ASIS International has released a new standard that provides guidance for establishing and managing an audit program, as well as conducting individual audits consistent with the ISO 19011 and ISO/IEC 17021 standards. ASIS, the leading organization for security professionals worldwide, is an ANSI Accredited Standards Developer.
The latest in the five part series of ASIS resilience standards that offer a holistic, business friendly approach to risk and resilience management, the Auditing Management Systems: Risk, Resilience, Security, and Continuity—Guidance for Application American National Standard (SPC 2) will help practitioners evaluate risk and resilience-based management systems, establish and manage an audit program, conduct individual audits, and identify competence criteria for auditors who conduct conformity assessments of management risk and reliance-based management systems. View the Executive Summary.
“The credibility of any audit program, be it security, crisis, or continuity management, depends on a defined process using competent auditors,” says Dr. Marc H. Siegel, commissioner of the ASIS Global Standards Initiative. “The SPC.2 standard provides a step-by-step process for establishing an audit program and conducting individual audits. It will enable organizations to evaluate their performance and identify opportunities for improvement.”
Applicable to both private and public sector organizations, the Standard provides generic concepts of auditing a risk and resilience-based management system. Organizations should adapt this guidance to fit the specific needs, size, nature and level of maturity of their risk and resilience based management system.
Interested in learning more about this Standard?
Management System Auditing – Being Relaxed When the Auditor Arrives
Description: ASIS published management system standards on Organization Resilience and Private Security Service Providers. Auditor competency, which includes detailed knowledge of management system processes, as well as risk evaluation processes, are required by both these standards. This session will explore the fundamentals of planning, conducting, and documenting the audit process. Additionally the presenters will explore the continual improvement process and the role of audits in the process.