ASIS to Develop Business Continuity, Risk Assessment Standards
ASIS International has announced its intent to initiate development of two American National Standards. The business continuity management standard will be based on the ASIS Business Continuity Guideline, and the risk assessment standard will be based on the ASIS General Security Risk Assessment Guideline.
The Business Continuity Management American National Standard, based on the ASIS guideline, will include auditable criteria for preparedness, crisis management, business and operational continuity and disaster management.
The General Security Risk Assessment American National Standard, based on the ASIS guideline, will provide a needed basis for the process involved in the objective analysis of the efficacy of risk management controls that protect an organization's assets. It will address operational risks and not financial risks.
Both American National Standards will use a management systems process approach using the Plan-Do-Check-Act model. Organizations of all types, including those in the global business community, not-for-profit entities, educational institutions, government agencies and more will likely be directly impacted by the standards.
Standards are voluntary criteria, guidelines and best practices used to enhance the quality, performance, reliability and consistency of products, services and/or processes. "In the United States and globally, standards are becoming a major influence on the security scene," said Mark Geraci, chairman of the ASIS Commission on Standards and Guidelines.
"They are seen as one of the major dynamic tools to help nations, communities, societies, organizations and individuals improve their resilience in the face of security threats both natural and man-made," Geraci added.
In 2007, ASIS decided to actively contribute to the process of developing both national and international standards in the security arena by way of its American National Standards Institute (ANSI) Standards Developing Organization status, as well as International Organization for Standardization (ISO) Liaison A status.
Next steps include the formation of ASIS standards committees that will begin the process of developing the American National Standards, as well as letter balloting and ANSI public review. Standards development can take anywhere from a few months to several years, officials said.