Security standards update
Recent weeks have seen the introduction of a number of guidance documents relating to security standards, which will be of interest to Facilities Managers in the UK and Europe.
On 1 July the British Standards Institution (BSI) published strategic and operational guidelines for security management, under BS 16000. The new standard provides the basic principles of security management and describes what should be included to effectively manage security in organisations of all types and sizes.
BS 16000 provides the vocabulary and basic principles of security management, and demonstrates how security can be embedded in an organisation – including physical, technical, information, procedural and personnel solutions.
It complements existing management standards, including ISO 27001, ISO 14001, ISO 22301, ISO 22313, ISO 31000 and ISO 9001. More information can be found here.
The British Security Industry Association (BSIA) has developed guidance on Information Destruction in the Public Sector. Its recent White Paper defines the varying levels of secure information and documents that should be disposed of, specifying which sensitive materials should be securely destroyed. It will be of interest to organisations operating in the public sector, and to those wishing to benchmark themselves against those standards.
While little commercial sector information may be officially classified as ‘top secret’ (“where compromise could cause widespread loss of life or else threaten the security or economic wellbeing of the country”) the guidance makes interesting reading and provides useful pointers, not just for destruction of data, but also regarding labelling, threat analysis and the provisions of the BS EN 15713: 2009 European Code of Practice that regulates the information destruction industry.
One final security protocol of note is an agreement to update PD 6662, relating to the security industry scheme for intruder and hold-up alarm systems.
BSIA’s Security Systems and Security Equipment Manufacturers group has been keen to ensure a method of enabling the use of mobile devices to set or unset intruder alarm systems. The issue has been in need of addressing as a result of the restrictions in their use through BS 8243, the standard for alarm confirmation, and the lack of clarity in the current EN 50131-3 standard.
An agreement was reached by key industry bodies to update PD 6662 outside of the BSI standards framework, to allow for a more fundamental review of the PD 6662 scheme to align it with the introduction of the much-awaited second amendment to EN 50131, still under development in Europe.
David Wilkinson, Director of Technical Services at the BSIA, commented:
“The PD 6662 scheme for Intruder and Hold-up alarms systems is somewhat out of date. This industry agreement provides the ideal opportunity to update the existing scheme and enable the use of mobile device technology… whilst the full review of the PD is undertaken through BSI.”
The industry agreement will come into effect on 1 September 2015 and it is intended that the content of the agreement will be incorporated into the revised edition of PD 6662. More information can be found here.