Consultation on Ofgem’s proposed new NIS Enforcement Guidelines and Penalty Policy
- Upcoming
- Open
- Closed (awaiting decision)
- Closed (with decision)
As part of Ofgem’s duty to regulate the way in which businesses in the energy sector behave, it is important that we can act swiftly and decisively to put things right if businesses fail to meet their duties, including where they demonstrate poor behaviours or conduct. By doing so, Ofgem can send strong deterrent messages to all the relevant businesses operating in the energy sector.
The aim of the Network and Information Systems Regulations 2018 (NIS) is to drive improvement in the protection of the network and information systems that are critical for the delivery of the UK’s essential services.
Designated operators of essential services (OES) must comply with a number of duties set out in NIS. These include taking appropriate and proportionate technical and organisational measures to manage risks posed to the security of the network and information systems on which their essential service relies.
The aim of Ofgem’s draft NIS Enforcement Guidelines and Penalty Policy is to provide greater clarity, consistency and transparency to our enforcement policies and processes, and to describe the framework we have in place to maximise the impact and efficiency of our enforcement work under NIS.
We are seeking views on the proposals set out in the consultation document below from OES and any other parties with an interest in our NIS enforcement work. The responses will help us to ensure that our enforcement processes are clear, consistent and relevant.
Please send your responses to the Enforcement Team at NISEGconsultation@ofgem.gov.uk by 30 November 2021.
Once the consultation is closed, we will consider the responses carefully. Please note that any non-confidential responses to the consultation may be published on our website – for further information on data and confidentiality, please refer to the consultation document.
Please note that the main NIS Enforcement Guidelines, which includes the proposed NIS Penalty Policy as an Annex, is a draft document issued for the purposes of this consultation.