DRII Calls for Halt to ASIS BC Standard
The Disaster Recovery Institute International (DRII) has issued a call to its membership and others in the profession to stop the development of a new ASIS business continuity standard (see blog entry dated August 6). Calling for BC professionals to, in effect, “stop the madness” with the continued development of new BC standards, DRII asked people to write to ASIS and even offered several possible messages to send ASIS. Following are excerpts from the message.
“Last October, Disaster Recovery Institute International (DRII) issued a position statement regarding the establishment of a standard for Business Continuity Planning. This was in response to the American Society for Industrial Security (ASIS) attempting push through an unproved and ill-considered standard with the American National Standards Institute (ANSI). We believed that our statement had settled the matter.”
“However, ASIS has filed two notices with the ANSI called “PINS Forms: Standards Action Public Review Requests.” One of these is “BSR/ASIS BCM.01-200x, Business Continuity Management: Preparedness, Crisis Management, and Disaster Recovery”. This proposed standard is being drafted “to include auditable criteria for preparedness, crisis management, business/operational continuity and disaster management using a process approach with the Plan-Do-Check-Act model, as required by Title IX of H.R. 1 and Public Law 110-53 ‘Implementing Recommendations of the 9/11 Commission Act of 2007′”.”
“DRI International strongly opposes this filing. We are asking our colleagues and certified professionals in the field to oppose this effort to create a “Business Continuity Management” standard in an industry already beset with multiple and often confusing standards. The comment period for this “PINS” phase of “BSR/ASIS BCM.01-200x” closes on August 30, 2008.”
“Please send a clear message to ANSI through its designated point of contact, Susan Carioti at scarioti@asisonline.org. We are making every attempt to coordinate this effort and track the comments, which we believe will help in making presentations to ANSI and other appropriate agencies. When you send your e-mail to Ms. Carioti, please send a bcc to standards@drii.org. Your efforts are greatly appreciated.”
Commentary: While it’s true that there are over two dozen standards that address business continuity in one way or another, and it’s true that NFPA 1600 (National Fire Protection Association) is the American national standard, few professionals in this country are actually using the standards. Previously conducted surveys by such firms as Deloitte and Touche showed that less than one-quarter of the respondents knew about NFPA 1600, much less used it. More attention is being focused on the British Standard, BS 25999, than NFPA 1600. Further, it is likely that within the coming year the International Organization for Standardization (ISO) will issue a global standard for business continuity. What happens then? Hopefully most of the standards commotion will cease, and we can move forward with our profession, knowing that it has a global set of guidelines on how to perform this vital service.
