La ministre américaine de la sécurité intérieure (Department of Homeland Security (DHS) Secretary) Janet Napolitano a annoncé le 15 octobre 2009 de nouveaux standards pour la préparation des opérateurs privés face aux catastrophes.
Elle a ainsi déclaré que "la préparation est une responsabilité partagée dans laquelle tout le monde (y compris les opérateurs privés, les universités et les associations) a un rôle à jouer. S'assurer que nos partenaires privés disposent des connaissances et conduisent des entraînements pour réagir face aux catastrophes permet de renfortcer nos efforts pour créer une culture nationale de préparation"
("Preparedness is a shared responsibility and everyone—including businesses, universities and non-profit organizations—has a role to play," said Secretary Napolitano. "Ensuring our private sector partners have the information and training they need to respond to disasters will strengthen our efforts to build a culture of preparedness nationwide.")
Cette notice, soumise à approbation, prévoit 3 nouvelles normes (établies en liaison avec la National Fire Protection Association, la British Standards Institution and ASIS International (American Society for Industrial Security).
Les 3 normes sont les suivantes :
1. Norme NFPA 1600 — Gestion des situations de crises et plan de continuité des activités (Standard on Disaster/ Emergency Management and Business Continuity Programs)
2. Norme BS25999— Gestion du plan de continuité des activités (Business Continuity Management)
3. Norme ASIS SPC. 1–2009— Résilience organisationnelle : prévention sécuritaire, systèmes de continuité des activités (Organizational Resilience: Security Preparedness, and Continuity Management Systems— Requirements with Guidance for Use)
1. NFPA 1600—Standard on Disaster/ Emergency Management and Business Continuity Programs, 2007 Edition. This standard establishes a common set of criteria for preparedness, disaster management, emergency management, and business continuity. NFPA 1600 specifies the management and essential elements of a preparedness program for disaster management, emergency management, and business continuity.
The particular strength of this standard is that it focuses on planning and preparation in anticipation of a disaster and does not prescribe a program development process.
2. BS25999—Business Continuity Management. This standard defines requirements for a management systems approach to business continuity, and integrates risk management disciplinesand processes. BS25999 is comprised of two parts: Part 1 dated 2006; Code of
Practice, and Part 2 dated 2007; Specification. The particular strength of this standard is that it specifically provides a management systems approach to business continuity and also integrates risk management disciplines and processes. The standard also provides the user the basis for understanding and implementing in business-to-business and business-tocustomer
dealings to reassure business resilience.
3. ASIS SPC. 1–2009—Organizational Resilience: Security Preparedness, and Continuity Management Systems— Requirements with Guidance for Use. This standard was released in 2009 and defines requirements for a management systems approach to organizational resilience. The particular strength of this standard is that it applies a management systems approach to organizational resilience. The standard encompasses an assortment of risk management mechanisms and follows a plan-do-check-act approach associated with other International Standard Organization management system based standards.
The particular strength of this standard is that it focuses on planning and preparation in anticipation of a disaster and does not prescribe a program development process.
2. BS25999—Business Continuity Management. This standard defines requirements for a management systems approach to business continuity, and integrates risk management disciplinesand processes. BS25999 is comprised of two parts: Part 1 dated 2006; Code of
Practice, and Part 2 dated 2007; Specification. The particular strength of this standard is that it specifically provides a management systems approach to business continuity and also integrates risk management disciplines and processes. The standard also provides the user the basis for understanding and implementing in business-to-business and business-tocustomer
dealings to reassure business resilience.
3. ASIS SPC. 1–2009—Organizational Resilience: Security Preparedness, and Continuity Management Systems— Requirements with Guidance for Use. This standard was released in 2009 and defines requirements for a management systems approach to organizational resilience. The particular strength of this standard is that it applies a management systems approach to organizational resilience. The standard encompasses an assortment of risk management mechanisms and follows a plan-do-check-act approach associated with other International Standard Organization management system based standards.
EN SAVOIR PLUS :
Aucun commentaire:
Enregistrer un commentaire