Business Continuity/Disaster Recovery Bookstore Bestsellers

Principles and Practice of Business Continuity
This new book explores the subject of Business Continuity Management: from basic principles to best practices. More...

Disaster Recovery Testing
Untested contingency / recovery plans are of little value. Testing is far more than finding holes in the plan: it confirms the underlying assumptions are workable; it can also be a valuable training tool. More...

Business Continuity and Risk Management
The First Ever College Textbook on Business Continuity and Risk Management — also a great reference source and self-study guide for business continuity practitioners and novices! More...

Facility Emergency Management DVD-based training
Facility Emergency Management is a brand new DVD-based Training Program PLUS a resource CD-ROM intended to help small and medium size organizations create facility action plans and institute emergency procedures in order to protect workers, customers, visitors and the nearby community from the effects of an incident, whether it begins inside or outside the facility. More...

Manufacturing, Distribution Business Continuity
A new Business Continuity template specifically designed for manufacturing or distribution businesses with 1,150+ pages on CD-ROM. More...

Emergency Management Exercises: From Response to Recovery Special
Exercises are a mainstay in the field of emergency management and business continuity planning. Although many companies conduct exercises, and the organizers may be emergency response subject matter experts, they do not excel in the discipline of designing and conducting the actual exercise – which means they simply don’t get the best results out of their effort. More...

Commentary: ASIS BCM Standard

Written by Paul Kirvan on November 3, 2008 in Business Continuity, Disaster Recovery, Standards.

At the recent BCI board of directors meeting in Brighton, England, there was a discussion on BCM standards development activities in Europe, particularly at the ISO level. According to board members who are active in the standards committees, it could be another 18 months or so before we see a definitive global BC standard from the ISO. The BCI board is also keenly aware of the ASIS BCM project and is keeping a close eye on things.

In the discussion we learned that there are currently two publicly available specifications (PAS) in play that could evolve into the ISO standard. The first is PAS 22399 (known as Societal Security), and one of the board members is involved with the committee working on that document.

The second important player is PAS 22301, which is quite new, and is thought to include elements of BS 25999 Part 2 in addition to the well-known Plan-Do-Check-Act (PDCA) process. A similar committee to the one for PAS 22399 is being formed to address PAS 22301.

As noted in the discussion, the two committees will be operating in parallel; work associated with PAS 22301 may be completed before the final work is done on PAS 22399. What happens after that remains to be seen. Curiously, a search of the ISO web site indicated no PAS or other document with the 22301 designation. It must be very recent.

Analysis
It’s very likely that people in this country involved in the ASIS project have current intel regarding the global BC standard development process; otherwise, it would make little sense to go through the effort to supersede NFPA 1600 with a new American national standard. Perhaps the ASIS effort is being made so that Title IX afficionados will have an accepted American standard for certification and audit purposes. We believe you’ll find that people involved with the new ASIS effort will take a very hard look at the British standards, especially BS 25999 and others also in play. This explains the presence of the British Standards Institution (BSI) in the ASIS project team. It may be the underlying ASIS strategy to create an American standard (ahead of the 18-month distant global standard, so we get some bragging rights) that maps closely to the future global standard, thus obviating the need for America to acknowledge and adopt yet another ISO standard (recall ISO 17799/27001 et al) in lieu of its own home-grown one. There are major politics at play here, to be sure.

Paul Kirvan, FBCI, CBCP, CISSP

Member of the Board, The Business Continuity Institute

Note: Any opinions expressed in this blog are the author’s and do not represent the Business Continuity Institute’s position.

Be Sociable, Share!

Tags: Business Continuity Management, Business continuity standards

Would you like to Login to Your Account? You must be logged in to post a comment.

Comments on "Commentary: ASIS BCM Standard"

Sorry, but it seems like there aren't any comments.

Rothstein Associates Inc. Business Survival ™ Weblog

Profile

Global Disaster Alert

Business Survival ™ News

Business Continuity/Disaster Recovery Bookstore Bestsellers

Archives

Affiliates

Commentary: ASIS BCM Standard