Accountability for Security with the Universal Security Management Systems Standard 2017
Are you in control?
Is the Board of Directors accountable and in control of security? Should they be, and they are not? If so, this may be worth your while.
Safety and Security
Safety Management Systems have been around for quite some time. Security Risk Management has also developed to a mature state. Now there is the Universal Security Management Systems Standard 2017 to assist you in developing and implementing Security via an international best practice that provides transparency and credibility.
Security Management is stipulated in this Standard as a mature management process that is risk based, stakeholder driven, compliant with laws and regulations, and continually improved with the Plan-Do-Check-Act (PDCA) cycle. Three levels of Security Management are addressed: Strategic, Tactical and Operational. The Standard is applicable for all organisations big or small, commercial or non-profit, and for all sectors of industry.
This Standard was developed with the ISO High Level Structure in mind. This structure is used for several management systems such as ISO 27001 and ISO 22301. The Standard is therefore a easy to use, comprehensive and transparent tool for creating and managing Security. Furthermore, the Standard specifies the requirements that may be used for auditing and the certification of a Security Management System.
Assets and interests
This Standard addresses the protection of all parts, processes, people, sites, objects, infrastructures, networks, systems, tangible and intangible assets and interests of an organisation. It specifies 20 topics and 80 aspects of strategical, tactical, and operational Security Management. It has a listing of some 300 controls to mitigate security risks of which 100 are dedicated ‘key controls’.
The standard includes six annexes with guidance for implementation and use.
This standard was developed by the National Security Advisory Centre (NSAC) and the Saxion University of Applied Science in The Netherlands. A Review Committee with 15 distinguished security professionals from industry, research institutions and appropriate authorities have commented, improved and sanctioned the development of this standard.
5 Selling Points for this Standard
- Transparency and accountability for Security.
- Strategic, Tactical and Operational Security objectives.
- Security is risk based and stakeholder driven.
- Commitment for Security by the Board and all staff.
- Security is measurable and audit-able.