Resilience Standards

ASIS is developing a series of ANSI resilience standards to address the risks of disruptive events. Using a balance of adaptive, proactive, and reactive strategies, these five activities offer a holistic, business-friendly approach to risk and resilience management.


Organizational Resilience: Security Preparedness and Continuity Management Systems - Requirements with Guidance for Use (2009) - SPC.1
Adopted by the U.S. Department of Homeland Security Private Sector Preparedness Program (PS-Prep)

Provides a framework for businesses to assess the risks of disruptive events, develop a proactive strategy for prevention, response, and recovery, establish performance criteria, and evaluate opportunities for improvement.

Full description of SPC.1.


Auditing Management System for Security, Preparedness and Continuity Management with Guidance for Application (2014) - SPC.2

Emphasizes the importance of audits as a management tool for monitoring and verifying the effective implementation of an organization's policy. refers to the systematic, objective activities performed to evaluate management system performance for security, preparedness, and continuity management. 

Organizational Resilience Maturity Model—Phased Implementation (2012) - SPC.4

Describes a maturity model for phased implementation of the ANSI/ASIS Organizational Resilience Standard as a series of steps to help organizations evaluate where they currently are with regard to resilience management and preparedness, set goals for where they want to go, benchmark where they are relative to those goals, and plot a business sensible path forward.

Full description of SPC.4.

Under Development

Resilience in the Supply Chain (201x) - SPC.3

Complements the ANSI/ASIS Organizational Resilience Standard by providing a framework for evaluating the internal and external context o the organization with regard to its supply chain enabling it to develop comprehensive, balanced strategy reduces the likelihood and consequences of a disruptive event. It also offers auditable criteria to prevent, prepare for, respond to, and recover from a disruptive event.
Latest developments.

Community Resilience: Guidance on Capacity Building and Public-Private Partnerships (201x) - SPC.5

Provides guidance to facilitate capacity sharing to enhance resilience through public-private partnerships between individuals, organizations, and communities. Using the Plan-Do-Check-Act model, it will address community risk and resilience management through capacity identification, assessment, and sharing in order to help communities better prevent, prepare for, respond to and recover from disruptions.
Latest developments.