BSI has released new strategic and operational guidelines to help organisations of all sizes to manage security.
While existing standards cover specific security topics, such as alarms, CCTV and screening, BSI says that its BS 16000 standard provides a “much needed generic, security management framework”.
It provides the basic principles of security management and describes the essential ingredients of managing security. It includes vocabulary, principles and a framework for anyone involved in security functions within an organization, to use either as a starting point or to review and improve their existing security arrangements.
Anne Hayes Head of Market Development for Governance & Risk at BSI said: “There is no single business that cannot benefit from having a clear view of security and embedding it at a strategic level. As a high-level standard, BS 16000 has a wide range of applications across businesses of all sectors and sizes. The major management systems standards such environment, business continuity, risk and quality all include elements of security so BS 16000 complements these but looks more closely at security management.”
BS 16000 includes guidance on:
- Understanding the organization’s context
- Developing a security framework
- Security risk assessment
- Implementing security solutions
- Implementing the security programme
- Security solutions (including physical, technical, manned, information, procedural, and personnel security solutions)
- Monitoring the security programme
Mike Bluestone, Committee Chairman for BS 16000 said: “This standard brings together the essential aspects of security management in simple, jargon-free language, and is just as relevant to SMEs as larger organizations. BS 16000 includes the fundamental security management principles on which organizations can gain a better understanding of good security practice. It is a gateway to additional, sector specific security standards.”