Standard Adopted by Department of Homeland Security
The U.S. Department of Homeland Security has announced the adoption of the ASIS American National Standard for Organizational Resilience for the DHS’s Private Sector Preparedness (PS-Prep) Program. The ANSI/ASIS SPC.1-2009 Standard, titled “Organizational Resilience: Security, Preparedness and Continuity Management Systems—Requirements with Guidance for Use,” provides a holistic approach to cost-effectively improve any organization’s resilience and preparedness performance.
ANSI/ASIS SPC.1-2009, also known as the ASIS Organizational Resilience Standard, helps an organization design a balanced system to reduce the likelihood and minimize the consequences of disruptive events. It provides a framework for businesses to assess the risks of disruptive events, develop a proactive strategy for prevention, response and recovery, establish performance criteria, and evaluate opportunities for improvement. It empowers an organization to implement an organizational resilience management system appropriate to its needs and those of its stakeholders. The standard can be used by any organization wishing to enhance its resilience and preparedness, as well as seek certification recognized by PS-Prep.
“In light of the recent events in the Gulf, the importance of resilience cannot be understated,” says ASIS International President Joseph R. (Bob) Granger, CPP. “Preparing for, responding to, and recovering from a disruption is not enough. Organizations need to be able to assess the potential for a disruption and minimize the likelihood. They also need to adapt to an ever-changing environment.”
“This standard provides organizations with a flexible tool they can use to tailor their resilience and preparedness needs to meet their business needs,” Granger adds. “ASIS International is proud that the DHS has selected this standard to help businesses effectively address potential disruptions.”
One of only three preparedness standards included in PS-Prep; the ASIS standard takes an enterprise-wide view of risk management, enabling an organization to develop a comprehensive strategy to prevent when possible, prepare for, mitigate, respond to, and recover from a disruptive incident. It is the only American National Standard in the PS-Prep program that is 100% compatible with existing ISO management system standards, enabling a cost-saving integrated application with other internationally recognized ISO management system standards. (The importance of the ANSI/ASIS SPC.1-2009 was recently validated by ISO’s decision to develop an international standard for Organizational Resilience.)
The ASIS standard is applicable to all sizes and types of organizations, from public to private, small to multinational, in manufacturing, service, storage or transportation, that want to:
- Create a balanced strategy for both likelihood and consequence reduction for incident prevention and management.
- Establish, implement, maintain, and improve an organizational resilience management system.
- Demonstrate resiliency and continuity for supply chain and contractual agreements.
- Assure conformance with stated organizational resilience management policy.
- Implement a maturity model approach to enhance resilience performance cost effectively.
- Make a self-determination and self-declaration of conformance with ANSI/ASIS PC.1-2009.
- Seek certification/registration of its organizational resilience management system by an accredited third-party certification body.
- Leverage an existing investment in other ISO management system standards (e.g. ISO 9001, ISO 14001, ISO 27001, ISO 28000) to improve security, preparedness and continuity performance.
Integrate plans for managing the risks of disruptive events into their enterprise-wide risk management programs, consistent with the ISO 31000 for risk management.
“By adopting the ANSI/ASIS Organizational Resilience Standard, PS-Prep offers organizations a business-friendly, globally tested and proven method based on the ISO management system standard model, to improve their resilience and preparedness performance,” says Mark Geraci, CPP, chairman of the ASIS Commission on Standards and Guidelines.