Standard for Security Management
If you intend to implement a formal quality system for Security Management, look no further. This is what you need.
Be in control
Are you in control? Have you prioritized your objectives for Security and are they in support of the Strategy and Policy Objectives of your organisation? Do you know the Security needs of your Stakeholders, all requirements from laws and regulations and the threats and risks your organisation is facing? Are you in touch with the Board, are they accountable for Security and are your responsibilities clear and endorsed?
If that’s the case you have done a great job! You’re in Control, and the Board and organisation can rely on your professional judgement and management skills. Are you in doubt or hesitant to answer these questions, then it may be wise to read on. It will make your day.
A complex job
Establishing, implementing and operating a professional Security Management System may be a hideous and complex undertaking. Errors are easily made and essentials overlooked. It is often unclear what needs to be achieved with utmost priority and what may wait or be labelled as ‘over the top’.
The USMS Standard
The Universal Security Systems Standard 2017 (in short, the USMS Standard) may be of great help to support and guide you in your daily work. Tasks and outputs for Strategic, Tactical and Operational Security Policies and Objectives are specified.
80 aspects of 20 Security topics with some 300 (Key) Controls are listed for pragmatic and concise development and implementation. Reviewing and auditing with these controls will assist you in raising the maturity levels for Security in your organisation
Fellow managers and Board members will praise you for using common management jargon and for measuring Security performances in transparent indicators. The contribution of Security to business objectives will be recognised throughout the organisation.
The USMS Standard is based on the ISO High Level Structure (HLS) for management systems. This ensures easy application and merging with other management systems such as for: Quality Management (ISO 9001 QMS), Information Security Management (ISO 27001 ISMS) and Business Continuity Management (ISO 22301 BCMS).
Managers are used to think and operate in these ISO management structures and processes. Security Managers and CSOs need to step up to the plate and play the same ballgame: know the rules, speak the language and practice your skills.
The Universal Security Management Systems Standard 2017 provides the requirements and guidance to develop, operate, review and audit your Security Management System. Threat and risk assessments, and Security objectives are placed in the PDCA cycle. You should use it to improve your Security and state compliance to relevant stakeholders.
The USMS Standard has been developed by experienced and dedicated Security professionals in The Netherlands. It is now up to you to put it into practice and make it work. Your feedback and comments will be most welcome. They will certainly be acknowledged and incorporated in future editions of the standard.
Get your USMS Standard 2017 at Google.Books or Lulu.com.