Called BS 16000 Security management – strategic and operational guidelines this latest guidance includes vocabulary, principles, and a framework for anyone within an organization’s security functions, either as a starting point or to review and improve existing security arrangements.

As security advances —notably the growing capabilities for collecting and analysing data via a proliferating array of internet-connected devices— security management is now about so much more than simply reacting to threats and risks.

This new document, says the British Standards Institution (BSI), will help security managers and other personnel identify opportunities for streamlining operations and gaining competitive advantage.

BS 16000 describes the security principles and devices that help organizations develop a security strategy as well as plan and implement security processes.

Strategic level

?There is no single business that cannot benefit from having a clear view of security and embedding it at a strategic level,? says Anne Hayes, head of market development for governance and risk at the BSI.

?As a high-level standard, BS 16000 has a wide range of applications across businesses of all sectors and sizes. The major management systems standards such environment, business continuity, risk and quality all include elements of security so BS 16000 complements these but looks more closely at security management.?

BS 16000 includes guidance on:

• Understanding the organization?s context
• Developing a security framework
• Security risk assessment
• Implementing security solutions
• Implementing the security program
• Security solutions (including physical, technical, manned, information, procedural, and personnel security solutions)
• Monitoring the security programme

BS 16000 committee chairman Mike Bluestone says: ?This standard brings together the essential aspects of security management in simple, jargon-free language, and is just as relevant to SMEs as larger organizations. BS 16000 includes the fundamental security management principles on which organizations can gain a better understanding of good security practice. It is a gateway to additional, sector-specific security standards.?

BS 16000 was developed through consensus-based collaboration among numerous organizations including: ASIS, British Security Industry Association (BSIA), Corps Security, City Security and Resilience (CSARN), the Continuity Forum, National Security Inspectorate (NSI), NHS Protect, The Security Institute, The Security Industry Authority (SIA), IPSA, Security Systems & Alarms Inspection Board (SSAIB) and the UK Cards Association.