Summary

Security system maintenance is a statutory and contractual obligation, not an optional add-on. For NSI and SSAIB approved companies, the codes of practice mandate maintenance contracts and define minimum inspection frequencies, test scope, and documentation requirements. The maintenance visit is also the principal commercial relationship between the installer and the customer after handover — it generates recurring revenue and provides the opportunity to upgrade ageing equipment.

For the customer, the maintenance visit is what keeps their insurance and police response valid. Many commercial property insurance policies contain a condition precedent that the security system is maintained by an approved contractor — a lapsed maintenance contract can void an insurance claim even if the alarm itself was functioning on the night of the incident.

Understanding what must be tested, documented, and reported is essential for any security installer. A rushed inspection that misses items creates liability for the installer if the system subsequently fails to operate correctly.

Key Facts

  • Annual inspection (Grade 1–2) — NSI/SSAIB require a minimum of one full inspection per year for systems graded 1 or 2
  • Bi-annual inspection (Grade 3–4) — two inspections per 12-month period required; typically 6 months apart; each inspection covers the full test scope
  • All detection devices must be tested at each visit — no sampling; every PIR, every door contact, every shock detector must be individually verified
  • All sounders and strobes — internal and external; verify activation, correct tone, correct timing
  • Communication path — the ARC link must be tested at every visit; a test signal must be transmitted and confirmed by the ARC
  • Battery test — panel battery under load; capacity must be confirmed adequate for required standby time (Grade 2: 12 hours; Grade 3: 30 hours)
  • Service report — a written or electronic report must be produced at every visit, signed by the engineer and customer, and retained by the installer
  • Anti-masking test — cover each PIR lens and confirm the system generates the correct response (fault or alarm depending on grade)
  • Exit/entry timing — verify entry and exit delays are still correctly programmed
  • User code security — confirm that factory default codes have not been reintroduced; check that engineer codes are different from user codes
  • Defect notification — any defect found during the inspection that cannot be rectified on the visit must be documented and a recommendation made in writing to the customer
  • Insurance certificate — some insurers require an annual maintenance certificate to be issued; check customer's insurance requirements
  • Battery replacement — low or failed batteries must be replaced at the visit, not deferred; carry common battery types (PP3 9V, AA, CR123A)
  • Callout response — most maintenance contracts include a callout response target; NSI CoP typically requires response within 4–24 hours depending on grade and contract level

Quick Reference Table

Spending too long on quotes? squote turns a 2-minute voice recording into a professional quote.

Try squote free →
Grade Inspections per Year Notice to ARC Required? Battery Standby Test All Devices Tested?
1 1 Yes 12-hour capacity Yes
2 1 (minimum) Yes 12-hour capacity Yes
3 2 Yes 30-hour capacity Yes
4 2 Yes 60-hour capacity Yes
Test Item Method Pass Criteria
PIR detector Walk test (hand wave at curtains) Zone activates; LED flashes
Door/window contact Open contact; check magnet separation Zone activates on open
Shock/vibration detector Strike surface Zone activates within 3 seconds
External sounder Full set activation test Correct tone, rated volume
Internal sounder Activation test Correct tone
Strobe Activation test Flash rate within spec
Panic/hold-up Activate PA zone Correct response at panel and ARC
ARC communication Send test signal ARC confirms receipt of test
Panel battery Disconnect mains; measure voltage under load Voltage above minimum after full standby period (or calculate from capacity)
Anti-masking Cover PIR lens Panel shows expected response
Tamper circuits Open each device case Tamper alarm generated

Detailed Guidance

What the NSI Code of Practice Requires

NSI Code of Practice NCP 109 (intruder alarm systems) and the equivalent SSAIB code set out detailed maintenance requirements. Key provisions:

Contract documentation: The maintenance contract must specify:

  • System address and description
  • Grade of system
  • Inspection frequency
  • Scope of inspection
  • Callout response commitment
  • What is included/excluded (e.g., battery replacement, broken detector covers)
  • Notice period for cancellation

Inspection frequency: Grade 2 systems require a minimum of one inspection per 12-month period. Many commercial customers with Grade 2 systems opt for bi-annual inspections for greater assurance — this should be discussed at quote stage.

Grade 3 mandatory bi-annual: Two inspections are mandatory. The second inspection must not be skipped even if no faults were found at the first. Both inspections must achieve the same test scope.

Advance ARC notification: Before testing a monitored system, contact the ARC to suppress automatic response during the test period. Failure to do so can result in unnecessary police dispatch (a URN warning) and unnecessary keyholder callouts. ARC notification is typically:

  1. Call ARC test number with account number and engineer ID
  2. Open panel (which will generate panel tamper)
  3. Conduct all tests
  4. Call ARC again to confirm testing complete

The ARC will typically hold the response for 30–60 minutes; ensure your inspection can be completed within this window.

Full Inspection Procedure

Preparation:

  1. Notify ARC — get ARC reference number for test notification
  2. Notify keyholder — confirm who is responsible for the premises during the visit
  3. Review previous service report — note any outstanding items from last visit
  4. Check panel log — review event history since last inspection; note any unusual events (false alarms, tampers, communication faults)

Visual inspection:

  • Check all device mountings — secure, undamaged, no signs of tampering
  • Check cable entries — no exposed conductors, strain relief intact
  • Check external sounder — cover secure, no corrosion, battery backup intact (on self-powered sounders)
  • Check panel — no physical damage, correct fuse ratings, connections secure

Functional testing:

  • Walk test all detectors in walk test mode
  • Verify each zone activates the correct panel zone indicator
  • Test each sounder and strobe in alarm
  • Test each keypad — all functions, exit/entry timing, panic/PA if fitted
  • Test anti-masking on each PIR
  • Test each tamper circuit individually
  • Test battery: disconnect mains, measure terminal voltage, verify voltage after a representative load period (or calculate from measured capacity using a battery test device)
  • Test ARC communication: transmit test alarm and confirm with ARC operator; test restore signal

Documentation:

  • Complete service report for every item tested (pass/fail or acceptable/unacceptable)
  • Record any defects found; note action taken (rectified on visit, or quoted for return visit)
  • Engineer signature
  • Customer or keyholder signature confirming testing completed
  • Leave copy with customer; retain copy in file

Handling Defects Found During Maintenance

Not all defects can be rectified in a single maintenance visit. Common issues requiring return visits:

  • Failed external sounder (requires replacement siren and parts)
  • Panel battery requiring replacement (if not carried on van)
  • Zone with persistent fault tracing to broken cable in wall
  • Detector requiring replacement (damaged by building work)

For each defect that cannot be rectified:

  1. Document clearly on the service report — device location, nature of fault, recommended action
  2. Advise the customer in writing (email follow-up within 24 hours) with a quoted cost and urgency rating
  3. For Grade 3 systems, defects affecting the system's grade must be notified to the ARC (who may need to note the system's status)
  4. Do not issue an annual compliance certificate or maintenance completion sign-off if significant defects remain outstanding

Isolating faulty zones: If a zone is persistently faulty and cannot be repaired at the visit, isolate it from the panel and document the isolation. The customer must understand that the isolated zone provides no protection until repaired. This must be reflected in the service report.

Maintenance Contract Types

Basic maintenance: Annual inspection only; callouts charged at an hourly rate; parts charged separately.

Full maintenance (parts and labour): Annual inspection plus all callouts and parts included within the contract; premium pricing; preferred by commercial customers who want cost certainty.

Enhanced maintenance: Bi-annual inspection, priority callout response (4-hour), parts and labour included; appropriate for Grade 3 and above.

Remote monitoring maintenance: Some modern systems allow partial remote monitoring — the ARC can detect certain faults (low battery, communication failure, detector fault) without a physical visit; this supplements but does not replace the physical inspection.

When a Maintenance Contract Cannot Be Issued

If a system is found during inspection to be fundamentally non-compliant (e.g., not installed to BS EN 50131, missing anti-masking, incorrect grade components), the installer cannot issue a maintenance certificate confirming compliance.

Options:

  1. Upgrade the system to compliance and then maintain
  2. Issue a maintenance report that documents the non-compliant aspects, maintains the functioning parts, and recommends upgrade
  3. Decline to maintain a system that cannot be made safe without significant remediation

Do not certify a system as compliant when it is not. This is both professionally inappropriate and creates significant liability if the system fails to detect an intrusion.

Frequently Asked Questions

What happens to the police URN if a maintenance contract lapses?

The URN remains in place but the system's approved status lapses. The ARC should be notified that the maintenance contract has expired, and some ARCs will place a note on the account. If the police visit for an alarm and find the system is no longer maintained by an approved company, they may flag this to the local NPCC coordinator. Extended lapse without reinstatement can lead to URN withdrawal, though this is typically after a review process. Insurers may have a more immediate consequence — a claim during a lapsed contract period could be rejected if the policy required maintained status.

Can a customer maintain their own alarm system?

Legally, there is no law preventing a customer from self-maintaining their own alarm system. However, a self-maintained system cannot be certified as NSI/SSAIB compliant, will not qualify for a police URN, and may not satisfy insurance conditions. For simple Grade 1 systems in non-critical applications, self-maintenance may be acceptable — but this should be discussed with the customer honestly, and the potential implications for insurance should be flagged.

How long should maintenance records be retained?

NSI codes of practice and general business practice suggest retaining service records for at least 6 years. This protects the installer in the event of a dispute or claim arising from an incident where the system failed to activate. Records should include: commissioning certificate, all service reports, any written correspondence about defects, and any ARC test confirmations.

What is the difference between a maintenance visit and a callout?

A maintenance visit is a scheduled, planned inspection forming part of the maintenance contract. A callout is an unscheduled visit in response to a fault, false alarm, or customer request. Both should generate a service report. Callouts are billed separately unless the contract includes them (full maintenance contracts). Callout response targets vary: NSI enhanced service typically commits to a 4-hour response for Grade 3 systems; basic contracts may allow 24–48 hours.

Should I recommend bi-annual inspections to domestic Grade 2 customers?

Yes, in higher-risk properties or where the customer has had a previous incident. Commercially, bi-annual visits double the maintenance revenue. Practically, bi-annual visits allow you to identify battery degradation earlier (important for wireless systems) and catch developing faults before they cause system failure. Domestic customers who travel frequently or have valuable contents should be advised that bi-annual is more appropriate than annual.

Regulations & Standards

  • BS EN 50131-1:2006+A3:2022 — general requirements; inspection and maintenance requirements referenced by grade

  • PD 6662:2017 — UK application document; maintenance requirements by grade; minimum inspection frequencies

  • NSI NCP 109 — NSI Code of Practice for intruder alarm systems; full maintenance requirements

  • SSAIB Code of Practice — equivalent SSAIB maintenance requirements

  • NPCC Security Systems Policy — maintenance requirements for systems holding a police URN

  • BS EN 50518:2019 — ARC standard; ARC notification requirements during maintenance testing

  • NSI Codes of Practice — NCP 109 and associated maintenance guidance

  • SSAIB Installation and Maintenance Standards — SSAIB maintenance requirements documentation

  • BSIA Security System Maintenance Guidance — BSIA maintenance recommendations

  • NPCC Security Systems Policy — Police response and URN maintenance requirements

  • PD 6662:2017 — UK application document for BS EN 50131

  • security system commissioning — Commissioning as the starting point for the maintenance record

  • intruder alarm grades — Grade requirements that determine inspection frequency

  • alarm receiving centre arc — ARC notification during maintenance testing

  • wireless alarm systems — Battery management within wireless system maintenance

  • nsi ssaib approval guide — Overview of NSI/SSAIB scheme requirements including maintenance