Rothstein Associates Inc. Business Survival ™ Weblog

ASIS International’s American National Standard for Organizational Resilience has been adopted as a national standard in the Netherlands. The ANSI/ASIS SPC.1-2009 American National Standard, “Organizational Resilience: Security, Preparedness and Continuity Management Systems–Requirements with Guidance for Use,” was published as a Dutch National Standard (NEN 7131) by the Netherlands Standardization Institute in January 2010. This follows the publication as a Danish National Standard (DS 3001) in September 2009 by Danish Standards.
Read the rest of this entry »

ISO 27005, issued in 2008, filled a noticeable gap in the ISO 27000 series of standards. The standard is officially titled ISO/IEC 27005.2008, “Information technology — Security techniques — Information security risk management.”

Read the rest of this entry »

Two months after its debut, reviewers pretty much agree that ISO 31000 lives up to its billing as a good generic, process-oriented risk management framework that addresses myriad forms of risk across many industries. The question is, do you need it?

Read the rest of this entry »

This article summarizes standards for business continuity over the past decade.

Read the rest of this entry »

BS 25999‐2 (Part 2 ‐ the Specification) was issued in November 2007. Since that time many organizations have been certified and UKAS (the United Kingdom Accreditation Service) has been assessing the audits undertaken by certification bodies as part of its process towards accrediting these bodies in respect of BS 25999.

Read the rest of this entry »

Over the last few months, DRI (Disaster Recovery Institute International) has spent a lot of time spreading a message of caution with regard to organizational certification.

Read the rest of this entry »

CSB Releases New Safety Video, “Inferno: Dust Explosion at Imperial Sugar”

The U.S. Chemical Safety Board (CSB) has released a new nine-minute safety video on the combustible dust explosion at the Imperial Sugar refinery in Port Wentworth, Georgia, which claimed the lives of 14 workers, injured 36, and caused extensive property damage on February 7, 2008.
Read the rest of this entry »

On Oct. 27, 2009, the National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) Computer Security Division (CSD) published Special Publication (SP) 800-34 Revision (Rev) 1, “DRAFT Contingency Planning Guide for Federal Information Systems” and requested comments from readers by Jan. 6, 2010.

Read the rest of this entry »

BS 25999 is a business continuity management standard developed by British Standards Institution and is used by businesses globally. The U.S. Department of Homeland Security (DHS) has announced its intent to adopt BS 25999 (which comes in two parts) on a trial basis as one of three standards for use in the Voluntary Private Sector Preparedness Accreditation and Certification Program (PS-Prep).

Read the rest of this entry »

A word of advice before applying for BS25999-2 certification

Read the rest of this entry »

Standards New Zealand is asking for public comments to be made about the draft Australian and New Zealand business continuity management standard,  AS/NZS 5050:2009 parts 1-3.

Read the rest of this entry »