JCQ regulations state that it is the responsibility of the head of centre to ensure that his/her centre has in place:
'...a written examination contingency plan which covers all aspects of examination administration. This will allow members of the senior leadership team to act immediately in the event of an emergency or where the head of centre, examinations officer or SENCo is absent at a critical stage of the examination cycle. The examination contingency plan should reinforce procedures in the event of the centre being unavailable for examinations, or on results day, owing to an unforeseen emergency. The potential impact of a cyber-attack should also be considered.'
The absence of the exams officer
JCQ requires centres to have contingency plans in place in the event of the absence of their exams officer at critical stages of the exam cycle - namely entry submission, preparing for exams, exam time, results day(s) and post-results.
Exam contingency planning - Covering the absence of your exams officer
The NAEO suggests the following measures as part of a centre's contingency plan:
Online calendar
Ask your exams officer to complete the online calendar contained within The Exams Office Hub with the tasks they will be undertaking. This should be completed one month in advance to allow colleagues to view upcoming tasks.
Information should also include links to support materials and deadlines.
As senior leader/line manager, you should have a login to The Exams Office Hub - preferably the second centre administrator - to enable you to access all documents, online tools and the latest stakeholder information.
Exams Manual
Ask your exams officer to maintain all key documents within their Exams Manual.
The Exams Manual is sent to all centres (with a membership to The Exams Office) on a biennial basis, and requires an exams officer to retain the following information for contingency and succession planning and JCQ inspection purposes:
- General information – e.g. key dates; awarding body contact details; MIS provider guides/information etc.
- Key documents – templates/forms, guides, checklists etc as used within your centre each academic term
- Compliance – records of inspection reports
- Policies – a repository for exams-related policies/procedures
- Invigilation – a record of training given to invigilators and copies of certificates
- Professional Development – a record of professional development activities undertaken/events attended by the exams officer/exams office staff
The centre is unavailable for examinations or on results day(s)
It is the responsibility of the senior leadership team to ensure that an alternative site is available in the event that their centre is unavailable for examinations or for the dissemination of results. This is a JCQ requirement and is one of the areas which an inspector may focus upon during a general inspection.
An article written by the NAEO provides advice and guidance on finding an alternative venue.
Exam contingency planning - Finding an alternative venue
The impact of a cyber attack
Joint Council for Qualifications
In November 2023, JCQ published Guidance for centres on cyber security which should be adhered to by all staff engaged in the management, administration and conducting of examinations.
Senior leaders should ensure that all staff follow the best practice outlined in this guidance:
- Create strong unique passwords
- Keep all account details secret
- Enable additional security settings wherever possible
- Update any passwords that may have been exposed
- Set up secure account recovery options
- Review and manage connected applications
- Stay alert for all types of social engineering/phishing attempts
- Monitor accounts and review account access regularly
Senior leaders should ensure that they stay informed about the latest security threats and trends in account security and educate staff on how to identify phishing attempts, secure devices and protect systems and data.
The National Cyber Security Centre (NCSC)
The NCSC provides the excellent and comprehensive cyber security advice and guidance for schools/colleges which senior leaders should ensure is being observed for any IT systems used within a centre, particularly those where learner information, learner work or assessment records are held.
In addition to the areas covered by JCQ guidance, other topics covered by the NCSC training and guidance include:
- Establishing a robust password policy
- Enabling multi-factor authentication (MFA)
- Keeping software and systems up to date
- Implementing network security measures
- Conducting regular data backups
- Educating employees on security awareness
- Developing and testing an incident response plan
- Regularly assessing and auditing security controls
If centres experience a cyber attack which impacts any learner data, assessment records or learner work, contact with their awarding body should be made immediately for advice and support.
Educating employees on security awareness
During the 2024/2025 academic year, the NAEO, in partnership with The Learning and Skills Office, will be launching an online, certificated, cyber security training and assessment programme.
Senior leaders will be able to register centre staff for this annual online training.
A student version of this training will be launched during 2025.
Resilience and Contingency Arrangements Checklist
Resilience and contingency arrangements checklist template
This checklist has been produced to support senior leaders in meeting the requirements relating to resilience and contingency measures as set in sections 3.16-3.19 of the JCQ General Regulations for Approved Centres publication.
The head of centre/senior leader with overall responsibility for examinations/assessments should confirm completion of/adherence to each area within the checklist.
Although an exams officer may support with the compliance of these resilience and contingency measures, it is the responsibility of the head of centre/senior leader with overall responsibility to ensure that their centre is complying with these JCQ regulations and that measures are reviewed and updated on an annual basis.
How to complete the checklist
- Record the names and/or job titles of those staff with responsibility for/involved in a particular area/process
- Confirm in the relevant section when a requirement is met
- Record notes (as applicable), for example, to describe how a process works or to insert a link to relevant other documentation or further information