ANSI/ASIS SPC.1-2009 Organizational Resilience Standard Adopted by the DHS in PS-Prep

The ANSI/ASIS SPC.1-2009 Organizational Resilience: Security, Preparedness, and Continuity Management Systems—Requirements with Guidance for Use Standard has been selected for inclusion in the DHS PS-Prep, a voluntary program designed to improve private sector resilience and preparedness in an all hazards environment.

What this means to your organization:

The ANSI/ASIS Organizational Resilience Standard offers a business-friendly, globally tested and proven method, based on the ISO management system standard model, for organizations to improve their resilience and preparedness performance. Implementing the ANSI/ASIS Organizational Resilience Standard positions your organization for the upcoming ISO standards for Organizational Resilience, as well as the ISO Business Continuity Management standard.

The ANSI/ASIS Organizational Resilience Standard is unique to other preparedness standards in that:

1. It is the only preparedness standard that takes an enterprise-wide view of risk management, enabling an organization to develop a comprehensive strategy to prevent when possible, prepare for, mitigate, respond to, and recover from a disruptive incident. This allows seamless integration with the new ISO 31000 Risk Management standard for a comprehensive risk management program.
2. It is also the only preparedness standard that is 100% compatible with existing ISO management system standards (such as ISO 9001, ISO 14001, ISO 27001 and ISO 28000), thus enabling a cost-saving integrated application. By implementing the ASIS Standard, organizations can satisfy both ISO 28000 and BS 25999 requirements.

"In light of the recent events in the Gulf, the importance of resilience cannot be understated," says ASIS President Joseph R. (Bob) Granger, CPP. "Preparing for, responding to and recovering from a disruption is not enough; organizations need to be able to assess the potential for a disruption and minimize the likelihood. They also need to adapt to an ever-changing environment. This standard provides organizations with a flexible tool to tailor resilience and preparedness to meet their business needs. Regardless of a business's decision to participate in the PS-Prep, it can use the ASIS Organizational Resilience Standard to better manage its risks."
 

Points to Consider about the ANSI/ASIS Organizational
Resilience Standard:

• Provides a cost-effective approach to managing risks of disruption by providing a balanced framework for the minimization of both the likelihood and consequences of disruptive events.
• Aligns with the way successful businesses manage risk by looking at the entire risk profile. The standard focuses on the holistic resiliency of the organization, not just business continuity management and emergency management. By emphasizing incident prevention and management, the ASIS Standard helps organizations anticipate and avoid problems before they develop.
• Emphasizes a balance of adaptive, proactive, and reactive strategies for making organizations resilient based on their risk profile and business environment in which they operate.
• Can be used for first, second, and third-party verification. Organizations can use the standard to improve resilience and preparedness performance, as well as demonstrate to customers, clients, and supply chain partners that the company has a robust resilience program.
• Applicable to organizations of all types and sizes, from public to private, small to multinational, in manufacturing, service, storage or transportation. In addition, the standard has been developed simultaneously in countries on four continents.
• Is aligned with the new ISO 31000:2009 - Risk Management which allows an organization to better integrate preparedness into its overall risk management strategy.