DHS Adopts ASIS National Organizational Resilience Standard

The Department of Homeland Security has announced the adoption of the ASIS American National Standard for Organizational Resilience for the DHS’s Private Sector Preparedness (PS-Prep) Program.

The ANSI/ASIS SPC.1-2009 Standard, titled “Organizational Resilience: Security, Preparedness and Continuity Management Systems -- Requirements with Guidance for Use,” provides a holistic approach to cost-effectively improve any organization’s resilience and preparedness performance.

ANSI/ASIS SPC.1-2009, also known as the ASIS Organizational Resilience Standard, is the only standard that helps an organization design a balanced system to reduce the likelihood and minimize the consequences of disruptive events.

It provides a framework for businesses to assess the risks of disruptive events, develop a proactive strategy for prevention, response and recovery, establish performance criteria, and evaluate opportunities for improvement. It empowers an organization to implement an organizational resilience management system appropriate to its needs and those of its stakeholders. The standard can be used by any organization wishing to enhance its resilience and preparedness, as well as seek certification recognized by PS-Prep.

“In light of the recent events in the Gulf, the importance of resilience cannot be understated,” said ASIS International President Joseph R. (Bob) Granger, CPP. “Preparing for, responding to and recovering from a disruption is not enough. Organizations need to be able to assess the potential for a disruption and minimize the likelihood. They also need to adapt to an ever-changing environment.”

“This standard provides organizations with a flexible tool they can use to tailor their resilience and preparedness needs to meet their business needs,” Granger said. “ASIS International is proud that the DHS has selected this standard to help businesses effectively address potential disruptions.”

One of only three preparedness standards included in PS-Prep, the ASIS standard takes an enterprise-wide view of risk management, enabling an organization to develop a comprehensive strategy to prevent when possible, prepare for, mitigate, respond to, and recover from a disruptive incident. It is the only American National Standard in the PS-Prep program that is 100 percent compatible with existing ISO management system standards, enabling a cost-saving integrated application with other internationally recognized ISO management system standards.

The importance of the ANSI/ASIS SPC.1-2009 was recently validated by ISO’s decision to develop an international standard for Organizational Resilience.

The ASIS standard is applicable to all sizes and types of organizations, from public to private, small to multinational, in manufacturing, service, storage or transportation, that want to:

  • Create a balanced strategy for both likelihood and consequence reduction for incident prevention and management.
  • Establish, implement, maintain and improve an organizational resilience management system.
  • Demonstrate resiliency and continuity for supply chain and contractual agreements.
  • Assure conformance with stated organizational resilience management policy.
  • Implement a maturity model approach to cost-effectively enhance resilience performance.
  • Make a self-determination and self-declaration of conformance with ANSI/ASIS SPC.1-2009.
  • Seek certification/registration of its organizational resilience management system by an accredited third-party certification body.
  • Leverage an existing investment in other ISO management system standards (e.g. ISO 9001, ISO 14001, ISO 27001, ISO 28000) to improve security, preparedness and continuity performance.
  • Integrate plans for managing the risks of disruptive events into their enterprise-wide risk management programs, consistent with the ISO 31000 for risk management.

“By adopting the ANSI/ASIS Organizational Resilience Standard, PS-Prep offers organizations a business-friendly, globally tested and proven method based on the ISO management system standard model, to improve their resilience and preparedness performance,” said Mark Geraci, CPP, chairman of the ASIS Commission on Standards and Guidelines.

As a complement to this effort, ASIS is offering a two-and-a-half-day class on Organizational Resilience: Implementing and Auditing the ANSI/ASIS American National Standard. Attendees will learn to implement the ANSI/ASIS standard, identify necessary steps to establish and maintain an organizational resilience management system, understand the conduct of risk assessments and impact analysis to support decision making for resilience, and establish an effective internal auditing program to evaluate and improve performance.

ASIS Standards and Guidelines are developed through a consensus standards-development process which seeks to advance security and resilience practices. This process brings together volunteers and/or seeks out the views of people who have an interest in the topic covered. This standard is available through the ASIS website, http://www.asisonline.org.

Featured

  • Progressing in Capabilities

    Progressing in Capabilities

    Hazardous areas within industries like oil and gas, manufacturing, agriculture and the like, have long-sought reliable video surveillance cameras and equipment that can operate safely in these harsh and unpredictable environments. Read Now

  • A Comprehensive Nationwide Solution

    A Comprehensive Nationwide Solution

    Across the United States, manufacturing facilities, distribution centers, truck yards, parking lots and car dealerships all have a common concern. They are targets for catalytic converters. In nearly every region, cases of catalytic converter thefts have skyrocketed. Read Now

  • Planning for Your Perimeter

    Planning for Your Perimeter

    The perimeter is an organization’s first line of defense and a critical element of any security and surveillance program. Even if a building’s interior or exterior security is strong, without a solid perimeter surveillance approach any company or business is vulnerable. Read Now

  • The Key Issue

    The Key Issue

    It is February 2014. A woman is getting ready in her room on a cruise ship when she hears a knock on the door; it is a crewmember delivering breakfast. She is not presentable so she tells him to leave it by the door. Read Now

Featured Cybersecurity

New Products

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

  • SecureAuth

    SecureAuth

    The acceleration of digital transformation initiatives as a result of COVID-19 has created a lasting impact on how businesses empower their workforce and engage customers. 3

  • PDK IO Access Control Software

    PDK.IO Access Control Software

    ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3