Security and Resilience in Organizations and Their Supply Chains
(ANSI/ASIS ORM.1-2017; revision, consolidation, redesignation of ASIS SPC.1-2009 and ASIS/BSI BCM.01-2010) recognizes the complex risk landscape facing organizations and their supply chains requires an integrated, comprehensive, and systematic risk-based approach for managing risks to enhance sustainability, survivability, and resilience, as well as identify and pursue opportunities for improvements. This standard emphasizes proactive risk and business management to support a process of prevention, protection, preparedness, readiness, mitigation, response, continuity, and recovery from undesirable and disruptive events. This standard provides a single integrated management system to eliminate “siloing” of risk, enabling an organization to more efficiently anticipate and plan for naturally, accidentally, or intentionally caused events, using a single management system standard.
This new standard replaces two legacy standards included in the CPP reference materials
—Organizational Resilience: Security, Preparedness, and Continuity Management Systems (SPC.1); and Business Continuity Management Systems (BCM).
You may use either the new standard or the legacy standards to study for your CPP exam; however, the content in the ORM.1 is more relevant to the current state of security management and we recommend utilizing it for this reason. Note: This is only an update of a small portion of the study materials; the CPP exam is not changing
The Protection of Assets (POA)
set and a set of ASIS standards and guidelines
comprise the CPP reference material. Available for individual purchase or as a set.