NFPA 72-2025 Changes
Key updates in NFPA 72-2025 that affect fire alarm system design, installation, and service. Each section explains what changed and what it means for technicians in the field.
Note: Adoption timelines vary by jurisdiction. Check with your local AHJ for enforcement dates.
Contents
Cybersecurity Requirements
Chapter 11 (New) · Effective for new installations after January 1, 2026 (adoption varies by AHJ)
What Changed
NFPA 72-2025 adds an entirely new Chapter 11 covering cybersecurity for networked fire alarm and emergency communications systems. Systems connected to IP networks must now have documented cybersecurity plans including access controls, firmware update procedures, network segmentation, and incident response protocols.
What It Means for Technicians
If you install or service networked FACPs (EST4, NFS2-3030 with NFN, 4100ES with network cards), you'll need to work with IT departments on cybersecurity documentation. Default passwords must be changed at commissioning. Remote access connections require encrypted channels (TLS/VPN). This primarily affects larger installations; standalone panels with no network connectivity are exempt.
Smoke Detector Spacing Updates
Chapter 17
What Changed
Updated spacing tables for smoke detectors in corridors and rooms with varying ceiling heights. New provisions for detector placement near HVAC diffusers with specific distance requirements. Clarified requirements for detector placement in rooms with obstructed ceilings (beams deeper than 4 inches).
What It Means for Technicians
Review your detector layout practices for corridors, as the updated tables may allow wider spacing in some configurations or require tighter spacing near HVAC returns. For beam pockets deeper than 4", each pocket may now need its own detector. Use the FACP Manuals detector spacing calculator for quick compliance checks.
Battery Calculation Changes
Chapter 10
What Changed
Revised battery standby and alarm current calculation methodology. New derating factors for temperature extremes. Lithium-ion batteries now explicitly permitted as secondary power with specific installation requirements including thermal management and charge controller specifications.
What It Means for Technicians
Your battery calculations may need updating: the new derating factors for cold environments (<32°F) are more conservative. If you're calculating standby time in unheated spaces, expect to need larger batteries. Li-ion batteries are now a code-compliant option for new installations, which matters for panels in tight spaces where lead-acid weight is an issue.
New Detector Technologies
Chapter 17
What Changed
Added provisions for multi-criteria detectors combining smoke, heat, and CO sensing in a single device. New performance requirements for video-based flame detection systems. Updated requirements for air sampling (aspirating) smoke detection including sampling pipe calculations.
What It Means for Technicians
Multi-criteria detectors (like the FSP-951 series) now have explicit code backing for use in challenging environments. Video flame detection is formally recognized, opening new options for large open areas. For VESDA/aspirating systems, the code now has clearer pipe length and hole sizing requirements.
System Impairment Reporting
Chapter 10
What Changed
New requirements for documenting and reporting system impairments. Systems taken offline for service must now have a formal impairment plan. Remote monitoring stations must be notified within specific timeframes when systems are impaired. Electronic impairment tracking is explicitly permitted.
What It Means for Technicians
When you take a system offline for service, you'll need to document the impairment plan before starting work, not just after. Central stations must be notified at the start and end of impairment. Many monitoring companies already do this, but it's now a code requirement. Digital forms and apps are explicitly acceptable for impairment documentation.
Remote Access & Monitoring
Chapters 10 & 11
What Changed
Formal provisions for remote access to fire alarm systems for diagnostics, programming, and monitoring. Requires encrypted connections, multi-factor authentication for programming access, and audit logging of all remote sessions. Distinguishes between read-only monitoring and write access (programming changes).
What It Means for Technicians
Remote diagnostics via tools like EST's System Controller or Notifier's ONYX portal are now code-recognized. Read-only remote monitoring (checking system status) has lighter requirements than remote programming (which needs MFA and audit trails). This legitimizes practices many technicians already use for remote troubleshooting.