ID, Data Collector ID, GSP Group, Line Loss Factor details or energisation status (BSCP503 4.1.2 to 4.1.7).

(f) The validation of Line Loss Factor data (BSCP503 4.2).

(g) The validation of BM Unit files (BSCP503 4.5).

(h) The validation Metering System Reporting Notification (BSCP503 4.6).

11.1.2 How do you ensure that the aggregation process is performed in accordance with the Settlement timetable and that the transmission of the Aggregated Half Hour Data (D0040) or BM Unit Half Hourly Aggregated Data (D0298) to SVAA is complete and accurate?

The response should address the following areas:

(1) A schedule of aggregation runs and expected transmission times and dates is prepared and issued to staff.

(2) Aggregation run numbers are allocated to ensure that all are processed in the correct order.

(3) Controls are in place to ensure that data is aggregated by each GSP Group for each associated Supplier for each Settlement day and separate totals for each BM Unit are maintained.

(4) File sequence numbers, record counts and check sums are included in the data transmitted to ensure completeness.

(5) Where the DTN has not been utilised, receipt acknowledgements received from SVAA are checked to ensure completeness of transmission.

(6) Aggregation runs are monitored/reviewed to ensure that timetables are met.

(7) Processes are in place to re-run an aggregation/transmission should processing problems be encountered.

11.1.3 How will you ensure that a full refresh and any selective refreshes are requested from the SMRA as required, as per BSCP503 section 3.2.2?

Procedures should be in place to ensure that the HHDA Agent requests a full refresh from SMRA when requested by BSCCo or the PAB.

BSCP503 Appendix 4.1.7 sets out the validation requirements to be performed on receipt of the refresh. Controls should be in place to ensure that the refresh is applied in accordance with the requirements set out in BSCP503.

11.1.4 How will you ensure that you have appropriate audit trails in place to meet the requirements as set out in PSL100?

The systems should be capable of reporting (or archived information should be stored so that it is available for enquiry) sufficient information so as to enable a user to obtain, in a timely fashion:

(1) A breakdown of any aggregated information calculated.

(2) Any changes to standing data held or used by the system.

The audit trail and archiving requirements for HHDA are set out in PSL100 sections 10.2 and 10.3.

11.1.5 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Sections 10.2 and 10.3?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

11.1.6 How have you ensured the complete and accurate transmission of any requested Metering System Half Hourly Metered Volume (D0385) to SVAA?

The response should address the following areas:

(1) A schedule of aggregation runs and expected transmission times and dates is prepared and issued to staff.

(2) Aggregation run numbers are allocated to ensure that all are processed in the correct order.

(3) Controls are in place to ensure that data for each Settlement Period in each Settlement Day is provided for each specified Metering System.

(4) File sequence numbers, record counts and check sums are included in the data transmitted to ensure completeness.

(5) Where the DTN has not been utilised, receipt acknowledgements received from SVAA are checked to ensure completeness of transmission.

(6) Aggregation runs are monitored/reviewed to ensure that timetables are met.

(7) Processes are in place to re-send a Metering System Half Hourly Metered Volume should processing problems be encountered.

11.2 Exception Management

Question

Guidance

Response

Evidence

11.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur which if not addressed could exceed the timescale requirements as set out in BSCP503 or PSL100. The performance standards to be attained are set out in Appendix 4.8.

The response should address the following areas:

(1) An analysis of data processing by your Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in data flow processing.

(2) Internal reporting mechanisms are in place in order to monitor levels of rejections/failures and backlogs on a daily basis.

(3) Management processes are in place to monitor performance against the standards as set out in BSCP505 and PSL100.

(4) Procedures set out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 11.1.1 above.

11.2.2 What procedures do you have in place to ensure that all transmission failures are detected and advised to sender and that any data validation failure results in a D0023 rejection?

Validation failure of the D0209 flow received from SMRA may result in the following:

(1) For file transmission failures a P0035 will be returned.

(2) For instruction processing errors a D0023 will be returned.

The response should summarise local working procedures for this area and should include:

(a) Controls to detect all failures that have occurred.

(b) Controls to ensure that all failures result in the appropriate response to sender.

(c) Management monitoring of processes to detect whether there is any delay or backlog in sending the appropriate flows.

11.2.3 What controls are in place to produce and send the D0235 report to the correct recipients in a complete, accurate and timely manner and to deal with any exceptions or rejections?

The D0235 report is considered to be a key control in the Settlement process. BSCP503 3.4.2 and Appendix 4.4 specifies the required procedures in relation to the performance of the aggregation run and Appendix 4.3 specifies the exceptions that should be identified during the aggregation run.

The report is provided to the relevant Supplier and HHDC Agent.

The response should address the following areas:

(1) Controls in place to ensure that D0235 reports are sent to the appropriate recipients.

(2) Management monitoring of processes to detect whether there is any delay or backlog in sending the exception reports.

11.2.4 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter advances) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Agency Service).

(2) Review of data quality statistics by senior management.

11.3 Additional Information

Question

Guidance

Response

11.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 12 – SMRA

Objectives of this section

The objective of this section is to consider the controls that have been built into your systems and processes supporting your Agency Service to ensure the operational requirements, as defined in BSCP501 and PSL100 are met. Whilst sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as an SMRA.

Guidance for completing this section

As per the BSC, an LDSO is required to provide a SMRS for the maintenance of SVA Metering System data in accordance with BSCP501. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a SMRA. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of both standing data and MSID information to your Agency Service(s) and the subsequent transmission to the Data Aggregator. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement) the provisions for a full audit history of the data used by your Agency Service, and any changes made to it as outlined in PSL100.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. In this section of the SAD you are concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents. There are numerous methods of monitoring the quality of your data and the benchmarks that you use should be tailored to your Agency Service and the specific risks posed to your data quality.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

12.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

12.1.1 What controls do you have to ensure that all standing data and MSID information and all details on changes of Supplier, Data Aggregator, Data Collector and SVA Meter Operator are recorded completely, accurately and in a timely manner, in line with BSCP501 (Sections 2.2, 2.3.1 and 3)?

The SMRA receives a number of different inputs:

(1) D0269 and D0270 MDD data flows from SVAA (BSCP501 3.1).

(2) Appointment details and changes from a Supplier on D0205 data flow (BSCP501 3.3, 3.5 & 3.6).

(3) Metering System Data (D0171) from a SMRA (BSCP501 3.2, 3.4, 3.6 & 3.9).

(4) Registration data from the Central Switching Service (CSS) via the Electricity Retail Data Agent (ERDA), although this is not subject to the BSC Qualification process.

The response should address the following areas:

(a) All flows are identified, reviewed and authorised prior to processing.

(b) The validation of data for formats and lengths, e.g. the MSID is valid.

(c) Controls in place to ensure that all data expected or required is received. This may be through controls within the update routines or through manual controls.

(d) The controls over the completeness and accuracy of MDD data in line with the go-live dates as published in MDD circulars. Where MDD is only selectively loaded controls should be in place to determine what to load and to ensure that the load is in line with the ‘go live’ dates for the relevant version.

(e) The validation of the data received against the latest version of MDD, data items and combinations such as the Profile Class (NHH only), SSC (NHH only), DA Id, DC Id, SVA MOA Id, Supplier Id, Measurement Class, GSP Group, Energisation Status or LLFC.

(f) The validation of data for its internal consistency, e.g. if the Measurement Class changes from NHH to HH the DA/DC/SVA MOA5 appointments are also changed.

12.1.2 Following data updates within SMRA, how do you ensure complete and accurate D0209 flows are sent to each relevant Data Aggregator in a timely manner?

BSCP501 (3.2, 3.3, 3.5, 3.6, 3.8 & 3.9) require that a D0209 flow be sent to the appointed Data Aggregator following a change to any of the MSID information.

The response should address the following areas:

(1) Processes/controls in place to identify all updates to the system that require a D0209 to be sent.

(2) The correct Data Aggregator is identified as the recipient of the D0209.

(3) File sequence numbers are maintained for each recipient Data Aggregator to ensure all are processed and in the correct order.

(4) Record counts and check sums are provided in the data transmitted to ensure completeness.

(5) Where the DTN is not used for transmission, an acknowledgement check is performed to confirm receipt of the files by the DA.

(6) Processes are in place to ensure all necessary data for the D209 is collated from your system.

12.1.3 How do you ensure the correct response to a request for a ‘refresh’ of Metering System data from an appointed Data Aggregator is actioned (BSCP501 2.7.1 and 3.8)?

The response should address the following areas:

(1) Controls are in place to validate the request to ensure it has come from a valid source and is in respect of MSIDs that the source is appointed to.

(2) Processes are in place to ensure the refresh file sent to the Data Aggregator is complete and accurate. This should also include processes to ensure the correct amount of history is included in the refresh file.

(3) Timescales for responding to any such requests are in accordance with BSCP501, PSL100 and/or agreed with the Data Aggregator and are documented and monitored by management (this may also include receiving an acknowledgement from the Data Aggregator that the request has been satisfied).

12.1.4 What controls and procedures do you have in place to ensure that the requirements of BSCP533 are met?

The response should address the following:

(1) Calculations are in accordance in with the calculation guidelines specified in BSCP533 Appendix B PARMS Calculation Guidelines

(2) Submissions are in accordance with BSCP533

(3) Data is submitted in the required file format specification (in accordance with BSCP533 Appendix A PARMS Data Provider File Formats)

(4) Controls in place for data validity and completeness

(5) Demonstration of a full understanding of, and capability to fulfil, the obligations and requirements of PARMS.

12.1.5 How have you ensured that appropriate audit trails are in place?

The system should be capable of reporting (either from ‘live’ data or from data archived but available for review, as per PSL100 Section 10) sufficient information so as to enable a user to obtain, in a timely manner, any changes to standing data held or used within the system and the linkages/relationships to the flows received and sent.

The audit trail requirements are set out in BSCP501 Section 2.9 and PSL100 Section 10.

12.1.6 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Section 10.2?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

12.1.7 How have you ensured that you can operate in all GSP Groups?

SMRAs that are seeking re-Qualification in order to operate in multiple GSP Groups should refer to BSCP537 Appendix 3.2 for details of the requirements that must be met.

All new SMRAs are required to be able to operate in all GSP Groups. The response should address the following:

(1) Controls to ensure that for each MSID registered in the SMRS the correct GSP Group is recorded within the system.

(2) Testing (as described in Section 3) has been performed to demonstrate that the Agency Service can operate those processes and procedures detailed in BSCP501 in multiple GSP Groups.

12.2 Exception Management

Question

Guidance

Response

Evidence

12.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur which if not addressed could exceed the timescale requirements as set out in BSC501 or PSL100. The performance standards to be attained are set out in PSL100 5.3, 5.4 and 10.2.

The response should address the following areas:

(1) An analysis of data processing by your Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in data flow processing.

(2) Internal reporting mechanisms are in place in order to monitor levels of rejections/failures and backlogs on a daily basis.

(3) Management processes are in place to monitor performance against the standards as set out in BSCP501 and PSL100.

(4) Procedures set out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 12.1.1 above.

12.2.2 How do you ensure all P0035 and D0023 flows received from Data Aggregators are identified, investigated and resolved?

Question 12.1.2 addresses the sending of a D0209 flow to a Data Aggregator. If the D0209 is rejected by the Data Aggregator, the following may be returned to the SMRA (BSCP501 Sections 2.7.1, 2.7.2, 3.3, 3.6 and 3.11):

(1) For instruction file errors (transmission problems) a P0035 will be returned.

(2) For instruction processing errors (instruction level validation problems) a D0023 will be returned.

The response should address the following areas and where relevant summarise the relevant local working procedures:

(a) Controls to identify when these rejection flows are received.

(b) The action required to follow up the error should be detailed, including notifying the Data Aggregator and/or registered Supplier where the SMRA considers the fault to lie with other Parties’ systems/processes.

(c) Procedures to identify whether a file resend or new D0209 is the appropriate response.

(d) The timescales within which actions should be taken to resolve the P0035/D0023.

(e) Management monitoring processes to ensure all P0035/D0023 flows received are being progressed and resolved in a timely manner.

12.2.3 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter reads) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Agency Service).

(2) Review of data quality statistics by senior management.

12.3 Additional Information

Question

Guidance

Response

Evidence

12.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 13 – AMMOA

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your AMVLP Agency Service to ensure the requirements of the BSC and BSCP603 are met. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as an AMMOA Agent.

Guidance for completing this section

The AMMOA is responsible for the installation and maintenance of Asset Metering Systems and is limited to Asset Metering Type 4 (“whole current” (direct connected) only) and Asset Metering Type 5 as defined in CoP11. The AMMOA is required to provide requested data to other Parties and to inform Parties impacted by any changes made to Asset Metering Systems as set out in BSCP603. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of Asset Metering System technical data or energisation status data received and the transmission of Asset Metering System technical data, energisation status or Asset Meter reads to HHDC Agents or AMHHDC Agents. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement), the provision for a full audit trail history of the data used by your Agency Service and any changes made to it as outlined BSCP603.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of data.

A number of questions in the SAD relate to ‘data quality’. In this section of the SAD you are concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means e.g. email, letter.

13.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

13.1.1 How do you ensure that data is received and processed completely accurately and in a timely manner, in line with the requirements of BSCP603?

The AMMOA receives a number of key inputs:

(1) D0148, D0151 and D0155 from AMVLPs relating to appointments and Party Agent changes. (BSCP603 2.1.1, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.1.10. 2.1.11 and 2.1.12); and where an AMHHDC has been appointed a P0314 data flow.

(2) D0170 data flow, as agreed with the AMVLP, from AMVLPs and other Metering System Operators requesting Asset Metering System details. (BSCP603 2.1.1, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.9, 2.1.10 and 2.1.12).

(3) P0319 data flow, as agreed with the AMVLP, from AMVLPs rejecting a request for Site Technical Details (BSCP603 2.1.1).

(4) D0010, P0315 and D0268 data flows from AMVLPs and other Metering System Operators providing Asset Metering System technical details or Asset Metering System readings. (BSCP603 2.1.1, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 2.1.7, 2.1.8, 2.1.9, 2.1.10, 2.1.11, 2.1.12, 2.2, 2.4 and 2.5).

(5) D0134 and D0139 data flows from AMVLPs requesting and providing energisation status changes (BSCP603 2.2.1 and 2.2.2).

(6) D0142 from AMVLPs requesting installation, removal or changes to Asset Metering Systems (BSCP603 2.1.1, 2.1.3, 2.2.3, 2.2.4, 2.2.5 and 2.2.6).

The response should address the following areas:

(a) All flows are identified, reviewed and authorised prior to processing.

(b) The validation of data for formats and lengths, e.g. the AMSID is valid.

(c) The validation of data for its internal consistency.

(d) Controls in place to ensure that all data required or expected is received. This may be through controls within the update routines or through manual controls.

13.1.2 How do you ensure that once data has been collected, it is passed to the appropriate recipient completely, accurately and in a timely manner?

The key inputs received are set out in 13.1.1 and where relevant the AMMOA is required to take the appropriate action which might include, for example, the provision of Asset Metering System technical details and Asset Meter readings to other parties – notably to HHDC Agents and AMHHDC Agents.

The response should address the following areas:

(1) Controls should be in place to ensure that the appropriate action for each request or provision of data is taken, all instructions should be logged and progress monitored to ensure they are actioned in a timely manner.

(2) Management should have monitoring controls in place in order to determine whether the appropriate action has been taken in each case.

(3) Controls should be in place to ensure that data sent (regardless of method) has been sent to the appropriate recipient, has been authorised for sending and potentially any acknowledgement received has been checked - in an electronic environment these may include:

(a) File sequence numbers are maintained to ensure that all are processed and in the correct order.

(b) Record counts and check sums are included in the data transmitted to ensure completeness.

(c) Receipt acknowledgements received are checked to ensure completeness of transmission (only relevant where the DTN has not been used).

(d) Processes are in place to re-send transmissions should a failure occur.

13.1.3 What controls do you have in place to ensure that data (including commissioning records) or Asset Meter readings obtained by field operators is recorded completely and accurately in the AMMOA database?

The response should address the following areas:

(1) Standard forms/input methodologies should be used to collect and retain data from work schedules.

(2) Scheduled work/site visits should be monitored against actual work/site visits performed.

(3) Expected data/information to be received from the site visits should be measured against actual data/information received.

(4) Details on how commissioning data flows D0383 and D0384 data flows, as agreed with the AMVLP, are processed, in accordance with BSCP603.

(5) Difference in controls and processes for on-site and off-site commissioning.

13.1.4 How do you ensure that you are able to carry out the principal functions of a MOA (including installation and commissioning) as set out in Section L 1.2.3A?

The response should include processes and controls in place for the following functions:

(1) Installations.

(2) Commissioning.

(3) Testing (including proving tests).

(4) Maintenance.

(5) Fault rectification.

(6) Provision of a sealing service.

If you intend to use any third party agent(s) to carry out any of the functions above on your behalf, please also include the following:

(1) List of the third party agent(s) that you intend to use. For each one, please state the MOA functions they will perform on your behalf.

(2) Description of controls and/or processes in place for ongoing management of the third party agent(s). The response should address:

  1. Regular meetings and reporting of key performance indicators.

  2. Adequate contractual arrangements that include clear lines of responsibilities for each party and documented working practice agreed.

  3. Controls in place to ensure your third party agent(s) are able to support the growth of your portfolio.

13.1.5 How do you ensure that all installed Asset Metering Systems either conform to the metering Code of Practice (CoP) Eleven or that an appropriate Metering Dispensation has been obtained?

The response should address the following areas:

(1) An inventory of all Asset Metering Systems installed should be maintained which specifies all Asset Metering System technical details – where relevant this should be supported by the appropriate certificates and paper work (e.g. Asset Meter calibration test certificates) and an audit trail should be provided from the inventory to the physical documentation.

(2) Controls should be in place to identify Asset Metering Systems that require a Metering Dispensation and to monitor the expiry dates of any Metering Dispensations held.

(3) An inventory of all Asset Metering Systems which have a Metering Dispensation should be maintained, which specifies the duration of each.

13.1.6 How will you ensure that you have appropriate audit trails in place to meet the audit trail requirements in BSCP603 Appendix 3.12.1, 3.12.2.2 and 3.12.2.3?

The systems should be capable of reporting (or archived information should be stored so that it is available for enquiry) sufficient information so as to enable a user to obtain, in a timely fashion any changes to standing data held or used by the system.

The audit trail and archiving requirements for AMMOA for Asset Metering Systems in BSCP603 Appendix 3.12.1, 3.12.2.2 and 3.12.2.3.

13.1.7 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 or in BSCP603 Appendix 3.12.2.2 and 3.12.2.3?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

13.1.8 What controls do you have in place to ensure that all commissioning tests are conducted to meet the requirements detailed in CoP 11 for all types of Asset Meters (including whole current metering)?

The response should address the following areas:

(1) Contacts and lines of communication that are established and maintained with the Equipment Owner (Section L 3.1.2) to ensure that full commissioning can be performed in accordance with CoP 11.

(2) Controls and procedures should be in place to identify all circumstances where a commissioning test is required, regardless of who is required to commission particular items of Asset Metering Equipment (e.g. Asset Meter embedded within a device owned by the relevant Equipment Owner) that make up and/or will make up the Asset Metering System.

(3) All commissioning tests are performed in accordance with the timescales outlined in BSCP603 2.1.

(4) Controls and procedures which exist to assess the quality of commissioning test results and records.

(5) All relevant documentation is:

(i) received (where necessary) from the relevant Equipment Owner responsible for commissioning the item of Asset Metering Equipment;

(ii) retained; and

(iii) is available for retrieval.

(6) Detail how you will transfer documentation to the new Asset Metering SVA MOA or AMMOA on CoA and to the Registrant for notification of commissioning test results.

(7) Commissioning tests performed meet the requirements detailed in CoP 11, and the Registrant is notified that commissioning of the Asset Metering System is completed, or the Registrant is notified of any defects or omissions in that process.

13.2 Exception Management

Question

Guidance

Response

Evidence

13.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur which if not addressed could exceed the timescale requirements as set out in BSCP603. This could consequentially have an adverse impact on other Party Agents or Market Participants.

The response should address the following areas:

(1) Internal reporting mechanisms are in place in order to monitor levels of rejections/failures and backlogs on a daily basis.

(2) An analysis of data processing by your Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in data flow processing.

(3) Management processes are in place to monitor performance against the standards as set out in BSCP603.

(4) Procedures set out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

13.2.2 What procedures do you have in place with respect to fault resolution, relating to both detection and responding to problem notifications from other parties?

A fault may be detected by a AMMOA, in which case the AMMOA contacts the HHDC (and AMHHDC if applicable) and requests a decision on the action to be taken (D0002). (BSCP603 2.1.7, 2.1.8, 2.1.9, 2.1.10, 2.1.11, 2.1.12, 2.2.3, 2.2.4, 2.3.3, 2.4.1 and 2.5.1).

Alternatively the HHDC, AMHHDC or AMVLP may request that the AMMOA investigates a potential fault (D0001). (BSCP603 2.4.1).

The response should address the following areas:

(1) All requests for investigation (D0001) or receipt of request for further action (D0002 or D0005) should be logged.

(2) Controls should be in place in order to monitor the progress of each fault from original notification to resolution.

(3) Ongoing monitoring of time taken to action specific requests/notifications should be carried out.

13.2.3 How do you ensure that a proving test has been performed in all the required circumstances and that the methodology applied conforms to BSCP603?

BSCP603 2.5 sets out the process for carrying out a proving test. The reasons when a proving test is required are set out in BSCP603 Appendix 3.6.1.

BSCP603 Appendix 3.6.1 to 3.6.5 sets out the detailed requirements for performing the proving tests.

The response should address the following areas:

(1) Controls and procedures should be in place to identify all circumstances where a proving test is required.

(2) Communication with the HHDC Agents and, if applicable, AMHHDC Agents concerned should be established and the method of proving test to be employed should be agreed.

(3) Management should have monitoring controls in place in order to determine whether the request to perform a proving test has been sent to the HHDC Agent and, if applicable, AMHHDC Agents in all required cases.

(4) Management should have controls in place to ensure that the confirmation of the proving test result is sent as required by BSCP603 2.5.

(5) Where a proving test fails progress should be tracked and monitored to ensure that a re-request or re-test is carried out.

13.2.4 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Asset Meter reads) used by your Agency Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Agency Service).

(2) Review of data quality statistics by senior management.

13.3 Additional Information

Question

Guidance

Response

13.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 14 – NOT USED

SECTION 15 – CVA MOA

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your CVA MOA Agency Service to ensure the requirements of the BSC, BSCP20, BSCP02, BSCP06 and PSL100 are met. Whilst sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a CVA MOA Agent.

Guidance for completing this section

The CVA MOA Agent is responsible for the installation and maintenance of CVA Metering Systems. The CVA MOA Agent is required to provide requested data to other Parties and to inform Parties impacted by any changes made to Metering Systems as set out in BSCP20. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of Metering System technical data or energisation status data received and the transmission of Metering System technical data, energisation status or Metering System reads to the CDCA Agent and the CRA. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement) the provision for a full audit trail history of the data used by your Agency Service and any changes made to it as outlined in BSCP06 and PSL100.

Exception Management: The section looks at the specific controls in place to report on, monitor and resolve exceptions during the processing of data.

A number of questions in the SAD relate to ‘data quality’. In this section of the SAD you are concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as the Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Due to their size and complexity it is not uncommon for a CVA MOA to be responsible for only a small number of Metering Systems, as a result it is likely that the CVA MOA system will be a simple one. Responses should consider the procedures in place for dealing with information received in any relevant medium either electronically or manually e.g. email, letter.

15.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

15.1.1 How do you ensure that you have a complete record for each Metering System and that this is updated for all changes?

BSCP06 section 1.5.2 (a) sets out the details of information that should be recorded for each Metering System. In addition the CVA MOA will receive a number of communications from other Parties as follows:

(1) The MSID for a Metering System on registration of a new Metering System (BSCP20 3.1.6 and 3.8.16).

(2) BSCP20/4.8 form from the Registrant appointing new CVA MOA (BSCP20 3.4).

(3) Communications from CDCA with respect to MTD changes and proving tests.

The response should address the following areas:

(a) An inventory of all Metering Systems installed should be maintained which specifies all Metering System technical details – where relevant this should be supported by the appropriate certificates and paper work (e.g. CT/VT certificates) and an audit trail should be provided from the inventory to the physical documentation.

(b) All received forms/notifications should be identified, reviewed and authorised prior to response.

(c) Procedures should be in place to ensure that the inventory is updated for all changes (either as notified by other Parties of as a result of information gathered by field operators).

(d) Expected data/information to be received from site visits should be measured against actual data/information received.

(e) Scheduled work/site visits should be monitored against actual work/site visits performed.

(f) Evidence should be retained as to who received any form/notification, when and what was updated to the CVA MOA inventory.

(g) Controls should be in place to ensure that the appropriate action for each request or provision of data is taken, all instructions/communications should be logged and progress monitored to ensure they are actioned in a timely manner.

15.1.2 How do you ensure that any changes made to Metering System technical details are updated to the CDCA?

BSCP20 3.5 and BSCP06 section 1.5.4 require the CVA MOA to update the CDCA using form BSCP20/4.3 of any changes to Metering System technical details or energisation status and where relevant to provide Meter reads and proving test dates in accordance with BSCP02.

The response should address the following areas:

(1) The authorised person is required to sign the form (BSCP38).

(2) Procedures should specify the action to be taken to ensure that the form is sent to the CDCA within the required timescale.

(3) Controls should be in place to ensure that data sent (regardless of method) has been sent to the appropriate recipient, has been authorised for sending and potentially any acknowledgement received has been checked.

15.1.3 How do you ensure that you are able to carry out the principal functions of a CVA MOA (including installation and commissioning) as set out in Section L 1.2.3?

(Mandatory question in respect of CVA MOAs who intend to work on CVA Metering Equipment associated with a Boundary Point to a distribution system or a systems connection point but not required for other CVA MOAs).

The response should include processes and controls in place for the following functions:

(1) Installations.

(2) Commissioning.

(3) Testing (including proving tests).

(4) Maintenance.

(5) Fault rectification.

(6) Provision of a sealing service.

If you intend to use any third party agent(s) to carry out any of the functions above on your behalf, please also include the following:

(1) List of the third party agent(s) that you intend to use. For each one, please state their Retail Energy Code MOCOPA accreditation status and the CVA MOA functions they will perform on your behalf.

(2) Description of controls and/or processes in place for ongoing management of the third party agent(s). The response should address:

(a) Controls to ensure that your agents are compliant with their Retail Energy Code MOCOPA obligations.

(b) Regular meetings and reporting of key performance indicators.

(c) Adequate contractual arrangements that include clear lines of responsibilities for each party, and documented working practice agreed.

(d) Controls in place to ensure your Retail Energy Code MOCOPA Agents are able to support the growth of your portfolio.

If you intend to carry out any of the functions above, please confirm your Retail Energy Code MOCOPA accreditation status.

15.1.4 How do you ensure that all installed Metering Systems either conform to the metering Code of Practice or that an appropriate Metering Dispensation has been obtained?

The response should address the following areas:

(1) Controls should be in place to identify Metering Systems that require a dispensation and to monitor the expiry dates of any dispensations held.

(2) An inventory of all Metering Systems that have a dispensation should be maintained which specifies the duration of each.

15.1.5 How have you ensured that you have appropriate audit trails in place?

The systems should be capable of reporting (or archived information should be stored so that it is available for enquiry) sufficient information so as to enable a user to obtain, in a timely fashion any changes to standing data held or used by the system (this will also be applicable to a paper based system).

The audit trail and archiving requirements for CVA MOA Agents are set out in PSL100 sections 10.2 and 10.3.

15.1.6 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 Sections 10.2 and 10.3

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

15.1.7 What controls do you have in place to ensure that all commissioning tests are conducted to meet the requirements detailed in CoP 4?

The response should address the following areas:

(1) Contacts and lines of communication that are established and maintained with the Equipment Owner (Section L 3.1.2) to ensure that full commissioning can be performed in accordance with CoP 4.

(2) Controls and procedures should be in place to identify all circumstances where a commissioning test is required, regardless of who is required to commission particular items of Metering Equipment (e.g. measurement transformers owned by the relevant BSC Party (e.g. NETSO or LDSO, as applicable)) that make up and/or will make up the Metering System.

(3) All commissioning tests are performed in a timely manner (e.g. where applicable, prior to registration).

(4) Controls and procedures which exist to assess the quality of commissioning test results and records.

(5) All relevant documentation is:

(i) received (where necessary) from the relevant BSC Party (the Equipment Owner) responsible for commissioning the item of Metering Equipment (in particular measurement transformers owned by the NETSO or LDSO, as applicable);

(ii) retained; and

(iii) is available for retrieval.

(6) Detail how you will transfer documentation to the new CVA MOA on CoA and to the Registrant for notification of commissioning test results.

(7) Commissioning tests performed meet the requirements detailed in CoP 4 and the Registrant is notified that commissioning of the Metering System is completed, or the Registrant is notified of any defects or omissions in that process.

(8) Difference in controls and processes for on-site and off-site commissioning.

15.1.8 What procedures are in place for the registering of sealing pliers and maintaining a register of seals applied for individual CVA Metering Systems?

PSL100 section 1.5.3 (c) requires the CVA MOA to provide a sealing service.

The response and supporting evidence must include:

(1) Evidence that a company specific identifier has been requested from BSCCo for sealing pliers;

(2) Procedures for maintaining a register of sealing pliers for individual pairs of sealing pliers; and

(3) Procedures for maintaining a register of seals applied for each CVA Metering System.

15.2 Exception Management

Question

Guidance

Response

Evidence

15.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notifications, exceptions arising in processing and other errors in order to ensure that service level requirements are met?

Within the requirements of the Service there are a number of points at which delays in actioning requests or passing on data could occur which if not addressed could exceed the timescale requirements as set out in BSCP20, BSCP06, or BSCP02.

The response should address the following areas:

(1) Internal reporting should be in place in order to monitor levels of rejections/failures and backlog.

(2) An analysis of the operation of the Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in instruction/notification processing.

(3) Management processes are in place to monitor performance against the standards as set out in BSCP20 and BSCP06.

(4) Procedures set out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems.

15.2.2 What procedures do you have in place with respect to fault resolution, relating to both detection and responding to problem notifications from other parties?

A fault may be detected by a CVA MOA as a result of a site visit or the CVA MOA to investigate a potential fault by the Registrant. (BSCP06 sets out the procedures in relation to fault investigation and resolution)

(1) All requests for investigation from the Registrant should be logged.

(2) Controls should be in place in order to monitor the progress of each fault from original notification to resolution.

(3) Procedures should be in place to ensure that any findings are reported to the CDCA.

15.2.3 How do you ensure that a proving test has been performed in all the required circumstances and that the methodology applied conforms to BSCP02?

BSCP02 sets out the requirements for performing a proving test. A proving test is required in the following circumstances:

  • Install new, or additions to, existing Metering Systems.

  • Remove and/or replace Metering Systems and/or Outstations.

  • Reprogram Metering Systems and/or Outstations.

  • Change the registration of a Metering System from SMRA to CMRS i.e. a SVA Metering System becomes a CVA Metering System.

The response should address the following areas:

(1) Controls and procedures should be in place to identify all circumstances where a proving test is required.

(2) Where a proving test fails progress should be tracked and monitored to ensure that a re-request or re-test is carried out.

(3) Controls should be in place to ensure that the proving test takes place prior to the effective from date for the Metering System.

15.3 Additional Information

Question

Guidance

Response

15.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 16 – METER ADMINISTRATOR

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Agency Service to ensure the requirements of the BSC, BSCP520 and PSL100 are met. Whilst Sections 1 to 7 of the SAD are generic to all Agency Services, this section focuses on the specific controls required to operate effectively as a Meter Administrator.

Guidance for completing this section

The Meter Administrator (MA) is responsible for receiving summary inventory and latitude/longitude information from the Unmetered Supplies Operator (UMSO) and where relevant inputting this information into the Equivalent Meter (EM). Where the EM is Central Management Systems (CMS) Capable the MA is responsible for inputting the CMS Control File and receiving Event Log data from the CMS. In addition the MA is responsible for operating and maintaining the EM hardware and software, ensuring that metered data is available from the EM in time for the Data Collector to meet the Settlement timetable and indicating to the Data Collector where estimated data should be used where an EM is not functioning correctly. The section is split as follows:

Business Processes and Mitigating Controls: This section looks at the controls over the input of summary inventory and latitude/longitude data into the EM and the operation and maintenance of the metering equipment. It also considers the maintenance of standing data which, if incorrect, may impact upon Settlement, the provision for a full audit trail history of the data used by your Agency Service and any changes made to it as outlined in BSCP520 and PSL100.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. In this section of the SAD you are concerned with the on-going quality of your data when your Agency Service is live and in operation. The quality of the data used to initially populate your Agency Service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Agency Service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents. There are numerous methods of monitoring the quality of your data and the benchmarks that you use should be tailored to your Agency Service and the specific risks posed to your data quality.

Both system and manual controls should be considered when answering the SAD questions as your Agency Service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means e.g. email, letter.

16.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

16.1.1 What controls do you have in place to ensure that the establishment of new UMS Inventory is done in accordance with the requirements of BSCP520?

The MA receives a number of key inputs from the UMSO and the Supplier:

(1) Latitude and longitude information for each MSID and summary inventory details in a CMS Control file.

(2) Appointment and termination details are received from the Supplier on D0155, D0148 and D0151 flows via an electronically or other agreed method.

The response should address the following areas:

(a) Summary inventory is validated against the Operational Information Document (OID).

In what form will an audit trail be provided from the relevant inventory, and is the data in the correct format?

(b) The EM type adopted utilises software which has been approved by BSCCo to provide settlement metered data in accordance with BSC Requirements.

(c) Controls to ensure around the population of data into the EM system is carried out completely, accurately and in a timely manner.

(d) Procedures are in place to ensure that EM system parameters have been correctly configured and assigned in a timely manner.

(e) Monitoring procedures are in place to identify changes required to data in a timely manner and to ensure the EM is updated accordingly.

(f) All flows are identified, reviewed and authorised prior to processing.

(g) The validation of data for formats and lengths, e.g. the MSID is valid.

(h) Evidence is retained as to who processed the data, when and what was updated to the MA database.

16.1.2 How do you ensure that once a UMS connection has been established changes to inventories are processed completely and accurately in accordance with the requirements of BSCP520?

The response should include the following key events:

(a) Receiving and processing of revised UMS inventories and/or CMS Control files as appropriate.

(b) Controls in place to identify required changes to data.

(c) Controls in place that changes are performed in a timely manner and the EM is updated accordingly.

(d) Controls in place to ensure that applications for revised inventories continue to meet the criteria specified in BSCP520.

16.1.3 How do you ensure that information and data flows relating to UMS are sent or received and processed completely, accurately and in a timely manner in accordance with BSCP520?

The response should include the following key events:

(1) Provision of UMS summary inventories via CMS Control file.

(2) Provision of latitude and longitude information.

(3) Receipt and processing of appointment details via data flows.

(4) Receipt and processing of CMS Event Log file.

(5) Provision of Half Hourly Advances specified in Coordinated Universal Time (UTC) format to the HHDC via D0379 flow.

The response should address the following:

(1) All flows are identified, reviewed and authorised prior to processing.

(2) The validation of data flows for format and lengths

(3) The validation of data for completeness and accuracy (e.g. the MSIDs is valid).

(a) Where the generating/sending of flows requires the use of MDD the response should reference how it is ensured that data in the flow is validated against the latest version of MDD.

(b) Where an agreed method other than the standard Energy Market Data Specification (EMDS) flow is to be used the response should address:

  • How you manage the approval / agreement of receipt/sending of data in another agreed format;

  • What records are retained of the agreement of the method as well as the actual data received/sent; and

  • How you ensure that timescales surrounding this data are adhered to.

  • Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the routine or through manual controls.

16.1.4 What controls do you have in place to ensure that the requirements of BSCP520 are met when a Change of Supplier (CoS) and/or Change of Agent (CoA) event takes places?

The response should cover how you identify when a CoS/CoA activity has taken place and should address the following:

For HH UMS CoS:

(a) Receipt and processing of appointment flows; and

(b) Receipt and processing of latitude and longitude information and Summary Inventory.

Change of MA:

(a) Receipt and processing of appointment flow and/or termination flow; and

(b) Sending and processing of requests for transfer of information between old and new MA

Change of Data Collector:

(a) Receipt and processing of notification of Change of Agent flows (D0148).

16.1.5 What controls do you have in place to ensure that the requirements of BSCP520 are met for EM Fault Reporting?

The response should address the following areas:

(1) Monitor and manage the receipt of notification of a fault/inconsistency;

(2) Action required to investigate the fault/inconsistency reported;

(3) Identify the period of the fault and notify relevant participants; and

(4) Rectify data and send Data Collector corrected data (D0379).

The response should address the following areas:

(a) Procedures in place to ensure that timescales and requirements are in accordance with BSCP520

Controls in place to monitor progress of EM Fault Reporting

16.1.6 Where Dynamic Equivalent Metering Systems are used, what procedures are in place to ensure that Photo Electric Cell Unit (PECU) Arrays are installed, configured and maintained correctly?

The response should address the following areas:

(1) Procedures are in place to ensure that the process in siting the PECU array is in accordance with BSCP520.

(2) Documented procedures are in place over the set up, installation and testing of the PECU Array(s) and associated communications equipment. These procedures should encompass tests to confirm that information can be retrieved from the PECU Array(s) to meet operational requirements and settlement run timescales.

(3) Procedures are in place to establish the load weighted numbers of Unmetered Apparatus controlled by PECUs to ascertain the correct proportion of PECUs on a PECU Array. These procedures also ensure that for each PECU in an Array, type and location details are maintained within the Equivalent Meter system.

(4) Procedures are in place to monitor and maintain the correct operation of the PECU Array(s). These procedures encompass the review of any spurious or unusual performance of PECUs within the Array. Failed cells within an Array are replaced in a timely manner.

(5) Procedures are in place covering the use of appropriate default PECU regimes and/or switching regimes in the event that PECU Array data is not available for any day.

16.1.7 How have you ensured that you have appropriate audit trails in place?

Your systems should be capable of reporting (or archived information should be stored so that it is available for enquiry) sufficient information so as to enable a user to obtain, in a timely fashion any changes to standing data held or used by the system.

The audit trail and archiving requirements for MA are set out in PSL100 sections 10.2 and10.3

16.1.8 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100 sections 10.2 and10.3?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

16.2 Exception Management

Question

Guidance

Response

Evidence

16.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notifications, exceptions arising in processing and errors in order to ensure that service level requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur which if not addressed could exceed the timescale requirements as set out in BSC520 or PSL100.

The response should cover the following areas:

(1) An analysis of data processing by your Agency Service has been performed in order to identify all points of rejection/failure or potential backlogs in dataflow processing.

(2) Reporting mechanisms are in place in order to monitor levels of rejections/failures and backlogs on a daily basis.

(3) In the event that an EM fault, including incorrect or missing data, is identified, documented resolution procedures detail actions to be followed to rectify the fault. The procedures include the timely notification of the nature of the fault to all relevant parties. Following resolution the period covered by the fault and the date and time of rectification should also be notified.

(4) Recalculation of unmetered supplies data (as more accurate data becomes available) for each MSID for each settlement Day.

16.3 Additional Information

Question

Guidance

Response

16.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 17 - UMSO

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Unmetered Supplies Operator (UMSO) service to ensure the operational requirements of the BSC and BSCPs are met. Whilst Sections 1 to 7 of the SAD are generic to all Qualified Persons, this section focuses on the specific controls required to operate effectively as an UMSO.

Guidance for completing this section

The UMSO is responsible for establishing new Unmetered Supplies and establishing appropriate Connection Agreements with UMS customers in line with the requirements set out in BSCP520. In addition it is responsible for providing summary inventories to the Meter Administrator (Half Hourly) and issuing Unmetered Supplier Certificates (Non Half Hourly).

Business Processes and Mitigating Controls: This set of questions looks at the controls over the provision of data to other participants, the subsequent processing of information received and the transmission of this updated data to relevant participants.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your UMSO service is live and in operation. The quality of the data used to initially populate your service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your UMSO service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter). It is recognised that not all UMSOs use the DTN to send and receive information from other participants. Where a question references a specific data flow this should be interpreted to mean the information that would normally be sent/received using that data flow even if the DTN is not used as the method of receipt/delivery. A full response should be provided and the Applicant should indicate for each data flow referenced whether the DTN or an alternative method of communication would be used.

17.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

17.1.1 What controls do you have in place to ensure that the establishment of new UMS connections is done in accordance with the requirements of BSCP520?

The UMSO is required to carry out a number of activities when establishing or updating UMS inventories. The response should include the following key events:

(1) Receiving/processing applications for new UMS from customers

(2) Establishing UMS Connection Agreements with customers on behalf of the LDSO.

(3) Distinguishing between HH and NHH UMS and applying distinct processes

The response should address the following areas:

(a) Controls in place to ensure that applications for new Unmetered Supplies meet the UMS criteria specified in BSCP520.

(b) Procedures for establishing appropriate UMS Connection Agreements with all customers ensuring that the key clauses defined in BSCP520 (section 1.1) are adhered to as a minimum.

Monitoring controls to ensure that all new connections are set up completely and accurately and have a formal connection agreement in place.

17.1.2 How do you ensure that once a UMS connection has been established new inventories or changes to inventories are processed completely and accurately in accordance with the requirements of BSCP520?

The response should include the following key events:

(1) Receiving and processing new/revised UMS inventories from customers and Change of Measurement Class applications from Suppliers.

(2) Calculation of EACs for Non Half Hourly UMS.

(3) Generation of UMS Certificates and data flows (D0052).

(4) Generation of summary inventories for Half Hourly UMS.

(5) Ensuring that MSIDs and inventory data for mCMS are kept separate from, and are not combined with, MSIDs or inventories for other UMS Apparatus.

The response should address the following areas:

(a) Controls and procedures in place to ensure the correct application of initial/revised EAC calculations for each Settlement register is recorded for each MSID for NHH traded UMS (BSCP520 Appendix 4.4).

(b) Procedures for generating the required outputs for NHH traded UMS ( UMS Certificate and D0052)

(c) Procedures for monitoring the required outputs for HH traded UMS ( Summary Inventory)

(d) Monitoring of compliance against conditions of UMS Certificates)

(e) Controls in place to ensure that applications for revised UMS inventories continue to meet the UMS criteria specified in BSCP520.

(f) Existence of a trigger upon receipt of updated inventories/Change of Measurement Class/Change of Supplier notifications to re-start the procedures for establishing a new UMS inventory to ensure that the criteria for UMS detailed in BSCP520 continue to be met.

17.1.3 How do you ensure that information and data flows relating to Half Hourly Unmetered Supplies are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSC?

The response should include the following key events:

(1) The sending of request to LDSO for a new MSID record.

(2) Sending of UMS Certificates to customer and Supplier on a P0170 flow

(3) Provision of latitude and longitude information.

(4) Receipt and processing of appointment details.

(5) Provision of UMS summary inventories to the appointed Meter Administrator.

(6) Receiving requests for latitude and longitude information and location of PECU arrays (if applicable).

The response should address the following

(1) All flows are identified, reviewed and authorised prior to processing.

(2) The validation of data flows for formats and lengths.

(3) The validation of data for its internal consistency, for completeness and accuracy (e.g. the MSID is valid).

(a) Where the generating/sending of flows requires the use of MDD the response should reference how it is ensured that this data is valid.

(b) Where an agreed method other than the standard EMDS flow is to be used the response should address:

  • How you manage the approval / agreement of receipt / sending of data in another agreed format,

  • What records are retained of the agreement of the method as well as the actual data received / sent; and

  • How you ensure that timescales surrounding this data are adhered to.

(4) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

(5) Existence of agreed procedures with the appointed Meter Administrator for the checking and agreement of inventories.

17.1.4 How do you ensure that information and data flows relating to Non Half Hourly Unmetered Supplies are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSC?

The response should address the following key events:

(1) The sending of a request to LDSO for a new MSID record for UMS.

(2) Accurate calculation of EACs according to calculation type (BSCP520 Appendix 4.4) and adjustment of EACs following an LDSO inventory audit.

(3) Sending of UMS Certificates to customer and Supplier via a P0170 data flow

(4) Receipt and processing of appointment details.

(5) Sending of split EAC/Profile Class and SSC details via a D0052 data flow to the Supplier and NHHDC following a new connection/change of inventory detail.

(6) The creation and sending of an annual spreadsheet of all UMS EACs to Suppliers on a P0218 data flow as specified in BSCP520. The response should include:

(i) A description of the process by which Supplier UMS registrations are collated;

(ii) Processes in place for applying the appropriate Average Fraction of Yearly Consumption (AFYC).

(iii) Submission of the data to Supplier/BSCCo

(iv) How you ensure that all requests received via a D0310 from the Supplier (or NHHDC) to resend correct EACs to the NHHDC are actioned.

The response should address the following

(a) All flows are identified, reviewed and authorised prior to processing.

(b) The validation of data for formats and lengths, e.g. the MSID is valid.

(c) The validation of data for its internal consistency, for completeness and accuracy.

(i) Where the generating/sending of flows requires the use of MDD the response should reference how it is ensured that this data is valid.

(ii) Where an agreed method other than the standard EMDS flow is to be used the response should address:

  • How you manage the approval / agreement of receipt / sending of data in another agreed format,

  • What records are retained of the agreement of the method as well as the actual data received / sent; and

  • How you ensure that timescales surrounding this data are adhered to.

(d) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

17.1.5 What controls do you have in place to ensure that the requirements of BSCP520 are met when a Change of Supplier (CoS) and/or Change of Agent (CoA) event takes place?

The response should cover how you identify when a CoA/CoS activity has taken place and should address the following:

For Half Hourly UMS CoS

(1) Receipt and processing of appointment details.

(2) Sending of latitude and longitude information and inventory details.

(3) Existence of procedures for agreeing with the Supplier that the existing UMS Certificate continues to meet the requirements of BSCP520

(4) Existence of agreed procedures with the appointed Meter Administrator for the checking and agreement of UMS inventories.

For NHH CoS

(5) Receipt and processing of appointment details.

(6) Receipt and processing of Termination of Appointment details.

(7) Existence of procedures for agreeing with the Supplier that the existing UMS Certificate continues to meet the requirements of BSCP520

Change of MA

(8) Receipt and processing of appointment details.

Change of NHHDC

(9) Receipt and processing of appointment details.

17.1.6 What controls do you have in place to ensure that the requirements of BSCP520 are met when a change of energisation status takes place?

The response should address the following:

(1) Sending of confirmation of energisation status change D0139 data flows to MA/Supplier (HH traded UMS)

(2) Sending of confirmation of energisation Status change D0139 data flows to NHHDC/Supplier (NHH traded UMS)

17.1.7 What controls do you have in place to ensure that the requirements of BSCP520 are met when a disconnection is required following de-energisation of an MSID?

The response should address the following:

  1. Procedures in place to identify that a site is no longer required.

  2. Sending of details to Supplier.

  3. Sending of details to LDSO.

17.1.8 How have you ensured that you have appropriate audit trails in place?

The UMSO should retain data to allow the Supplier to fulfil all its obligations under the BSC. The response to this question should address how such data is stored, including the following key items:

(1) Copies of Connection Agreements and evidence that Connection Agreements are in place and have been sent to the customer.

(2) Evidence of data sent and received. This data may be in either data flow format or otherwise (e.g. email) and the agreed method should be formalised and recorded.

(3) EAC values and evidence of calculations (for NHH UMS) including evidence to support changes made to inventories and subsequent re-calculations of EACs.

(4) Summary inventories and history of changes to inventories (for HH UMS)

(5) Copies of UMS Certificates and evidence to confirm that these, and D0052 data flows, have been sent

(6) Evidence to support changes to UMS Connections and communications of the changes to relevant parties.

17.1.9 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6 and BSCP520 section 1.2.1(j)?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

17.2 Exception Management

Question

Guidance

Response

Evidence

17.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification of exceptions arising in processing and other errors in order to ensure that the BSC requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data or non receipt of data could occur, which, if not addressed, could result in data not being processed in a reasonable timescale. This could adversely impact on the quality of data used by other Parties or agents in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms in place to identify rejections, errors and backlogs in data processing

(2) The ongoing analysis performed to identify all points of rejection/failure in data flow processing.

(3) Procedures setting out the action to be taken to resolve different exception/problem types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing

(4) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

(5) Procedures in place to notify the Supplier of any incorrect or missing data

The response should include particular reference to processes for resolving discrepancies with EAC/Profile Class /SSC details following the sending of a D0052 data flow and subsequent rejection by Supplier/NHHDC via a D0310 data flow.

17.3 Additional information

Question

Guidance

Response

17.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 18 – SUPPLIER

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Supplier service to ensure the operational requirements of the BSC and BSCPs are met. Whilst Sections 1 to 7 of the SAD are generic to all Qualified Persons, this section focuses on the specific controls required to operate effectively as a Supplier.

Guidance for completing this section

The Supplier is responsible for appointing its agents and registering these details with the SMRA. The Supplier is also responsible for managing the performance of its appointed agents and for monitoring the completion of business processes that it has initiated. This section is split as follows:

Business Processes and Mitigating Controls: This set of questions looks at the controls over the provision of data to your agents, the subsequent processing of information received and the transmission of this updated data to your agents. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement) and any changes made to it.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your Supplier service is live and in operation. The quality of the data used to initially populate your service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your Supplier service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

18.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

18.1.1 How do you ensure that data flows are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSCPs?

The response should describe the processes you have in place for dealing with Settlement related data flows and should address the following:

(1) How all data flows are identified, reviewed and authorised prior to processing.

(2) The validation of data for formats and lengths (e.g. the MSID is valid and other data items (where applicable) have been checked against the latest version of MDD).

(3) The validation of data (where applicable against the latest version of MDD) for its internal consistency, for completeness and accuracy.

(4) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

(5) Where data is to be sent or received to or from parties by agreed methods other than via the DTN how you:

  • manage the approval or agreement of receipt/sending of data in another agreed format;

  • record and retain the agreement of the method as well as the actual data received or sent; and

  • ensure that timescales surrounding this data are adhered to.

18.1.2 What controls and procedures are in place to ensure the accurate, complete and timely sending, receiving and processing of data flows for key Settlement related events?

The response should make reference to the following key events:

(1) Sending of appointment and termination notifications on a D0155, D0153 and D0151 data flow and processing of rejection data flows.

(2) Sending of notification of changes to other parties on a D0148 data flow and notification of customer details on a D0302 data flow.

(3) Sending of read frequency requests and Metering System Settlement Details affirmations on D0052 data flows (including D0052s sent for Unmetered Supplies) and processing of data flows received in response.

(4) Receipt and processing of Market Domain Data on D0269 and D0270 data flows.

(5) Receipt of and processing of data flows from the SVAA.

(6) Requests for changes to energisation status on a D0134 data flow and subsequent processing of D0139 data flows (confirmation or rejection of energisation status change) and monitoring of outstanding D0139 data flows.

(7) Receipt and processing of change in Meter Information from the SMRA on D0312 data flows.

(8) Requests for Installation or change to a Metering System Functionality or the Removal of all Meters on D0142 data flows and processing of D0171 data flows.

(9) Updates to registration details on D0205 data flows and processing of rejection flows. This includes updates to MTC where there are changes to related metering points for unmetered supplies.

(10) Receipt and processing of P0170 for HH, and P0207 for NHH, flows for Unmetered Supplies.

(11) Creation and amendment of relationships between MPANs using D0386 following receipt of UMS Certificate, for Unmetered Supplies.

(12) Requests for Disconnection of Supply on D0132 data flows and processing of confirmations on D0125 data flows.

(13) Mechanisms for the identification and follow up of missing data.

(14) Where applicable the sending of Smart Meter Configuration Details to the relevant SVA NHHMOA on D0367 data flows.

(15) Controls in place to ensure completeness and accuracy of consumption into Settlement.

(16) Controls to ensure the number of register digits contained within Meter readings retrieved from Data and Communications Company (DCC)-serviced smart Meters is consistent with the number of digits specified in the MTD.

The response to this question may cross refer to the response given in 18.1.1.1 but should include details of processes and controls in place specific to the above events.

Further questions on data flows relating to key processes are included in questions 18.1.2 and 18.1.3 and further questions relating to exceptions handling are included in question 18.2.1.

18.1.3 What controls do you have in place to ensure that the requirements of the BSCPs are met when a Change of Supplier (CoS), Change of LDSO, and or Change of Agent (CoA) event takes place?

The response to this question may cross refer to the response given in 18.1.1. The response should address the following:

(1) Sending of appointment and termination notifications on a D0155, D0153 and D0151 data flow and processing of rejection (D0261) and acceptance (D0011) data flows.

(2) The sending of an Instruction to Obtain Change of Supplier Reading on a D0072 dataflow on a CoS or CoA event.

(3) The sending of Customer Own Readings for CoS on D0071 data flows.

(4). The receipt and processing of Change of Supplier Readings received on D0086 data flows.

(5) The sending of Request for Metering System Related Details on D0170 data flows.

(6) Sending of initial EAC on a D0052 flow following receipt of the Meter Technical Details.

(7) The sending and processing of Metering Technical Details and Metering Reading History on CoA by the old and new agents. In your response, please include how sites with no meter are managed.

(8) The mechanisms in place to monitor the timescales in which the above data flows into and out of your Supplier service and is processed.

18.1.4 How do you ensure that when a Change of Measurement Class (from NHH to HH and vice versa) is required the necessary flows are sent and received?

The response should address the following:

(1) Sending of notification of MC/EAC/PC on D0289 data flows.

(2) The sending of Request for Installation or Changes to Metering System Functionality or the Removal of all Meters on D0142 data flows and the processing of failures received on D0221 data flows.

18.1.5 How do you ensure that only those sites that meet the criteria for treatment as a Long Term Vacant (LTV) are treated as such in accordance with the obligations in the BSC and BSCP504?

Applies to NHH Suppliers only

Where a Supplier treats or intends to treat NHH Metering Systems as LTV the Supplier should comply with the relevant sections of the BSC (S2.8, S-2 4.3.19 – 4.3.22). The response should detail the processes and controls in place to address the following:

(1) Only those sites that meet the necessary criteria are treated as LTV.

(2) Ongoing monitoring is performed to confirm that sites continue to meet the criteria.

(3) Proactive processes should be in place to ensure that all reasonable endeavours are taken to contact the owner of the property to obtain a Meter reading.

(4) Once sites no longer meet the criteria action is taken to notify the NHHDC and ensure that a non-zero EAC is submitted to the NHHDA on a D0019 data flow for the correct end date of the LTV period.

(5) Complete and accurate audit trails are in place to demonstrate the Suppliers compliance with the requirements of the BSC and BSCP504.

(6) Details of sites treated as LTV are passed to the LDSO on request.

18.1.6 How do you ensure that your agents are meeting their obligations under the BSC?

Where obligations are to be fulfilled by an agent (including commissioning of Metering Equipment) the Supplier should have controls in place to ensure that those obligations are met. The compliance of your agents are important in ensuring that you meet the Performance Standards set out in BSC Section S, Annex S-1, Section 2 Performance Levels.

The response should demonstrate examples of the controls/procedures in place for the ongoing management of your agents, such as:

(1) Controls to ensure that your agents are Qualified and that their qualified status is maintained on an ongoing basis.

(2) Controls to ensure that your agents are compliant with their BSC obligations and a mechanism for assurance that your agents implement BSC Modifications or Changes appropriately.

(3) Regular meetings and reporting of key performance indicators, for example:

(i) to ensure the submission of aggregation data such as consumption figures and the Supplier Purchase Matrix is in line with Settlement timetable.

(4) Adequate contractual arrangements that include clear lines of responsibility and escalation.

(5) Clear roles and responsibilities for each party and documented working practice agreed.

(6) Controls are in place to ensure that Metering Equipment is properly commissioned in a timely manner. This includes, in the case of Half Hourly Metering Systems, ensuring any issues are identified during the commissioning of the Metering Equipment, notifying and consulting with the LDSO and/or the NETSO, as applicable.

18.1.7 How will you ensure that the SVA MOA you appoint to a Metering System is Meter Operation Code of Practice Agreement (MOCOPA®) accredited in accordance with the Retail Energy Code Metering Accreditation Scheme?

The MOCOPA® is an agreement between electricity distribution businesses and electricity Meter operators in Great Britain which defines safety, technical and business interface requirements regarding the provision of Meter operation services.

The response should demonstrate details of the controls / procedures in place for the ongoing management of your Party Agents, such as:

(1) Controls to ensure that the SVA MOA you appoint to a Metering System (or any third party agent used by that SVA MOA to perform certain functions that require that third party agent to be MOCOPA® accredited) is Meter MOCOPA® accredited.

(2) How will you monitor that the MOCOPA® accreditation status of the MOA you appoint to a Metering System (or any third party agent used by that SVA MOA to perform certain functions that require that third party agent to be MOCOPA® accredited) is maintained on an ongoing basis?

18.1.8 How have you ensured that appropriate audit trails are in place to support the rationale for decisions made in the event of queries/disputes being raised?

The response should address how you ensure that there is enough information available for an independent person to identify the source and nature of changes (archived information should be stored so that it can be accessed for enquiry). This should include a rationale for decisions that were made.

The response should also address how you deal with ad hoc requests made by your agents and other parties and what record of such requests is maintained.

18.1.9 How have you ensured that you can meet the data retention requirements set out in BSC Section U1.6?

Section U1.6 sets out the requirements on Parties and their Party Agents to retain Settlement Data for:

(1) 28 months after the Settlement Day to which it relates on-line;

(2) Until the date 40 months after the Settlement Day to which it relates in an archive; and

(3) At the request of the Panel, for more than 40 months if needed for an Extra Settlement Determination.

The response should address the following:

(a) Controls to ensure that any archived data can be retrieved within 10 Business Days.

(b) Systems and procedures to ensure that all data that is retained is in a form in which the data can be used in carrying out a Settlement Run or Volume Allocation Run.

18.1.10 Where you intend to act as a Lead Party, how do you ensure that data is sent or received and processed completely, accurately and in a timely manner, inline with the requirements of the MSID Pair submission process set out in BSCP602?

Only applicable to applicants intending to participate in Trans European Replacement Reserve Exchange (TERRE) and Wider Access.

BSCP602 sets out the requirements on Suppliers acting as a Lead Party.

The response should describe the processes you have in place for dealing with Settlement related data and should address the following:

  1. Submission of MSID Pair data. In your response, please refer to P0278 (MSID Pair Allocation data). Please also include details of the procedures you will perform to validate MSID Pair data prior to sending the data.

  2. Receipt and processing of P0280 (Rejection of MSID Pair Allocation data) and P0279 (Confirmation of MSID Pair Allocation data).

  3. Receipt and processing of MSID submissions exceptions.

(4) How all data flows are identified, reviewed and authorised prior to processing

(5) The validation of data for formats and lengths (e.g. the MSID is valid and other data items (where applicable) have been checked to be accurate).

(6) The validation of data for its internal consistency, for completeness and accuracy.

(7) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

(8) Where data is to be sent or received to SVAA how you:

  • manage the approval or agreement of receipt/sending of data in another agreed format;

  • record and retain the agreement of the method as well as the actual data received or sent; and

  • ensure that timescales surrounding this data are adhered to.

(9) For each validation process described in your response to 18.1.11 please also provide details of procedures performed when data validation fails.

18.1.11 Where you intend to act as a Lead Party, what procedures are in place for identifying, monitoring and resolving unprocessed data or notification of exceptions arising in processing and other errors in order to ensure that performance requirements are met, as set out in BSCP602?

Only applicable to applicants intending to participate in TERRE and Wider Access.

The response should address the following:

  1. The internal reporting mechanisms in place to identify rejections, errors, outstanding or missing data and backlogs in data processing on a daily basis.

  2. The ongoing analysis performed to identify all points of rejection/failure in data flow processing.

(3) Management processes in place to monitor performance against the standards as set out in the BSC and BSCPs.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing data/notification from being processed.

(5) Controls and procedures in place to ensure appropriate processing of erroneous reallocations. The response should describe the processes in place for dealing with a Disputed MSID Pair and should address the points below. Please outline the different procedures that would be followed as the Losing Lead Party and as the Gaining Lead Party.

    • Receipt and processing of a Loss of MSID Pair Allocation notification as the Losing Lead Party. In your response, please refer to P0281 (Rejection of MSID Pair Allocation data).

    • Procedures for initiating/responding to the Disputed MSID Pair Allocation. In your response, please refer to P0286 (Disputed MSID Pair Allocation data) and P0278 (MSID Pair Allocation data).

(6) A mechanism to capture any root causes of exceptions and problems should be established.

18.1.12 Where you intend to act as a Lead Party, what controls and procedures are in place to ensure the accurate, complete and timely sending, receiving and processing of data for key Settlement related events relating to Baselined BM Units, as set out in BSCP602?

Only applicable to applicants intending to participate in TERRE and Wider Access. Does not apply to applicants who know they will not be registering any Baselined BM Units

The response should make reference to the following key events:

(1) Procedures performed to determine Submitted Expected Volumes with an accuracy commensurate with Good Industry Practice.

(2) Sending of Submitted Expected Volumes. In your response, please refer to P0328 (BM Unit Submitted Expected Volume Notification).

(3) Receipt and processing of P0329 (BM Unit Submitted Expected Volume Rejection) and P0330 (BM Unit Submitted Expected Volume Acceptance).

(4) Receipt and processing of Submitted Expected Volume Warnings. In your response, please refer to P0331 (BM Unit Submitted Expected Volume Warning).

18.2 Exception Management

Question

Guidance

Response

Evidence

18.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification of exceptions arising in processing and other errors in order to ensure that performance requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur, which, if not addressed, could result in the timescale requirements being exceeded. This could consequentially have an adverse impact on the quality of data used by other Parties or agents in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms in place to identify rejections, errors, outstanding or missing data and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify:

(a) all points of rejection/failure in data flow processing.

(b) all areas where backlogs may occur in processing.

(3) Management processes in place to monitor performance against the standards as set out in the BSC and BSCPs.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions and problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 18.1.2 above:

  • Rejection of changes to registration details received on a D0203 flow

  • Rejection of appointments received on a D0153 or D0155 data flow following agents receipt of a D0153 or D0155 flow.

Specific attention should also be given to the handling and monitoring of the following exception types:

  • Erroneous large values of EACs and AAs

18.2.2 How do you ensure that all P35, D0023 and D0235 data flows received by your Data Collectors are identified, investigated and resolved?

Section S2.4.4 of the Code states that a Supplier shall ensure that any material anomaly reported to it by a Data Aggregator in relation to data received from Data Collectors, for which the Supplier is responsible, is recorded and investigated. A record should be kept of any actions taken to prevent a recurrence of the anomaly during the next Volume Allocation Run for that Settlement Day.

The response should address the following areas:

(1) Controls for the effective and timely communication of any backlogs of unprocessed rejection flows.

(2) Agreed procedures for receiving notification where the NHHDC or HHDC considers the fault to lie with other parties’ systems/processes.

(3) Agreed timescales within which actions should be taken to resolve the exceptions.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing. This should include escalation of resolving such exceptions to you as the Supplier in the event that your agents are not managing the exceptions in a timely manner (e.g. to avoid crystallisation of the error).

(5) A mechanism to capture any root causes of exceptions and problems should be established in order for preventative controls to be established or enhanced.

18.2.3 What procedures do you have in place with respect to fault resolution, relating to both detection and ensuring that responses are received from other parties

A fault may be detected by a SVA MOA, in this case the SVA MOA contacts the DC and requests a decision on the action to be taken (D0002) or the SVA MOA may initially be informed about the potential fault by the LDSO, again the SVA MOA will contact the DC and request a decision as to what action should be taken (D0002).

Alternatively the DC or Supplier may request that the SVA MOA investigates a potential fault (D0001).

The response should address the following areas:

(1) Controls should be in place in order to monitor the progress of each fault from original notification to resolution.

(2) Controls for the effective and timely communication of any backlogs of unprocessed requests.

18.2.4 What procedures do you have for identifying and resolving data discrepancies between your NHHDC Agency Service and the SMRA (reported via the D0095 data flow)?

Section S2.4.4 of the Code states that a Supplier shall ensure that any material anomaly reported to it by a Data Aggregator in relation to data received from Data Collectors, for which the Supplier is responsible, is recorded and investigated. A record should be kept of any actions taken to prevent a recurrence of the anomaly during the next Volume Allocation Run for that Settlement Day.

The NHHDA system performs a comparison between the data it receives from both the SMRA and the NHHDC Agent and reports these to the Supplier for resolution.

The response should address the following areas:

(1) Controls to identify when these rejection flows are received including reports received on a D0095 data flow from relevant parties.

(2) The action required to follow up the error should be detailed, including notifying other parties where the Supplier considers the fault to lie with other parties’ systems/processes.

(3) Procedures to identify whether a file resend or new D0019 is the appropriate response.

(4) The timescales within which actions should be taken to resolve the D0095 exception.

(5) Management monitoring processes to ensure all D0095 data flows received are being progressed and resolved in a timely manner.

(6) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

18.2.5 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Meter reads) used by your Supplier Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Supplier service).

(2) Review of data quality statistics by senior management.

18.3 Additional information

Question

Guidance

Response

18.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 19 – VIRTUAL LEAD PARTY

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Virtual Lead Party (VLP) service to ensure the operational requirements of the BSC and BSCPs are met. This section focuses on the specific controls required to operate effectively as a VLP.

Guidance for completing this section

The VLP is responsible for managing the performance and monitoring the completion of business processes that it has initiated.

This section has been split as follows:

19.1 Business Processes and Mitigating Controls Section

19.2 Additional Information

The final question, in this and every section, is not mandatory and is provided so that Applicants can provide any additional information that they consider to be relevant to their application.

]19.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

19.1.1 How do you ensure that data is sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the MSID Pair submission process set out in BSCP602?

The response should describe the processes you have in place for dealing with Settlement related data and should address the following:

(1) Submission of MSID Pair data. In your response, please refer to P0278 (MSID Pair Allocation data). Please also include details of the procedures you will perform to validate MSID Pair data prior to sending the data.

(2) Receipt and processing of P0280 (Rejection of MSID Pair Allocation data) and P0279 (Confirmation of MSID Pair Allocation data).

(3) Receipt and processing of MSID submissions exceptions.

(4) How all data flows are identified, reviewed and authorised prior to processing

(5) The validation of data for formats and lengths (e.g. the MSID is valid and other data items (where applicable) have been checked to be accurate)

(6) The validation of data for its internal consistency, for completeness and accuracy

(7) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

(8) Where data is to be sent or received to SVAA how you:

  • manage the approval or agreement of receipt/sending of data in another agreed format;

  • record and retain the agreement of the method as well as the actual data received or sent; and

  • ensure that timescales surrounding this data are adhered to

(9) For each validation process described in your response to 19.1.1 please also provide details of procedures performed when data validation fails.

19.1.2 What controls and procedures are in place to ensure the accurate, complete and timely sending, receiving and processing of data for key Settlement related events, as set out in BSCP602?

The response should make reference to the following key events. Items 6 to 9 are not required if you know that you will not be registering any Baselined BM Units:

(1) Procedures performed to obtain, process and validate Delivered Volumes.

(2) Sending of Delivered Volume (initially and retrospectively). In your response, please refer to P0282 (MSID Pair Delivered Volume Notification data).

(3) Receipt and processing of P0283 (Rejection of MSID Pair Delivered Volume data) and P0284 (Confirmation of MSID Pair Delivered Volume data).

(4) Receipt and processing of Delivered Volume exceptions. In your response, please refer to P0285 (MSID Pair Delivered Volume Exception Report data).

(5) Receipt and processing of request for submission of missing data sets.

(6) Procedures performed to determine Submitted Expected Volumes with an accuracy commensurate with Good Industry Practice.

(7) Sending of Submitted Expected Volumes. In your response, please refer to P0328 (BM Unit Submitted Expected Volume Notification).

(8) Receipt and processing of P0329 (BM Unit Submitted Expected Volume Rejection) and P0330 (BM Unit Submitted Expected Volume Acceptance).

(9) Receipt and processing of Submitted Expected Volume Warnings. In your response, please refer to P0331 (BM Unit Submitted Expected Volume Warning).

19.1.3 What procedures are in place for identifying, monitoring and resolving unprocessed data or notification of exceptions arising in processing and other errors in order to ensure that performance requirements are met, as set out in BSCP602?

The response should address the following:

(1) The internal reporting mechanisms in place to identify rejections, errors, outstanding or missing data and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify all points of rejection/failure in data flow processing.

(3) Management processes in place to monitor performance against the standards as set out in the BSC and BSCPs.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing data/notification from being processed.

(5) Controls and procedures in place to ensure appropriate processing of erroneous reallocations. The response should describe the processes in place for dealing with a Disputed MSID Pair and should address the points below. Please outline the different procedures that would be followed as the Losing Lead Party and as the Gaining Lead Party.

    1. Receipt and processing of a Loss of MSID Pair Allocation notification as the Losing Lead Party. In your response, please refer to P0281 (Rejection of MSID Pair Allocation data).

    2. Procedures for initiating/responding to the Disputed MSID Pair Allocation. In your response, please refer to P0286 (Disputed MSID Pair Allocation data) and P0278 (MSID Pair Allocation data).

(6) A mechanism to capture any root causes of exceptions and problems should be established.

19.1.4 What procedures are in place for data retention and audit trail?

The response should include the following:

(1) Details of how you have ensured that you can meet the data retention requirements set out in BSC Section U1.6 and PSL100.

(2) Details of how you have ensured that appropriate audit trails are in place.

19.2 Additional information

Question

Guidance

Response

19.2.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 19A – ASSET METERING VIRTUAL LEAD PARTY

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Asset Metering Virtual Lead Party (AMVLP) service to ensure the operational requirements of the BSC and BSCPs are met. This section focuses on the specific controls required to operate effectively as an AMVLP intending to use Asset Metering and also ensures that the data used to initially populate the systems supporting your service is of reasonable quality. The section focuses on AMSID-related data only and is mandatory for VLPs that want to use Asset Metering.

Guidance for completing this section

The AMVLP is responsible for appointing AMVLP agents and registering these details with the SVAA. The AMVLP is also responsible for managing the performance of its appointed agents and for monitoring the completion of business processes that it has initiated. This section is split as follows:

Business Processes and Mitigating Controls: This set of questions looks at the controls over the provision of data to your agents, the subsequent processing of information received and the transmission of this updated data to your agents. It also considers the maintenance of standing data (which, if incorrect, may impact upon Settlement) and any changes made to it.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your AMVLP service is live and in operation. The quality of the data used to initially populate your service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter you’re AMVLP service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email, letter).

The final question, in this and every section, is not mandatory and is provided so that Applicants can provide any additional information that they consider to be relevant to their application.

]19A.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

19A.1.1 How do you ensure that data flows are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSCPs?

The response should describe the processes you have in place for dealing with Settlement related data flows and should address the following:

(1) Submission of MSID Pair data. In your response, please refer to P0278 (MSID Pair Allocation data). Please also include details of the procedures you will perform to validate MSID Pair data prior to sending the data.

(2) Receipt and processing of P0280 (Rejection of MSID Pair Allocation data) and P0279 (Confirmation of MSID Pair Allocation data).

(3) Receipt and processing of MSID submissions exceptions.

(4) Submission of AMSID Pair data. In your response, please refer to P0306 (AMSID Pair Allocation data). Please also include details of the procedures you will perform to validate AMSID Pair data prior to sending the data.

(5) Receipt and processing of P0308 (Rejection of AMSID Pair Allocation data) and P0307 (Confirmation of AMSID Pair Allocation data).

(6) Receipt and processing of AMSID submissions exceptions.

(7) How all data flows are identified, reviewed and authorised prior to processing.

(8) The validation of data for formats and lengths (e.g. the AMSID is valid and other data items (where applicable) have been checked to be accurate).

(9) The validation of data for its internal consistency, for completeness and accuracy

(10) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

(11) Where data is to be sent to or received from SVAA how you:

  • manage the approval or agreement of receipt/sending of data in another agreed format;

  • record and retain the agreement of the method as well as the actual data received or sent; and

  • ensure that timescales surrounding this data are adhered to

(12) Where data is to be sent to or received from parties by agreed methods other than via the DTN how you:

  • manage the approval or agreement of receipt/sending of data in another agreed format;

  • record and retain the agreement of the method as well as the actual data received or sent; and

  • ensure that timescales surrounding this data are adhered to.

(13) For each validation process described in your response to 19A.1.1 please also provide details of procedures performed when data validation fails.

19A.1.2What controls and procedures are in place to ensure the accurate, complete and timely sending, receiving and processing of data flows for key Settlement related events?

The response should make reference to the following key events. Items 18 to 21 are not required if you know that you will not be registering any Baselined BM Units:

(1) Procedures performed to obtain, process and validate Delivered Volumes.

(2) Sending of Delivered Volume (initially and retrospectively). In your response, please refer to P0282 (Delivered Volume Notification data).

(3) Receipt and processing of P0283 (Rejection of Delivered Volume data) and P0284 v001 (Confirmation of Delivered Volume data).

(4) Receipt and processing of Delivered Volume exceptions. In your response, please refer to P0285 (Delivered Volume Exception Report data).

(5) Receipt and processing of request for submission of missing data sets.

(6) Sending of appointment and termination notifications on a D0151 and D0155 data flow; and where an AMHHDC has been appointed a P0314 data flow; and processing of rejection data flows.

(7) Sending of notification of changes to other parties on a D0148 data flow and notification of customer details on a D0302 data flow.

(8) Sending of registration details to the SVAA to register a specific Asset Metering System and processing of rejections received as per BSCP602 2.4.

(9) Receipt of and processing of data flows from the SVAA.

(10) Requests for changes to energisation status on a D0134 data flow, and subsequent processing of D0139 data flows, (confirmation or rejection of energisation status change) and monitoring of outstanding D0139 data flows.

(11) Sending, receipt and processing of change in Meter Information to and from the SVAA on P0303, P0304 and P0305 data flows; and sending P0303 to AMHHDC and HHDC.

(12) Processing of Meter Technical Details from Meter Operator Agents on D0268 data flow following installation of meters

(13) Requests for Installation or change to an Asset Metering System Functionality or the Removal of all Asset Meters on D0142 data flows.

(14) Updates to registration details and processing of rejection flows as per BSCP602 2.4.

(15) Mechanisms for the identification and follow up of missing data.

(16) Where applicable, the sending of P0315, P0319, D0383 and D0384 data flows, and the receipt and processing of the flow from the HHMOA or AMMOA (e.g. a D0170).

(17) Controls in place to ensure completeness and accuracy of consumption into Settlement.

(18) Procedures performed to determine Submitted Expected Volumes with an accuracy commensurate with Good Industry Practice.

(19) Sending of Submitted Expected Volumes. In your response, please refer to P0328 (BM Unit Submitted Expected Volume Notification).

(20) Receipt and processing of P0329 (BM Unit Submitted Expected Volume Rejection) and P0330 (BM Unit Submitted Expected Volume Acceptance).

(21) Receipt and processing of Submitted Expected Volume Warnings. In your response, please refer to P0331 (BM Unit Submitted Expected Volume Warning).

The response to this question may cross refer to the response given in 19.1.1 but should include details of processes and controls in place specific to the above events.

Further questions on data flows relating to key processes are included in questions 19A.1.1 and 19A.1.3 and further questions relating to exceptions handling are included in question 19A.2.1.

19A.1.3 What procedures are in place for identifying, monitoring and resolving unprocessed data or notification of exceptions arising in processing and other errors in order to ensure that performance requirements are met, as set out in BSCP602?

The response should address the following:

(1) The internal reporting mechanisms in place to identify rejections, errors, outstanding or missing data and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify all points of rejection/failure in data flow processing.

(3) Management processes in place to monitor performance against the standards as set out in the BSC and BSCPs.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing data/notification from being processed.

(5) Controls and procedures in place to ensure appropriate processing of erroneous reallocations. The response should describe the processes in place for dealing with a Disputed MSID or Pair a Disputed AMSID Pair and should address the points below. Please outline the different procedures that would be followed as the Losing Lead Party and as the Gaining Lead Party.

  1. Receipt and processing of a Loss of MSID Pair Allocation notification as the Losing Lead Party. In your response, please refer to P0281 (Rejection of MSID Pair Allocation data).

  2. Receipt and processing of a Loss of AMSID Pair Allocation notification as the Losing Lead Party. In your response, please refer to P0308 (Rejection of AMSID Pair Allocation data).

  3. Procedures for initiating/responding to the Disputed MSID Pair Allocation. In your response, please refer to P0286 (Disputed MSID Pair Allocation data) and P0278 (MSID Pair Allocation data).

  4. Procedures for initiating/responding to the AMSID Pair Allocation. In your response, please refer to P0312 (Disputed AMSID Pair Allocation data) and P0306 (AMSID Pair Allocation data).

(6) A mechanism to capture any root causes of exceptions and problems should be established.

19A.1.4 What controls do you have in place to ensure that the requirements of the BSCPs are met when a Change of AMVLP and/or Change of Agent (CoA) event takes place?

The response to this question may cross refer to the response given in 19A.1.1. The response should address the following:

(1) Sending of appointment and termination notifications on a D0151 and D01551 data flows, and processing of rejection (D0261) and acceptance (D0011) data flows.

(2) The sending of Request for Metering System Related Details on D0170 data flows.

(3) The sending and processing of Metering Technical Details and Metering Reading History on CoA by the old and new agents.

(4) The mechanisms in place to monitor the timescales in which the above data flows into and out of your Supplier service and is processed.

19A.1.5 How do you ensure that your agents are meeting their obligations under the BSC?

Where obligations are to be fulfilled by an agent (including commissioning of Asset Metering Equipment) the AMVLP should have controls in place to ensure that those obligations are met.

The response should demonstrate examples of the controls/procedures in place for the ongoing management of your agents, such as:

(1) Controls to ensure that your agents are Qualified and that their qualified status is maintained on an ongoing basis.

(2) Controls to ensure that your agents are compliant with their BSC obligations and a mechanism for assurance that your agents implement BSC Modifications or Changes appropriately.

(3) Regular meetings and reporting of key performance indicators, for example:

(i) to ensure the submission of aggregation data such as consumption figures is in line with Settlement timetable.

(4) Adequate contractual arrangements that include clear lines of responsibility and escalation.

(5) Clear roles and responsibilities for each party and documented working practice agreed.

(6) Controls are in place to ensure that Asset Metering Equipment is properly commissioned in a timely manner. This includes ensuring any issues are identified during the commissioning of the Asset Metering Equipment, notifying and consulting with the Equipment Owner.

19A.1.6 How will you ensure that the SVA MOA you appoint to an Asset Metering System is Meter Operation Code of Practice Agreement (MOCOPA®) accredited?

(This requirement is not relevant to the appointment of an AMMOA)

The MOCOPA® is an agreement between electricity distribution businesses and electricity Meter operators in Great Britain which defines safety, technical and business interface requirements regarding the provision of Meter operation services.

The response should demonstrate details of the controls / procedures in place for the ongoing management of your Party Agents, such as:

(1) Controls to ensure that the SVA MOA you appoint to an Asset Metering System (or any third party agent used by that SVA MOA to perform certain functions that require that third party agent to be MOCOPA® accredited) is Meter MOCOPA® accredited.

(2) How will you monitor that the MOCOPA® accreditation status of the SVA MOA you appoint to an Asset Metering System (or any third party agent used by that SVA MOA to perform certain functions that require that third party agent to be MOCOPA® accredited) is maintained on an ongoing basis?

19A.1.7 What procedures are in place for data retention and audit trail?

The response should include the following:

(1) Details of how you have ensured that you can meet the data retention requirements set out in BSC Section U1.6 and BSCP603 Appendix 3.12.1.1, 3.12.2.2 and 3.12.2.3.

(2) Details of how you have ensured that appropriate audit trails are in place.

19A.2 Exception Management

Question

Guidance

Response

Evidence

19A.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification of exceptions arising in processing and other errors in order to ensure that performance requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data could occur, which, if not addressed, could result in the timescale requirements being exceeded. This could consequentially have an adverse impact on the quality of data used by other Parties or agents in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms in place to identify rejections, errors, outstanding or missing data and backlogs in data processing on a daily basis.

(2) The ongoing analysis performed to identify:

(a) all points of rejection/failure in data flow processing.

(b) all areas where backlogs may occur in processing e.g. where there are dependent flows such as D0268 data flows or where manual review is required to validate data.

(3) Management processes in place to monitor performance against the standards as set out in the BSC and BSCPs.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing.

(5) A mechanism to capture any root causes of exceptions and problems should be established in order for preventative controls to be established or enhanced.

As a minimum please ensure that the response to the above addresses actions surrounding the follow up of those data flows specified in question 19A.1.2; and:

  • Rejection of registration details received as per BSCP602 2.4

  • Rejection of changes to registration details received as per BSCP602 2.4

  • Rejection of appointments received on a D0155 data flow, following agent receipt of a D0155 flows.

19A.2.2 How do you ensure that all data flows received by your Data Collectors are identified, investigated and resolved?

AMVLP shall ensure that any material anomaly reported to it by SVAA in relation to data received from Data Collectors, for which the AMVLP is responsible, is recorded and investigated. A record should be kept of any actions taken to prevent a recurrence of the anomaly during the next Volume Allocation Run for that Settlement Day.

The response should address the following areas:

(1) Controls for the effective and timely communication of any backlogs of unprocessed rejection flows.

(2) Agreed procedures for receiving notification where the HHDC or AMHHDC considers the fault to lie with other parties’ systems/processes.

(3) Agreed timescales within which actions should be taken to resolve the exceptions.

(4) Procedures setting out the action to be taken to resolve different exception types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing. This should include escalation of resolving such exceptions to you as the AMVLP in the event that your agents are not managing the exceptions in a timely manner (e.g. to avoid crystallisation of the error).

(5) A mechanism to capture any root causes of exceptions and problems should be established in order for preventative controls to be established or enhanced.

19A.2.3 What procedures do you have in place with respect to fault resolution, relating to both detection and ensuring that responses are received from other parties

A fault may be detected by a MOA, in this case the MOA contacts the DC and requests a decision on the action to be taken (D0002).

Alternatively the DC or AMVLP may request that the MOA investigates a potential fault (D0001).

Alternatively a fault may be detected by any participant (i.e. not the AMHHDC, HHDC, and AMVLP), in this case the participant contacts the AMVLP to notify them of the fault (P0316 data flow).

The response should address the following areas:

(1) Controls should be in place in order to monitor the progress of each fault from original notification to resolution.

(2) Controls for the effective and timely communication of any backlogs of unprocessed requests.

19A.2.4 What procedures do you have in place to proactively monitor and improve the standards of quality of the data (both standing data and Asset Meter reads) used by your AMVLP Service?

The response should address the following areas:

(1) Processes in place to measure and report upon data quality, (including what data quality is measured against and how you would identify an improvement or decline in the quality of data used by your Supplier service).

(2) Review of data quality statistics by senior management.

19A.3 Additional information

Question

Guidance

Response

19A.3.1 What additional detail would you like to add to your response?

The Applicant can use the space provided to add any additional clarification and/or evidence that they consider necessary.

This question is optional.

SECTION 20 – LDSO

Objectives of this section

The objective of this section is to consider the controls that have been built into the systems and processes supporting your Licensed Distribution System Operator (LDSO) service to ensure the operational requirements of the BSC and BSCPs are met. Whilst Sections 1 to 7 of the SAD are generic sections, this section focuses on the specific controls required to operate effectively as an LDSO.

Guidance for completing this section

The LDSO is responsible for distributing electricity from the Transmission Network. LDSOs are also responsible for the provision of accurate information and the commissioning of measurement transformers in line with the requirements set out in BSCP515 and COP4. An LDSO will also be required to provide an UMSO and SMRA service, whether that be completed by the LDSO itself or via a third party. Sections 12 and 17 of the SAD would need to be completed in order to Qualify as an UMSO and SMRA.

Business Processes and Mitigating Controls: This set of questions looks at the controls over the provision of data to other participants, the subsequent processing of information received and the transmission of this updated data to relevant participants.

Exception Management: The section looks at the specific controls you have in place to report on, monitor and resolve exceptions during the processing of your data.

A number of questions in the SAD relate to ‘data quality’. This section of the SAD is concerned with the on-going quality of your data when your LDSO service is live and in operation. The quality of the data used to initially populate your service is considered in Section 7 of the SAD. A number of the questions in the service specific sections of the SAD relate to how you will ensure the accuracy of incoming and outgoing data and in the event that poor quality data does enter your LDSO service, how you identify and resolve this to minimise the impact upon other Parties and Party Agents.

Both system and manual controls should be considered when answering the SAD questions as your service will rely on both system and manual processes to effectively fulfil its obligations. Responses should consider the procedures in place for dealing with electronic flows received via the DTN and also manual data flows received via any other means (e.g. email)

20.1 Business processes and mitigating controls

Question

Guidance

Response

Evidence

20.1.1 What controls do you have in place to make sure that the Commissioning of Measurement Transformers is in accordance with BSCP515?

The response should address the following key events:

(1) Receipt and processing of requests.

(2) The recording and processing of information such as commissioning records, D0383 flows and calibration certificates.

(3) How you ensure that all requests received or sent are actioned E.g D0170 request for D0215s or requests for Commissioning records and calibration certificates.

The response should address the following

(a) All flows are identified, reviewed and authorised prior to processing e.g D0383

(b) The validation of data for its internal consistency, for completeness and accuracy. E.g Commission records or dataflows in BSCP515.

(c) The process which calibrates measurement transformers and maintains records of such tests.

(d) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner and in line with BSCP515 and Code of Practice 4 (COP4). This may be through controls within the update routines or through manual controls.

20.1.2 How will you ensure that you have the resource available to meet your obligations under BSCP27?

The response should include how you will ensure that you can accommodate TAA Inspection Visits and Desktop Audits

20.1.3 How do you ensure that the Energisation Status of a Metering System (SVA Only) are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSCP515?

The response should address the following key events:

(1) Receipt and processing of requests.

(2) How you ensure that all requests received or sent are actioned e.g. a D0134 request to Energise,

The response should address the following

(a) All flows are identified, reviewed and authorised prior to processing. E.g. D0139 Confirmation or Rejection of Energisation Status

(b) The validation of data for its internal consistency, for completeness and accuracy. E.g. How do you ensure that the correct Parties have been informed of a change in Energisation status when the responsibility falls to the LDSO.

(i) Where an agreed method other than the standard EMDS flow is to be used the response should address:

  • How you manage the approval / agreement of receipt / sending of data in another agreed format,

  • What records are retained of the agreement of the method as well as the actual data received / sent; and

  • How you ensure that timescales surrounding this data are adhered to.

(c) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

20.1.4 How do you ensure that you are calculating and submitting LLFs in line with BSCP128?

The response should address the following key events:

  1. The Calculation Self-Assessment Document (CSAD)

  2. The Methodology of Self-Assessment Document (MSAD)

  3. Request Template

  4. How you rectify any charging adjustments when mirroring LDSOs LLFs

  5. Any other processes you undergo to meet the obligations of BSCP128

20.1.5 How have you ensured that appropriate audit trails are in place to support the rationale for decisions made in the event of queries/disputes being raised?

The response should address how you ensure that there is enough information available for an independent person to identify the source and nature of changes (archived information should be stored so that it can be accessed for enquiry). This should include a rationale for decisions that were made. The response should also address how you deal with ad hoc requests made by your agents and other parties and what record of such requests is maintained.

20.1.6 How do you ensure that Mapping Data for HH Aggregated Metering Systems is produced and sent in line with the BSCP507?

Your response should include:

  1. Producing and validating the information for its accuracy.

  2. Timescales for sending the Standing Data Changes and the controls in place to ensure that it is sent.

20.1.7 How do you ensure that the replacement of Metering Systems due to safety reasons/Urgent Metering Services, are processed and completed in a timely manner and in line with the obligations of BSCP515 and the Retail Energy Code Metering Operations Schedule?

Your response should consider the following:

  1. Receipt and processing of requests.

  2. The recording and processing of accurate meter readings.

  3. The sending of final and initial meter readings including Notification of Mapping Details, Meter Technical Details and Meter Readings.

  4. The validation of data for its internal consistency, for completeness and accuracy.

(i) Where an agreed method other than the standard EMDS flow is to be used the response should address:

  • How you manage the approval / agreement of receipt / sending of data in another agreed format,

  • What records are retained of the agreement of the method as well as the actual data received / sent; and

  • How you ensure that timescales surrounding this data are adhered to.

20.1.8 How will you ensure that the Import Supplier for a Third Party Generating Plant is informed within the appropriate timescales and that any works required have been carried out correctly and in line with BSCP515?

Your response should consider the following:

  1. The timescales in which the Import Supplier should be informed e.g D0001.

  2. The methodology used to determine if works are required before Small Scale Third Party Generating Plant can be installed.

20.1.9 How do you ensure that Third Party Generating Plants are registered in only SMRS or CMRS at both first registration and /or transfer of registration?

Your response should consider the following:

  1. The checks completed to ensure that a site is not registered in both CMRS and SMRS on first registration.

  2. The checks completed to ensure that a site is not registered in both CMRS and SMRS following a transfer e.g BSCP68

  3. How you deal with discrepancies if/when they arise.

  4. How you ensure that timescales surrounding the registration are adhered to.

20.1.10 How do you ensure that Change of Measurement Class (SVA Only) are sent or received and processed completely, accurately and in a timely manner, in line with the requirements of the BSCP515?

The response should address the following key events:

(1) Receipt and processing of requests.

(2) How you ensure that all requests received or sent are actioned e.g. a D0170 Request for Metering System Related Details.

The response should address the following:

(a) All flows are identified, reviewed and authorised prior to processing. E.g. D0382 Rejection response.

(b) The validation of data for its internal consistency, for completeness and accuracy. E.g. How do you ensure that the correct Parties have been informed when the responsibility falls to the LDSO.

(i) Where an agreed method other than the standard EMDS flow is to be used the response should address:

  • How you manage the approval / agreement of receipt / sending of data in another agreed format,

  • What records are retained of the agreement of the method as well as the actual data received / sent; and

  • How you ensure that timescales surrounding this data are adhered to.

  1. (c) Controls in place to ensure that all data required or expected is received and that all data to be sent is sent in a timely manner. This may be through controls within the update routines or through manual controls.

20.1.11 What controls and procedures do you have in place to ensure that the requirements of BSCP520 are met for Unmetered Supplies?

The response should make reference to the following key events:

  1. Establishment or amendment of UMS Inventory, including the following:

              • Submission of MSID data to SMRA.

              • Ensuring all new UMS connections are either included in an existing inventory or a new inventory has been agreed with UMSO.

  2. Requests for change of energisation status of unmetered supplies.

  3. Requests for physical connection or disconnection of unmetered supplies.

Notifying UMSO of any changes to SMRA registration data.

20.2 Exception Management

Question

Guidance

Response

Evidence

20.2.1 What procedures are in place for identifying, monitoring and resolving unprocessed data flows or notification of exceptions arising in processing and other errors in order to ensure that the BSC requirements are met?

Within the requirements of the Service there are a number of points at which delays in processing data or non-receipt of data could occur, which, if not addressed, could result in data not being processed in a reasonable timescale. This could adversely impact on the quality of data used by other Parties or agents in the Settlement process.

The response should address the following areas:

(1) The internal reporting mechanisms in place to identify rejections, errors and backlogs in data processing

(2) The ongoing analysis performed to identify all points of rejection/failure in data flow processing.

(3) Procedures setting out the action to be taken to resolve different exception/problem types and provide guidance as to how to resolve underlying problems, which may be preventing a data flow/notification from processing

(4) A mechanism to capture any root causes of exceptions/problems should be established in order for preventative controls to be established or enhanced.

(5) Procedures in place to notify the Supplier of any incorrect or missing data

The response should include particular reference to processes for resolving discrepancies with Energisation of a metering system/ commissioning of measurement transformers/ provision of accurate information (D0215) and rejection by SVA MOAs via a D0139 data flow.

SECTION 21 – APPENDICES

21.1 APPENDIX 1 - TESTING REQUIREMENTS

1. Overview to Testing

System testing is not limited to the functionality and ability of the system software and hardware, but also extends to the supporting business and operational processes. System testing should also include existing systems within your organisation (e.g. customer information systems) that will operate with the systems developed. This may merely cover interfaces, if that is the only relationship between systems, but should not be restricted to this if more complex relationships exist, e.g. the same database table(s) are used by more than one system.

The Applicant will also be expected to test its systems within the environmental constraints defined in the BSC and Code Subsidiary Documents. These will include tests for performance, volume transaction handling, stress, recovery, security and data conversion. Tested components should also include those system components built to support the development and implementation process but which may not be delivered as part of the final operational system, for example data conversion programs or test harnesses.

Test plans should be designed and executed to demonstrate the Applicant’s systems and processes can operate in the live environment and interface and communicate with other participants. The Applicant will need to demonstrate that its systems and processes are sufficiently robust not to adversely affect Settlement and that the service complies fully with the SVA Trading Arrangements.

Where individual parts of the system fail their test requirements it is important that the link between those systems and the rest of the system are re-tested through regression testing. If you are applying for re-Qualification and have modified your system you should re-test the links between the elements of the system that have been modified and the rest of the system. This regression testing should also include integration testing with other systems. For defects that require a workaround, evidence should be provided detailing any temporary mitigating action and the planned final resolution of the defect.

If you are applying for re-Qualification and you intend to utilise a different method of communication to that approved on previous applications then interface testing must be undertaken for those interfaces using the proposed method of communication to demonstrate that end to end testing has been performed and has been tested in both directions. (The purpose of interface testing is to prove the routing and format of communications).

Testing evidence should demonstrate that any files that are in a holding area are in the process of being sent and that flows are validated, sent and received and an audit trail is maintained detailing the file transfer status; that the sending participant can create a valid header record with values to identify the correct recipient for the data flow being sent; populate the data flow with a range of valid values in the correct format; identify the data flow as test data; and send the data flow to the receiving participant using correct interface method. The receiving participant must receive the data flow; interpret the header record of each/all files received routing them to their intended destination; and confirm the validity of the data.

New Data Aggregators and Data Collectors will be required to perform arithmetic tests at the start and end of their testing of business processes.

When testing business processes the Applicant should demonstrate that it is able to perform all applicable business processes in multiple GSP Groups.

2. Capacity Planning and Testing

Background:

Your service needs to be available when required to process data and to ensure that your service meets the processing schedules. Failure to process data on time will have a subsequent impact on other Parties and Party Agents to whom you supply data. Similarly, your processing schedules will be dependent on you receiving information on time from other Parties and Party Agents who pass data to you. This high level of inter-dependence requires that all participants in the electricity market have sufficient capacity to process the volumes of data they propose to deal with initially, and can demonstrate that they are able to manage changes, particularly increases, in volume effectively. Failure to manage capacity adequately and in a timely manner may impact on the overall performance of your service, in addition to having a potential impact on Settlement and on those other Parties and Party Agents with whom you interact.

Applicants wishing to become Qualified Persons must be able to demonstrate that they are able to meet the current processing volumes and timetables and, either have the capability now (at initial start up) to meet their intended scale of operation (anticipated number of MSIDs for which you will be responsible) or have realistic plans (and documented supporting evidence) to achieve their intended maximum scale of operation at a future date, as required as your business grows.

In the context of Qualification or re-Qualification, the terms “capacity planning” and “capacity testing” are all encompassing. The terms not only refer to whether there is enough disk space on the system, but incorporate other aspects linked to capacity planning and performance such as IT infrastructure, IT systems, staff at all levels/functions, office space and other resources.

Note: For the purposes of measuring data volumes, MSID data records will be used (and for Central Volume Allocation Meter Operator Agents reference should also be made to the number of Metering Sub System Ids).

Throughout this section and the SAD the term ‘scale of operation’ refers to the Applicant’s intended scale of operations, that is, how many MSIDs (or MSIDs in the case of CVA MOAs) that the Applicant intends to be responsible for both at initial start up following Qualification but also as the business grows.

The following information provides a cross reference between the capacity planning and testing questions covered in the SAD, in addition to providing further guidance as to what information should be covered in each response. In summary:

  • Details of your intended scale of operation at initial start up and in the future are covered in Section 1 Introduction, question 1.1.10.

  • Capacity testing is covered in Section 3 Testing, question 3.1.4.

  • Capacity planning and ongoing monitoring is covered in Section 6 Management, Resource Planning and Local Working Procedures, question 6.1.4.

Question

Number

Question

Further Guidance

1.1.10

What is your intended scale of operation?

You should state the volume you anticipate that you will start trading at. For the purposes of measuring data volumes, MSID data records will be used (or Metering Sub System Ids for CVA MOA services).

State for each service you intend to operate, the number of MSID data records (and MSSID data records where appropriate) you intend to have the capacity to process, initially.

In the event that you are undergoing Qualification, it is likely that you do not yet know what your definitive start up volume will be; however, for other Qualified Persons it is likely that you will have an idea of the type of volume planned following on from initial discussions with Suppliers about winning contracts for services. Suppliers should have some idea of their intended scale of operation based on the business plans that they have developed. This estimated volume should be defined as accurately as possible here.

In the event that you are undergoing re-Qualification, your start-up volume should be easily ascertained dependent on the reasons for re-Qualification. For example, if you are re-Qualifying in order to migrate all existing MSIDs from one system onto another, then the volume is likely to be that of the old system. If, however, you are migrating data for other reasons, for example, there has been a merger or take-over and you are migrating a number of MSIDs from one service to another, then your calculations would need to take into account the sum of the number of MSIDs on both systems.

3.1.4

What types of testing have you performed to ensure that all aspects of your service have been tested appropriately?

The guidance provided in the SAD includes reference to performance, resilience and capacity testing (including a description as to how testing has demonstrated that the service will be able to perform at the level of activity predicted by your intended scale of operation (in terms of MSIDs) as detailed in Section 1.

For Qualification and re-Qualification purposes, you need to demonstrate that your organisation has ensured sufficient resources are available (including IT and/or manual systems and staffing) to meet processing timetables and your commitments.

To ensure you can ramp-up your service to your intended maximum data volume it is essential that you can demonstrate how your application’s software is capable of processing at this level. This would be expected to be performed as part of systems testing. The best proof of performance and capacity capabilities is testing to full capacity.

Where you do intend to operate below your intended maximum scale of operation at start up, it is not expected that you will have invested in computer hardware, additional staff and other necessary resources before they are actually required. It would be expected that where you plan to operate below this volume at start up, formal plans and procedures would be in place including:

  • Detailed plans and strategies to ensure all required resources (computer hardware, communications equipment and staffing levels) will be available as required. This should take account of:

    • How you have determined the level of resources required to operate at the intended level.

    • Lead times in recruiting and training additional staff.

    • Formal processes to ensure any necessary amendments to your Local Working Procedures are actioned.

    • Lead times for the procurement of additional hardware and/or software.

    • Test plans for the additional software and/or hardware that would be invoked.

As a minimum for Qualification purposes the following evidence would be expected:

(1) Test results demonstrating capability to process the maximum capacity requested in the following areas:

    • Computer software.

    • Hardware.

    • Manual procedures.

(2) The testing performed should include:

    • Testing at the maximum capacity to include the anticipated number of exceptions that would be produced through the course of normal day to day operations.

    • Testing of all significant business processes, including those processes that relate to exception handling.

    • Testing in respect of a five calendar day period, handled over three consecutive processing days simulating a normal day, followed by a busy day, followed by another normal day (e.g. a Friday, Monday and Tuesday where no processing occurs over the weekend) – only Applicants seeking Qualification as either a Data Collector or Data Aggregator are required to perform this testing.

(3) Test documentation for testing the capacity of computer software, hardware and manual procedures as detailed in points (1) and (2) above.

(4) Outstanding issues from testing.

(5) Issue resolution plans and evidence of re-testing where applicable.

(6) Additional evidence – Volume increase extrapolation analysis. Where you do not plan to test to your full requested volume (e.g. where you are seeking re-Qualification of your service to an planned step change in your intended scale of operation), you would be expected to provide evidence of some level of testing of increased capacity, in addition to supporting documentation detailing the results of any extrapolation analysis performed. The way this analysis is presented can vary, but key items to include in the extrapolation analysis would be:

    • current capacity on database and server for current volume of MSIDs on the system;

    • analysis of key processing times; and

    • testing to an increased volume to ascertain the impact this has on storage (available space), processing times, staff etc.

6.1.4

What planning have you undertaken and/or what ongoing monitoring processes do you have in place to ensure that you have sufficient resources to operate your service, particularly as you move from your initial start up volume to your intended scale of operation?

This question is aimed at the ongoing operation of your service.

As part of your answer it is important that you are able to demonstrate control over the operation of the system(s) in terms of monitoring performance against timetables and the requirements of the BSCPs and PSL100 to ensure processing occurs as scheduled. You should also explain how you monitor capacity to take preventative action before resource capacity becomes an issue. You may employ different assessment approaches depending upon the resource. Your response to this question should address all resource elements of your service and all the activities you employ in relation to each element including:

  • IT infrastructure.

  • IT systems.

  • Staff at all levels and functions.

  • Office space, etc.

The type of controls you have in place to monitor your performance and system capacity will depend on the nature of your system and the IT infrastructure set up. An example of the types of monitoring you may have in place is given below.

Example:

IT infrastructure: you may operate a combination of formal future capacity planning - documenting the technical specifications of the elements of your IT infrastructure, what configurations you would use as volumes increased and perhaps where those components can be sourced – together with ongoing monitoring of network downtime/usage/response times to identify stress points and act as the trigger to assess the need to upgrade the infrastructure.

Operational staff – you may operate a number of processes to assess whether the levels of operational staff are sufficient to meet the day to day workloads of the service. Such processes may be monitoring the levels of manual processing/exception backlogs, staff appraisal/development reviews and independent reviews by your internal audit function.

Examples of the types of monitoring controls and supporting evidence expected to be in place to illustrate your ongoing monitoring controls and processes would be:

  • Performance monitoring local working procedures covering:

    • Overall service performance monitoring (e.g. continual review that key timetable requirements and performance targets are being met (e.g. submission of Supplier Purchase Matrices (SPMs) to SVAA, percentage of actual data at RF). Where problems are identified an analysis should be undertaken to identify the root cause.

    • System hardware (including server capabilities and partition monitoring and alert procedures, where the systems have any alert software installed to automatically notify the operations staff of forthcoming problems to enable pre-emptive action to be taken this should be detailed here) to ensure that appropriate action can be taken on a timely basis – e.g. adding additional disks to the servers, reallocation of server partitions etc.

    • System software (including ability to process volumes at your maximum intended scale of operation).

    • Staff performance and assessment.

It would be expected that these procedures cover the following key areas as a minimum:

  • Ongoing capacity and performance monitoring.

  • Issue identification – pre-emptive identification to mitigate the risk of serious impacts on processing and performance.

  • Issue resolution action plans.

3. NHHDC Testing Requirements

Testing requirement NHHDC

Description

Additional comments

Arithmetic accuracy testing

Metering Management

D0001

D0002

D0170

D0005

D0149

D0150

D0313

Readings management

D0010

D0004

D0012

D0019

D0052

UMS EAC

D0071

D0086

D0152

D0290

Where Data Retrieval is provided separately

Exception Management

D0023

Data reports

D0029

D0039

D0227

D0269

D0270

Energisation Status

D0139

Hub management

D0148

D0151

D0155

4. HHDC Testing Requirements

Testing requirement HHDC

Description

Additional comments

Arithmetic accuracy testing

Metering management

D0001

D0002

D0005

D0170

D0214

D0268

Readings management

D0004

D0008

D0010

D0012

D0022

D0036

D0289

D0379

D0380

D0390

Exception Management

D0235

Data reports

D0269

D0270

Energisation Status

D0139

Hub management

D0148

D0151

D0155

5. NHHDA Testing Requirements

Testing requirement NHHDA

Description

Additional comments

Arithmetic accuracy testing

Readings management

D0019

D0041

Exception Management

D0023

D0095

Data reports

D0227

D0269

D0270

Hub management

D0151

D0209

6. HHDA Testing Requirements

Testing requirement HHDA

Description

Additional comments

Arithmetic accuracy testing

Readings management

D0036

D0040

D0298

D0380

Exception Management

D0023

D0235

Data reports

D0269

D0270

D0354

D0385

Hub management

D0151

D0209

7. SMRA Testing Requirements

Testing requirement SMRA

Description

Additional comments

Metering management

P0171

Exception Management

D0023

Data reports

D0269

D0270

P0035

D0089

D0171

D0172

D0203

Hub management

D0204

D0205

D0209

D0213

D0217

D0260

8. Not Used

9. Not Used

10. CVA MOA Testing Requirements

Testing requirement CVA MOA

Description

Additional comments

Metering management

CDCA - I003

MTDs

CDCA - I006

Meter data for proving test

CDCA - I007

Proving test and reports

CDCA – I010

Exception Report for missing and invalid period data

CDCA – I014

Estimated Data Report

CDCA – I054

Meter Status Report

11. Meter Administrator Testing Requirements

Testing requirement Meter Administrator

Description

Additional comments

Metering management

Meter faults

Readings management

D0003

Data reports

D0269

D0270

Energisation Status

D0139

Hub management

D0148

D0151

12. Unmetered Supplies Operator Testing Requirements

Testing requirement Unmetered Supplies System Operator

Description

Additional comments

Metering management

P0171

D0132

P0175

D0125

Readings management

D0052

D0310

P0218

Data reports

D0269

D0270

P0024

P0035

Energisation Status

D0134

D0139

Hub management

D0170

D0148

D0155

P0207

13. Supplier Testing Requirements

Testing requirement Supplier

Description

Additional comments

D0001

D0002

D0005

D0089

D0125

D0132

Metering management

D0142

D0150

Non Half Hourly

D0170

D0214

Half Hourly

D0215

D0268

Half Hourly

D0313

Non Half Hourly

D0367

Non Half Hourly

Readings management

D0003

Half Hourly

D0008

Half Hourly

D0010

D0012

D0019

Non Half Hourly

D0022

Half Hourly

D0030

Non Half Hourly

D0036

Half Hourly

D0040

Half Hourly

D0041

Non Half Hourly

D0043

D0052

Non Half Hourly

D0071

Non Half Hourly

D0072

Non Half Hourly

D0079

D0081

D0082

D0086

Non Half Hourly

D0289

Half Hourly

D0298

Half Hourly

Exception Management

D0095

Non Half Hourly

D0235

Half Hourly

Data reports

D0018

D0029

Non Half Hourly

D0269

D0270

Energisation Status

D0134

D0139

D0179

Non Half Hourly

D0180

Non Half Hourly

D0011

D0148

D0149

Non Half Hourly

D0151

D0153

D0155

D0164

Half Hourly

Hub management

D0203

D0205

D0213

D0217

D0260

D0261

D0266

P0068

UMS

P0170

UMS

P0207

UMS

14. Virtual Lead Party Testing Requirements

Testing requirement

Virtual Lead Party

Description

Additional comments

Delivered Volume Notification

P0282

MSID Pairs only

Rejection of Delivered Volume

P0283

MSID Pairs only

Confirmation of Delivered Volume

P0284

MSID Pairs only

Delivered Volume Exception Report

P0285

MSID Pairs only

Secondary Half Hourly Consumption Volumes

P0288

MSIDs only

15. Licensed Distribution System Operator Testing Requirements

Testing requirement Licensed Distribution System Operator

Description

Additional comments

Commissioning status

D0383

Metering Management

D0215

D0382

Energisation Status

D0134

D0139

Hub management

D0170

16. Asset Metering Virtual Lead Party Testing Requirements

The following testing requirements are for AMVLPs using Asset Metering Systems as part of their AMVLP Service.

Testing requirement

Asset Metering Virtual Lead Party

Description

Additional comments

Delivered Volumes

P0282

MSID Pairs and / or AMSID Pairs

P0283

MSID Pairs and / or AMSID Pairs

P0284

MSID Pairs and / or AMSID Pairs

P0285

MSID Pairs and / or AMSID Pairs

Secondary Half Hourly Consumption Volumes

P0288

MSIDs and / or AMSIDs

Metering management

D0001

D0002

D0005

D0142

D0170

D0214

P0315

D0268

Readings management

D0003

D0008

D0010

D0022

D0036

Energisation Status

D0134

D0139

Hub management

D0011

D0148

D0151

D0155

D0261

21.2 APPENDIX 2 - GUIDANCE NOTES ON COMPLETING THE SELF ASSESSMENT DOCUMENT (SAD)

Whilst guidance has been provided for each question in the SAD, there are a number of areas where further clarification may be required to ensure that responses are complete. The objective of this guidance note is to provide additional information on some of the more complex sections covered by the SAD. Should further guidance still be required, the Applicant should contact Elexon to discuss further. This guidance is not intended to be part of the SAD nor is it an exhaustive list. Not all of the items identified will necessarily be applicable to, or cover, the circumstances of every Applicant.

1. Disaster Recovery planning and testing to ensure business continuity

Background information:

Qualified Persons do not work in isolation, but are highly dependent on other Parties and Party Agents in the electricity market to operate effectively. The existence of reasonable, comprehensive, written and fully tested disaster recovery plans is therefore essential to ensure the Trading Arrangements continue to operate effectively, as a whole, despite problems encountered by an individual Qualified Person. Consequently, services must meet the basic criteria of a reasonable, documented disaster recovery plan which has been fully tested.

Disaster recovery planning is not restricted simply to IT systems and hardware but extends to the necessary source documentation and surrounding procedures including telecommunications. For example, if Meter reading information is recorded and/or processed using a paper based system, then the disaster recovery plan should ensure that this information is accessible and that processing can continue in an emergency situation should this occur.

As part of the disaster recovery planning process, each Qualified Person will normally define what constitutes an emergency (disaster) situation dependent upon its own particular circumstances. Normal practice would be to analyse different types of emergency situation that could occur and to categorise these into different grades of emergency depending on severity. For example, failure of a computer disk may be an emergency situation which invokes a certain set of emergency procedures but would not be severe enough to invoke those procedures which require evacuation to a back-up computer facility. Similarly, what might constitute a disaster situation for one organisation may not constitute one for another organisation. Using the example of a computer disk failure, an organisation operating a large computer system would normally have the facilities to call an engineer to replace the disk unit and recover the information held on that disk. In this case the problem may be considered an exception condition rather than an emergency. However, for an organisation operating a single PC, a computer disk failure may well constitute an emergency situation (disaster) as the expertise to replace the disk unit and recover the lost information may not be readily available. The disaster recovery plan should not just consider IT risks but also environmental. For example, if there were to be a power failure, the water supply was switched off, or access to premises was denied.

Disaster recovery plans are perhaps best described as a series of pre-agreed procedures giving authority to a “disaster recovery team” to act to recover services in an emergency.

Completing the SAD

The following provides a cross reference between the Disaster Recovery questions covered in each section of the SAD and provides further guidance as to the areas that should be covered by the response. In summary:

  • Disaster recovery and business continuity planning and testing is covered in questions 4.2.1, to 4.2.4 and 4.3.1 to 4.3.4 of the SAD.

  • Testing of the disaster recovery plan is also referred to in Section 3 Testing but the Applicant is instructed to simply provide a cross reference to the questions in Section 4.

Question

Number

Question

Further Guidance

4.1.3

What plans does your organisation have in place to address disaster recovery of all key data, systems and processes and how will you ensure business continuity considering the people, knowledge, resources and office space required to operate the service?

(complex system question)

Effective disaster recovery plans must cover all critical components of the business processes which comprise the service you are providing. These must be based on your risk analysis of your requirements and assumptions made in writing your plan.

You should explain how all these critical aspects have been addressed. Furthermore, you will need to show that you have omitted nothing essential from your plans. You should also provide a brief description of your disaster recovery facilities, including third party providers, arrangements for alternative office accommodation, re-routing of telecommunication links etc.

The following areas should be considered in the development and documentation of a comprehensive disaster recovery plan:

1. Identification and documentation of all applicable business processes and supporting applications.

2. Identification and analysis of all threats to critical business processes and supporting facilities covering the service. These may include, but are not limited to bomb threats, fire, flood, power/utility outage, lottery wins by office syndicates, hurricanes etc.

3. Dependencies on internal and external business processes and other business support services (e.g. premises, hardware support, telecommunications support, systems support etc.) should be identified and documented for the service. These dependencies should be communicated to the relevant parties.

4 Identification of minimum recovery resources (such as critical personnel, hardware, software, workspace requirements, telecommunications etc.) and alternate facilities for the systems and supporting processes. There are plans to ensure that these resources and facilities are available to enable appropriate restoration of the service within required recovery timeframes. Controls over access to alternate facilities are established and properly documented to prevent unauthorised access during the operation of these facilities.

5. Development and documentation of recovery strategies for the resumption of critical business support services (e.g. systems support, telecommunications support) and IT facilities.

6. Back up and restoration procedures for all applications and data necessary to support the service have been developed, documented and tested.

7. Recovery procedures are documented in detail, including:

a. Notification of teams and users;

b. Procedures to invoke the alternate site and relevant alternate site contacts;

c. Operation of applications systems;

d. Communications and systems software at alternate site;

e. Testing of restored operations;

f. Manual and/or interim processing procedures should be developed and documented to meet stated recovery time objectives wherever recovery time shortfalls exist between the restoration of appropriate IT facilities and the service requirements (e.g. the business unit needs to process Meter reads but the communications links to make such Meter reads are unavailable for several days); and

g. Procedures are in place and documented for the recovery of incremental data lost between the last backup and the time of the disaster; and

h. Vital records are stored off site;

8. Appropriate teams are established for the recovery of the service. The functions of these teams including responsibility for their overall management have been defined and documented.

9. A disaster recovery awareness programme has been developed aimed at communicating details of the plan to all staff, business units and other associates (where deemed appropriate).

10. The plan has been reviewed and approved by senior management.

You should also provide information on the periods of time that each aspect of your service could be out of operation (outage) under your plans and demonstrate that these periods of outage are consistent with the service level standards as set out in the relevant BSCPs and PSL100.

Examples of evidence that you would be expected to be able to provide to illustrate the controls and procedures that you have in place would be:

  • Formalised final version of your Disaster Recovery Plan (a draft is not acceptable).

  • Evidence of senior management sign-off.

  • Formal, documented, up to date procedures.

  • Formal, documented, evidence of roles and responsibilities.

  • Where a third party contractor is used for disaster recovery – evidence of a formal disaster recovery contract services being in place.

4.1.4

How have you tested your disaster recovery plans prior to go-live (or for a re-Qualification within the 12 month period prior to your re-Qualification application)?

This response should address the extent of the disaster recovery testing that you have already undertaken in order to support your Application. The response should demonstrate how your testing has demonstrated that the disaster recovery plans which you have in place will ensure that there will be no disruption to the day to day operation of the BSC Systems and that no other Party or Party Agent will be adversely impacted.

Tests should cover both IT and operational aspects of the service, including:

1. Notification procedures and lines of communication;

2. Compatibility of alternate IT and workspace facilities (e.g. equipment, telecommunications);

3. Recovery of critical applications systems at alternate site;

4. Interim and manual processing procedures; and

5. Recovery of the systems.

Examples of evidence that you would be expected to be able to provide to illustrate the controls and procedures that you have in place would be:

  • Disaster Recovery plan test plan

  • Disaster Recovery plan test results (satisfactory test results would be expected) results showing significant issues in recovery would indicate that the Disaster Recovery plan in place was not adequate and therefore did not support that the service had adequate recovery plans in place to mitigate risk to the service and all other participants operating in the market.

  • Disaster Recovery plan test result sign off by senior management

4.1.5

How will you ensure that your disaster recovery plans continue to be tested on an ongoing basis?

To be reasonably certain that your disaster recovery plan will work it must be tested and updated regularly. The plan should be tested fully at least once in a 12 month period, but often aspects of the plan are tested more frequently.

Additional testing of the plan will need to be undertaken if significant changes have been made which would impact the Disaster Recovery plan. Good practice states that when Disaster Recovery plans are updated either due to organisational, location, third party disaster recovery services provider or IT operational change a full test should be undertaken to ensure that the updated plan will function as required. These changes may arise, for example, from the relocation of computer systems, migration to new hardware and software environments or as a result of significant modifications to data volumes being processed.

Test planning, testing and post test evaluation procedures (this should include the establishment of frequency and trigger criteria for updating the plan(s)), formalised test schedules, procedures to ensure adequate post test evaluation is undertaken e.g. test results should be compared against predetermined test criteria and test objectives to determine the degree of success of the test, written evaluations of the test process, results and outstanding issues should be submitted by the test team leaders and discussed with senior management, rectification procedures to ensure all testing issues are resolved, the plan updated (where applicable) and re-testing of the plan is undertaken.

Examples of evidence expected to be in place to illustrate your controls and procedures in place would be:

  • Formalised final version of your Disaster Recovery schedule (a draft is not acceptable).

  • Evidence of senior management sign-off.

  • Schedule of tests to be performed / project plan detailing commitment to test every 12 months.

  • Where a third party contractor is used for disaster recovery – evidence of a formal disaster recovery service contract being in place which includes the facility to test on an ongoing basis.

4.1.12

How have you ensured that appropriate data back-up, archive and restoration arrangements have been established and operate effectively?

This question is not referring to the specific Disaster Recovery plans you have in place (4.2.1) but to daily operational back-up processes that should be being performed. Therefore submission of your Disaster Recovery plan as evidence to support a response to this question would not be sufficient. The aim of this question is to ascertain that there are appropriate operational day-to-day back-up procedures in place and that this can be demonstrated as working effectively.

Examples of evidence expected to be in place to illustrate your controls and procedures in place would be:

  • Back-up schedule / IT Operations task schedule.

  • Completion of IT operations task list on a regular basis.

  • Documented back-up procedures in place, e.g. in IT Operations User Manual.

In addition, good practice recommends regular testing of back-up tapes to ensure that back-up tapes are functioning as expected. This is to mitigate the risk that back-up tape failures would only be recognised upon attempted recovery in the event of a disaster.

Examples of evidence expected to be in place to illustrate your controls and procedures in place would be:

  • Documented back-up tape testing procedures e.g. in IT Operations User Manual.

  • Evidence of regular back-up tape testing (where applicable). It may be that back-up tape checks are automatically performed by some form of monitoring tool, e.g. Redbox, which can notify the operatives of any failure in back-up.

  • Adequate security over back-up tapes.

4.2.2

What plans does your organisation have in place to ensure that the service can continue to operate in the event of a Disaster? (simple system question)

Whilst it is not expected that a service with a simple system would have as complex a Disaster Recovery plan as a service with complex systems, the requirement to have an appropriate level of Disaster Recovery cover still applies albeit of a less complex nature. A service with simple systems still needs to be able to demonstrate the thought processes that have gone into Disaster Recovery planning and that the Applicant has implemented adequate documented procedures and has adequate controls in place to mitigate against loss of service in the event of a disaster.

Consideration should be given to the same points (1-7) as noted in the guidance in 4.2.1 above. However, this should be in the context of the simple systems in use. Additional consideration should be given to:

  • All paper based information.

  • Up to date, off-site storage of all paper based data required to operate your service and meet minimum audit trail requirements as set out in the PSL100.

Illustrative example:

If your system was a simple system based on:

  • The utilisation of one key spreadsheet only.

  • Formal records being faxed from other services.

Adequate Disaster Recovery may constitute having an up to date copy of the key spreadsheet stored on disk securely off site. In addition, where paper records are your key source of information a duplicate copy of these would also be expected to be held somewhere other than your key operating location. This could involve holding a duplicate set of paper copies securely offsite, or scanning all records onto CD and holding a copy of the CD in a secure offsite location.

Consideration should also be given to your ability to operate from (and have access to) an alternate location. For example if your operations primarily require the use of a telephone, PC and fax machine, consideration should be given to where these services can be obtained and how quickly.

The primary objective is to demonstrate that you can recover your service (which in the case of a simple system should be much simpler than a complex system with multiple IT requirements) within sufficient time, so as not to impact on Settlement. Consideration should be given to the recovery of the service within periods of time that meet the requirements of the BSCPs and PSL100.

Examples of evidence expected to be in place to illustrate your controls and procedures in place would be:

  • Formalised final version of your Disaster Recovery plan (a draft is not acceptable).

  • Evidence of senior management sign-off.

  • Formal, documented, up to date procedures.

  • Formal, documented evidence of roles and responsibilities.

  • Where a third party contractor is used for disaster recovery – evidence of a formal disaster recovery services contract being in place.

Testing of your Disaster Recovery plans

The methods of testing your Disaster Recovery plan may vary depending on the structure and key components of the simple system in place. A test of the illustrated system above may constitute relocation to another office / building and using the back-up discs of the key spreadsheet and data flow records to demonstrate it is possible to continue operation. If the telephone and fax are your key means of communicating with other parties, then it would be key to demonstrate that you not only had all up to date contact details for internal staff in the Disaster Recovery plan, but also up to date contact details for all relevant external parties, so that you can contact them and provide them with your temporary alternate telephone and fax numbers to ensure that they can continue to communicate with you as required.

Ongoing Testing

In terms of testing a simple Disaster Recovery plan – the requirement still stipulates that this should be every 12 months. Where changes have occurred, you should be ensuring that these are incorporated in an updated Disaster Recovery plan and tested to ensure that the plan still operates satisfactorily.

1 HHDC-serviced Metering System’ is a Metering System where the HHDC is responsible for collecting data directly from the Metering System.

2 HHDC-serviced Asset Metering System’ is an Asset Metering System where the HHDC is responsible for collecting data directly from the Asset Metering System.

3 Supplier-serviced Metering System’ is a Metering System where the Supplier obtains data from a SMETS compliant Meter, either directly or using a service provider.

4 HHDC-serviced Asset Metering System’ is an Asset Metering System where an AMHHDC is appointed and it is the AMHHDC that is responsible for collecting data directly from the Asset Metering System and passing this to the HHDC.

5 When registering a Supplier-serviced Metering System, the Supplier must ensure that the Meter Operator Id (J0178) is for their appointed SVA NHHMOA, and that the value for Meter Operator Type (J0675) is valid in SMRS for the Measurement Class.