Back

Who We Are

Meet The Team

Awards And Certificates

Annual Reports

Responsible Business

Blogs

ICO consults on data protection and GenAI

View All

Case Studies

Powering Alt HAN Co.'s Smart Meter Rollout

View All

Upcoming Events

World Hydrogen 2024 Summit & Exhibition

View All

Webinars

Private & blended finance retrofit: lessons from a pioneering partnership

View All

Opportunities

View All

Close

Press enter to search

Security Health Check

Security Health Check for UK Energy Companies

Gemserv have completed numerous security health checks for UK energy companies.

To join the Data Communications Company (DCC) network, smart metering companies must prove that their own systems are secure. Gemserv’s CIO Audit capability supports companies to identify gaps in their Information Security Management System (ISMS) documentation and identifies how best to close them, making your systems safe and secure before they are audited by the User CIO. Gemserv are a dependable, collaborative, and innovative management consultancy and offer a wider range of expertise across cyber security, data privacy, regulator support and certification.

We have helped companies to identify gaps in their Information Security Management System (ISMS) documentation, SEC requirements section G and section I, as well as raising issues and proposing remediations across their operational activity and documentation. Ultimately, tackling day-to-day business actions that have deviated from best practices and helping to streamline security requirements, and ensuring companies remain compliant.

As the energy market continues to evolve towards Smart and Green Energy solutions, regulators mandate participants to meet security obligations stipulated within the smart energy code.

In our experience three hot security topics that have surfaced for most of our clients are:

  1. Appropriately addressing remote working; and
  2. The extent to which companies are managing third party due diligence practices and the relevant assurances in place; in the event of a vulnerability being detected within the supply chain.
  3. Challenges with managing third party due diligence practices and implementing the relevant assurances; in the event of a vulnerability being detected within the supply chain.

The five main areas addressed for CIO audits are:

  • Risk Assessments
  • Policies
  • Governance
  • Third-Party Due Diligence
  • Operational Activity

Tailored to your needs

The security health check can be structured around your security needs, it can include the following areas of support (please note this list is not exhaustive):

  • User Competent Independent Organisation (CIO) Security Audits
  • User Independent Privacy Auditor (IPA) Audits
  • Network and Information Security (NIS) Directive and Cyber Assessment Framework (CAF)
  • ISO Standards (including 27001, 22301, 27701, 9001, 14001, 27005, 27017)
  • Cyber Essentials and Cyber Essentials Plus
  • The Payment Card Industry Data Security Standard (PCI-DSS)
  • Negotiating and agreeing MAP commercial contracts/terms
  • Faster Switching
  • Feed in tariff (Assurance audits)
  • Purchasing and hedging energy

Here’s what our clients have to say…

Gemserv, Your Trusted Risk and Compliance Partner

  • We maintain a strong presence in the UK energy market through consultancy expertise by proactively guiding clients through regulatory changes. We were initially set up by the Big 6 Energy Companies over 20 years ago, when the UK energy market became privatised.

    Throughout the years, Gemserv continuously supported the energy companies with customer transfers through the MRA and regulatory advice. Later, as competition laws came into force, more energy companies started entering the market and looked to Gemserv for support as advice was needed on how to become profitable while adhering to regulations.

  • This allowed Gemserv to become an expert advisor and leader in the energy industry, where we now have over 50 consultants who are deeply experienced in understanding energy services.

    We have achieved organic growth by maintaining a practical approach with all energy companies and having a vested interest in their success. We were able to win the SECAS (Smart Energy Code Administration and Secretariat) for the SEC (Smart Energy Code), and also Alt HAN (Alternative Home Area Network) contract. Gemserv are also the Code Manager for the Retail Energy Code (REC), which superseded the MRA in 2021.

Get in touch

If you would like to know more about how we can help you with a security health check or would like to discuss your company’s needs, please click the link below.

I want to know more