ASIS International today released its Organizational Resilience Maturity Model American National Standard, which provides guidance for the implementation of the ANSI/ASIS SPC.1-2009 organizational resilience (OR) standard in six phases, ranging from an unplanned approach, to managing events, to going beyond the requirements of the OR standard and creating a holistic environment for resilience management. By adopting a phased implementation process, organizations can determine how much risk is acceptable and how to cost-effectively manage the uncertainty in achieving its objectives.
“The maturity model approach assumes that the driving force for pursuing the implementation of the OR standard is to establish a management system for the continual improvement of resilience performance,” says Dr. Marc Siegel, Commissioner, ASIS International Global Standards Initiative and Chairman of the Technical Committee. “Building the management system in a phased approach and achieving benchmarks of maturity, provides the organization with link between costs and value added.”
The maturity model helps organizations achieve the benefits of resilience management by “phasing in” a system tied to their specific business needs and economic realities. The maturity model enhances an organization’s capacity to manage risk and resilience by avoiding, accepting, removing the source, changing the likelihood, changing the consequences, and sharing and/or retaining the risk. The tools in the standard help organizations phase in a management system timed to their business needs and economic realities. The approach can be used by any organization, regardless of whether they will eventually make a business decision to seek first, second, or third-party validation of their conformance with the requirements of the ANSI/ASIS.SPC.1-2009 OR Standard.
“Success breeds success. Organizations can use the standard as a basis for a recognition program to evaluate their level of performance and to drive continual improvement. The maturity model approach was piloted by the Tsogo Sun Group in preparation for the 2010 FIFA World Cup Tournament and demonstrated its value in improving the resiliency of the hospitality group before this international sporting event” says Dr. Siegel.
The ASIS/ANSI Organizational Resilience Maturity Model Standard can be integrated with quality, safety, environmental, information security, risk, and other management systems. Organizations that have adopted a management system (e.g., according to ISO 9001:2000, ISO 14001:2004, ISO 28000:2005, and/or ISO/IEC 27001:2005) can use this Standard in conjunction with their existing management systems.
All ASIS Standards and Guidelines are available through the ASIS website, www.asisonline.org. The work of preparing ASIS Standards and Guidelines is carried out through the ASIS International Standards and Guidelines Commission and its committees. An ANSI accredited Standards Development Organization, ASIS actively participates in the International Organization for Standardization, developing standards and guidelines within a voluntary, nonproprietary and consensus-based process, utilizing the knowledge, experience and expertise of ASIS membership, security professionals and the global security industry. View a list of all Standards and Guidelines currently under development.