ASIS Releases New ANSI Standard
ASIS International recently released its
Organizational Resilience Maturity Model American National Standard,
which provides guidance for the implementation of the ANSI/ASIS
SPC.1-2009 organizational resilience (OR) standard in six phases,
ranging from an unplanned approach, to managing events, to going beyond
the requirements of the OR standard and creating a holistic environment
for resilience management. By adopting a phased implementation process,
organizations can determine how much risk is acceptable and how to
cost-effectively manage the uncertainty in achieving its objectives.
"The maturity model approach assumes that the driving force for pursuing
the implementation of the OR standard is to establish a management
system for the continual improvement of resilience performance," says
Dr. Marc Siegel, Commissioner, ASIS International Global Standards
Initiative and Chairman of the Technical Committee. "Building the
management system in a phased approach and achieving benchmarks of
maturity, provides the organization with link between costs and value
added."
The maturity model helps organizations achieve the benefits of
resilience management by "phasing in" a system tied to their specific
business needs and economic realities. The maturity model enhances an
organization's capacity to manage risk and resilience by avoiding,
accepting, removing the source, changing the likelihood, changing the
consequences, and sharing and/or retaining the risk. The tools in the
standard help organizations phase in a management system timed to their
business needs and economic realities. The approach can be used by any
organization, regardless of whether they will eventually make a business
decision to seek first, second, or third-party validation of their
conformance with the requirements of the ANSI/ASIS.SPC.1-2009 OR
Standard.
"Success breeds success. Organizations can use the standard as a basis
for a recognition program to evaluate their level of performance and to
drive continual improvement. The maturity model approach was piloted by
the Tsogo Sun Group in preparation for the 2010 FIFA World Cup
Tournament and demonstrated its value in improving the resiliency of the
hospitality group before this international sporting event" says Dr.
Siegel.
The ASIS/ANSI Organizational Resilience Maturity Model Standard can be
integrated with quality, safety, environmental, information security,
risk, and other management systems. Organizations that have adopted a
management system (e.g., according to ISO 9001:2000, ISO 14001:2004, ISO
28000:2005, and/or ISO/IEC 27001:2005) can use this Standard in
conjunction with their existing management systems.
All ASIS Standards and Guidelines are available through the ASIS
website, www.asisonline.org.
The work of preparing ASIS Standards and Guidelines is carried out
through the ASIS International Standards and Guidelines Commission and
its committees. An ANSI accredited Standards Development Organization,
ASIS actively participates in the International Organization for
Standardization, developing standards and guidelines within a voluntary,
nonproprietary and consensus-based process, utilizing the knowledge,
experience and expertise of ASIS membership, security professionals and
the global security industry.