Summary

Commissioning is the critical step between completing the installation and handing over a working, documented system. It is not a quick checklist — for a medium-sized commercial system it can take a full day, and for large installations, commissioning can run over several days.

NSI and SSAIB codes of practice define the minimum commissioning activities required for approved installations. These requirements are audited at annual inspections — an incomplete commissioning record can result in suspension from the scheme. Beyond compliance, thorough commissioning is the installer's protection: it documents that the system worked correctly at handover, which matters enormously if a system later fails to activate during an incident.

The walk test is the heart of commissioning. Every single detector must be individually triggered and its response verified at the panel. This includes detectors that are awkward to reach, in roof voids, or require ladders. No shortcuts.

Key Facts

  • Walk test mode — all panels have a walk test (or function test) mode that suppresses the alarm sounders but records activations; use this for detection testing
  • Tamper circuit test — every device tamper, every cable run tamper (where fitted), and the panel tamper must all be verified
  • End-of-line resistors (EOLRs) — must be confirmed correct value at every zone; a missing or wrong EOLR causes zone monitoring failures
  • Communication path test — the ARC or app must receive a test signal; dial-up systems must complete a full call; IP systems must confirm connectivity and encryption
  • False alarm avoidance — ensure the panel is in full set mode (not just part-set) during final tests; notify the ARC before testing to avoid unnecessary response dispatch
  • BS 7671:2018+A2:2022 — covers the low-voltage power supply components of security systems; the 12 V/24 V PSU and its mains connection must meet IET Wiring Regulations
  • Commissioning certificate — must be completed and signed by the commissioning engineer and the customer; retained by the installer for at least 6 years
  • System log sheet — record date, system reference, engineer name, each test performed, any faults found and rectified, and the final system state
  • User codes — installer/engineer codes must be different from user codes and must be changed from factory defaults
  • Factory default codes — a major vulnerability; ALL factory default PINs must be changed at commissioning without exception
  • Grade compliance test — for BS EN 50131 Grade 2/3 systems, specific tests are required by PD 6662:2017 including confirmation timing and signalling path testing
  • Certificate of conformity — some customers (insurers, police URN applications) require a formal Certificate of Conformity; this is separate from the commissioning record

Quick Reference Table

Spending too long on quotes? squote turns a 2-minute voice recording into a professional quote.

Try squote free →
Test Area What to Check Common Failures
Detection devices Every PIR, contact, shock, glassbreak individually activated Missed zones, incorrect zone mapping
Tamper circuits Open each device, cut cable tamper if fitted Factory tamper loops not removed, wrong EOLR
Sounders / sirens Internal and external; correct tone, correct timing Wrong dwell time, sounder wiring on wrong zone
Strobe Correct flash rate; does not trigger on full set when uninvited Polarity errors, wrong wiring
Panel tamper Remove panel lid and verify tamper alarm Tamper switch not making contact
Keypad operation Arm/disarm, fault display, panic function Wrong keypad address, incorrect exit/entry times
Communication path ARC receives test alarm, UDL/remote access confirmed Wrong account number, firewall blocking port
Power supply Mains and battery; correct output voltage under load Wrong battery spec, low charge state
Exit/entry timing Correct exit time, correct entry delay Too short (causes accidental alarms), too long (security risk)
User training User can arm/disarm, identify faults, contact ARC Incorrect operation causing false alarms

Detailed Guidance

Walk Test Procedure

The walk test is conducted in walk test mode with the panel in an alarm-suppressed state. The engineer walks to each detection device and activates it, verifying that:

  1. The correct zone is triggered on the panel
  2. The zone light/indicator at the panel shows the correct zone label
  3. The activation is logged in the panel event log with the correct zone identifier and time

PIR detectors: Stand in front of the detector and wave your hand at the detection curtains. A warm surface crossed rapidly is more effective than whole-body movement. Most PIRs have a test LED that flashes when activated — confirm this LED operates.

Door/window contacts: Open the protected door or window fully (not just partially — check the magnet separation distance). Surface-mounted contacts with magnets need to be far enough apart to confirm the correct reed switch gap.

Shock/vibration detectors: Strike the protected surface (glass, wall, door) with a firm flat-palm blow — do not damage the surface. The panel should show the correct zone within 2–3 seconds.

Glassbreak detectors: Use the manufacturer's supplied tester device. Never attempt to break glass — the tester generates a frequency-matched signal that mimics breaking glass without requiring actual breakage.

Passive beam detectors: Break the beam by walking through it or holding a hand in the beam path. Verify the beam is at the correct height and the installer has set the pulse count correctly (prevents bird/insect false alarms).

Passive magnetic locks and door contacts on access control: Test both the credential release and the manual break glass release. Verify the door-open monitoring contact triggers the correct event.

Record each test in the commissioning log: zone number, zone description, device type, test method, result (pass/fail), and any remedial action.

Tamper Circuit Verification

Tamper monitoring ensures the system can detect attempts to disable or defeat it. Every tamper circuit must be tested individually.

Device tampers: Remove the device cover (PIR, keypad, control panel) and confirm the tamper alarm is generated at the panel. The tamper must register as a tamper event (usually shown on zone display or in event log as a tamper, not an alarm or fault).

End-of-line resistors: Verify the EOLR value matches the panel specification (typically 4k7, 2k2, or double-resistor EOLRs). A multimeter across the zone terminal at the panel should read the correct resistance when the zone is closed/restored.

Cable tamper (where fitted): This is a metallic sleeve around the cable that shorts if cut; cutting the cable also cuts the tamper conductor. For Grade 3 systems, cable tamper monitoring may be required for exposed cable runs.

Panel main tamper: Open the panel lid. The tamper alarm must activate. The tamper signal must be transmitted to the ARC if the system is monitored.

Exit and Entry Timing Verification

Exit time (the delay between arming the panel and activation being live) must be long enough for the user to leave the building and arm the final exit door without triggering an alarm. Entry time (the delay before alarm when a valid user enters) must be long enough for the user to reach the keypad and disarm.

Common problems:

  • Exit time too short — user accidentally arms the system while still inside; causes immediate alarm
  • Exit time too long — provides more time for an intruder who has defeated the entry alarm to reach the keypad before the alarm triggers
  • Entry time too long — intruder uses the entry time to locate keypad; alarm does not trigger for an extended period

Verify:

  1. Start timing from arm confirmation
  2. Confirm buzzer sounds throughout exit time
  3. Open the final exit door — entry delay should start only after the door is opened (in most configurations)
  4. Disarm at the keypad within the entry time — system should restore cleanly
  5. Repeat: re-arm and intentionally allow the entry delay to expire — internal sounder must activate on time, ARC signal must transmit on schedule

ARC Commissioning Test

For monitored systems, the ARC must be notified before commissioning tests and must confirm receipt of:

  1. Alarm signal — trigger an alarm zone and confirm the ARC receives the correct alarm signal
  2. Restore signal — restore the alarm and confirm the ARC receives the restore event
  3. Tamper signal — trigger a tamper and confirm the ARC receives the tamper event
  4. Path failure — for dual-path systems, disconnect the primary path and confirm the secondary path activates and the ARC receives a path failure event

For IP communicators, the ARC's technical team should confirm:

  • IP communicator is polling at the agreed interval
  • Account number matches their records
  • Encryption key (where applicable) is confirmed

End-User Training

Inadequate user training is one of the primary causes of false alarms. NSI Code of Practice requires that end-user training is completed and the user countersigns the commissioning certificate confirming they have been trained.

Training must cover:

  • Arming and disarming — at each keypad, in each set mode (full set, part-set where applicable)
  • Exit and entry procedure — which door to use, timing sequence
  • Reading the keypad display — fault conditions, zone in alarm, tamper conditions
  • Panic/duress function — how to activate, when to use
  • ARC contact details — keyholders must know the ARC's number and their account reference
  • False alarm procedure — what to do if the alarm activates accidentally; cancellation procedure
  • System isolation — how to isolate a faulty zone without disabling the whole system
  • Changing user codes — the customer must be able to change their own PIN; default PINs are a security risk

Issue the customer with a written copy of the keypad user guide and the ARC's contact card. Many false alarms happen because a keyholer cannot find the ARC number in a panic.

BS 7671 Compliance for the PSU Connection

The alarm system's mains power supply unit (PSU) is a piece of electrical equipment connected to the fixed wiring. Under BS 7671:2018+A2:2022:

  • The PSU's mains connection must be on a dedicated or appropriate circuit — preferably a fused spur from the consumer unit
  • The spur must be protected by a 3 A or 5 A fuse appropriate for the PSU's input current
  • The fused spur must be accessible for isolation but not easily accessible to the user (to prevent accidental isolation of the alarm supply)
  • Where a fuseboard/DB connection is made, it must be recorded in the DB schedule
  • If the installer makes a mains connection, they must be suitably qualified (Part P registration for domestic work, or competent person scheme member)

Many security installers are not Part P registered electricians. In this case, the mains connection should be made by the building's electrical contractor, and the security installer connects to the secondary side of the PSU only.

Frequently Asked Questions

What is the difference between a commissioning certificate and a Certificate of Conformity?

A commissioning certificate is the installer's internal record confirming what was installed, tested, and handed over. It is kept by the installer. A Certificate of Conformity (or similar named document) is issued to the customer and confirms that the system complies with the relevant standards (e.g., BS EN 50131, PD 6662). NSI and SSAIB approved installers typically issue a system confirmation document that functions as both. Some insurers and police URN applications require the conformity certificate specifically.

How long should I spend on commissioning a typical domestic system?

A standard domestic system (1 panel, 6–10 zones, 1 external sounder, 1 keypad, no monitoring) should take 2–3 hours for a thorough commissioning including end-user training. Rushing below this usually means tests are skipped. A monitored system with ARC commissioning adds 30–60 minutes.

Can I commission a system without the customer present?

The walk test and technical commissioning can be done without the customer present, but end-user training and the customer's countersignature on the commissioning certificate require the customer or their authorised representative. Handing over a live alarm system without training is not acceptable — and creates significant liability for the installer when the customer generates false alarms from incorrect operation.

What should I do if I find a fault during commissioning?

Fix it before signing off. The commissioning certificate is a statement that the system was working correctly at the time of commissioning. If you find and fix faults during the process, record them (what the fault was, what was done to fix it) in the commissioning log. A documented fault found and fixed is not a problem — an undocumented fault is.

How often does a commissioned system need to be recommissioned?

Full recommissioning is not typically required unless the system undergoes significant modification (adding a zone, replacing the panel). Annual maintenance (see security system maintenance contracts) involves testing all detectors and functions, but from a maintenance visit report rather than a commissioning certificate. If the panel is replaced, treat it as a new commissioning.

Regulations & Standards

  • BS EN 50131-1:2006+A3:2022 — general requirements; commissioning requirements for intruder alarm systems

  • PD 6662:2017 — UK application document; commissioning requirements for graded systems; certificate of conformity

  • BS 7671:2018+A2:2022 — IET Wiring Regulations; applicable to mains power supply connections

  • NSI NCP 109 — NSI Code of Practice for the installation of intruder alarm systems; commissioning records requirements

  • SSAIB CoP — SSAIB Code of Practice; equivalent commissioning and documentation requirements

  • NPCC Security Systems Policy — commissioning documentation required for URN application

  • NSI Commissioning Guidance — National Security Inspectorate commissioning documentation requirements

  • SSAIB Installation Standards — SSAIB commissioning and handover requirements

  • IET BS 7671 Guidance Note 7 — Special locations; relevant sections on security system PSU connections

  • BSIA Form 175 — False alarm management guidance; role of commissioning in prevention

  • Texecom Panel Commissioning Guide — Example manufacturer commissioning documentation

  • intruder alarm grades — Grade requirements that define minimum commissioning tests

  • alarm receiving centre arc — ARC commissioning test procedures

  • pir detector siting — Walk test methodology for PIR detectors

  • security system maintenance contracts — Ongoing maintenance obligations post-commissioning

  • wireless alarm systems — Wireless system commissioning differences