Draft SSD Incident Management Policy - baselined

27/07/2015

DCC notes that the draft SEC Subsidiary Incident Management Policy (IMP) was baselined on 1 July 2015 by the Technical and Business Design Group (TBDG) (approval given ex-Committee). This baselined version is published here.

DCC also notes that the IMP now includes some elements of the Registration Data Incident Management Policy (RDIMP), while the 'Registration Data Refreshes' elements previously in the RDIMP are now housed in the Registration Interface Code of Connection. DCC notes that the RDIMP is now no longer required and has been withdrawn from baseline.

In addition an updated, Business Continuity and Disaster Recovery (BCDR) process will be added to the IMP at a later date (baselining likely in September 2015). It will be substantially the same as the version published previously, which is available here as part of the December 2014 version of the IMP.

TBDG also discussed whether the Error Handling Strategy (EHS) is better placed as self-help material, rather than as a formal SEC Subsidiary Document. This is because the EHS places obligations on Users to undertake checks on their systems when they receive error messages prior to escalating matters to DCC and that very similar text is included in the IMP, which requires Users to undertake checks on their own systems and to follow self-help material prior to raising an Incident.

The benefits of this approach are that there would be greater flexibility in making changes to the EHS in response to new information on how to deal with errors without the need to follow the more formal SEC modifications process. In its July 2015 SEC consultation DECC is formally consulting on this proposed change.