DHS today issued its long anticipated proposal for standards for the Voluntary Private Preparedness Accreditation and Certification Program (PS-Prep) established under Title IX of Public Law 110-53. As expected, DHS is proposing the following three standards:
- ASIS SPC.1-2009Organizational Resilience: Security Preparedness, and Continuity Management Systems – the American Society for Industrial Security is making ASIS SPC 1-2009 available for inspection, downloading, and printing at no cost.
- British Standard 25999-2:2007Business Continuity Management – the British Standards Institution is making BS25999 available for inspection, downloading, and printing for a nominal charge.
- National Fire Protection Association1600:2007 Standard on Disaster/Emergency Management and Business Continuity Programs – the National Fire Protection Association is making NFPA 1600 available for inspection, downloading, and printing at no cost.
So what't this mean to the average company? Well, the first thing to remember is that this is the proposal phase of the adoption process, so you have 30 days to make public comments. Secondly, PS-Prep is voluntary and it's going to take a while to work out any sort of accreditation. So this is just a step in a long process.
Still, standards-based programs are the way of the future and you might want to start thinking about using one of these standards to improve your program. There are a lot of variables that go into that decision and I'll try to write about them in either a blog or newsletter. Meanwhile, you might want to check out my August 5 blog, "Who Needs Standards?"
My personal preference? Well, that's a bit irrelevant because you need to pick the standard that's right for you. I've worked with NFPA 1600 for years, although I have not reviewed the 2010 version yet, and I've just received some training on the ASIS standard. Both are good and both have their pros and cons. I haven't reviewed the British standard because it was cost prohibitive. I note that they're charging $40 for the privilege of downloading an electronic review version - that's actually a bargain compared to what they normally charge - but with two good standards available for free why bother?