Consultation: General policy on ensuring compliance with security duties

  • Start: 08 March 2022
  • Status: Open
  • End: 31 May 2022

Ofcom is consulting on new guidance for telecoms providers, following the introduction of the Telecommunications (Security) Act 2021.

Last year, the Government passed new legislation regarding the security of public electronic communications services and networks in the UK.

Under the new framework, Ofcom has a duty to ensure providers comply with their security duties, including as to the availability, performance or functionality of the network or service; and it gives us the powers to proactively monitor and enforce these duties.

Today we have set out the procedures we expect to follow in carrying out our monitoring and enforcement activities. We have also proposed new guidance on which security compromises we would expect providers to report to us.

We are also proposing to update our existing guidance on network resilience to reflect the new framework, and draft regulations and Code of Practice, on which the UK Government is currently consulting.

Interested or affected parties are invited to respond to our consultation by 31 May 2022. We plan to issue our final procedures and guidance in Autumn 2022.

Ofcom has extended the closing date for responding to its consultation on the general policy on ensuring compliance with security duties to 31 May 2022. The extension, made in response to a request from a stakeholder, is to allow stakeholders more time to consider Ofcom’s proposed policy and guidance.

Responding to this consultation

Please submit responses using the consultation response form (ODT, 50.1 KB).

Main documents