Skip Navigation LinksASIS International / News / Press Room / Press Releases / 2014 / ASIS Releases Auditing Management Systems: Risk, Resilience, Security, and Continuity—Guidance for Application American National Standard

​1625 Prince Street
Alexandria, VA 22314-2818
USA
+1.703.519.6200
Fax: +1.703.519.6299
Contact Us  

Michael J. Stack

Chief Executive Officer

News Release

ASIS Releases Auditing Management Systems: Risk, Resilience, Security, and Continuity—Guidance for Application American National Standard

Alexandria, Va. 2014-06-04

ASIS International has released a new standard that provides guidance for establishing and managing an audit program, as well as conducting individual audits consistent with the ISO 19011 and ISO/IEC 17021 standards. ASIS, the leading organization for security professionals worldwide, is an ANSI Accredited Standards Developer.

The latest in the five part series of ASIS resilience standards that offer a holistic, business friendly approach to risk and resilience management, the Auditing Management Systems: Risk, Resilience, Security, and Continuity—Guidance for Application American National Standard (SPC 2) will help practitioners evaluate risk and resilience-based management systems, establish and manage an audit program, conduct individual audits, and identify competence criteria for auditors who conduct conformity assessments of management risk and reliance-based management systems. View the Executive Summary.

“The credibility of any audit program, be it security, crisis, or continuity management, depends on a defined process using competent auditors,” says Dr. Marc H. Siegel, commissioner of the ASIS Global Standards Initiative. “The SPC.2 standard provides a step-by-step process for establishing an audit program and conducting individual audits. It will enable organizations to evaluate their performance and identify opportunities for improvement.”

Applicable to both private and public sector organizations, the Standard provides generic concepts of auditing a risk and resilience-based management system. Organizations should adapt this guidance to fit the specific needs, size, nature and level of maturity of their risk and resilience based management system.

Interested in learning more about this Standard?

Management System Auditing – Being Relaxed When the Auditor Arrives
Wednesday, October 1 at ASIS 2014 in Atlanta


Description: ASIS published management system standards on Organization Resilience and Private Security Service Providers. Auditor competency, which includes detailed knowledge of management system processes, as well as risk evaluation processes, are required by both these standards. This session will explore the fundamentals of planning, conducting, and documenting the audit process. Additionally the presenters will explore the continual improvement process and the role of audits in the process.

# # #
​ASIS International is the leading organization for security professionals, with more than 38,000 members worldwide. Founded in 1955, ASIS is dedicated to increasing the effectiveness and productivity of security professionals by developing educational programs and materials that address broad security interests, such as the ASIS Annual Seminar and Exhibits, as well as specific security topics. ASIS also advocates the role and value of the security management profession to business, the media, government entities and the public. By providing members and the security community with access to a full range of programs and services, and by publishing the industry’s No. 1 magazine—Security Management—ASIS leads the way for advanced and improved security performance.