ISO/TC 292
ISO/TC 292 Security and resilience is a technical committee of the International Organization for Standardization formed in 2015 to develop standards in the area of security and resilience.
The Technical Management Board of ISO (TMB) decided in June 2014 to create a new ISO technical committee with the number ISO/TC 292 by merging three committees into one.[1] The work of ISO/TC 292 officially started on 2015-01-01 and the three previous committees were dissolved and their workprogrammes moved to the new committee. ISO/TC 292 also was given the responsibility for the ISO 28000 series (Security management in the supply chain)previously developed by ISO/TC 8.
The TMB decision was made in order to clarify ISO's structural organization on security matters, and to prepare for future topics in this field by creating a de facto coordination body within the TC central structure. IT was believed that ISO/TC 292 would lead to optimization as well as limit and prevent conflict or duplication of work. It would also make it easier for public administrations/authorities with a general interest and protective mission to optimize their participation in ISO's work in this sector. As well as give Non-Profit organizations with limited resources a simplified structure to take part in.
When ISO/TC 292 was created the following three committees were merged.
- ISO/TC 223 Societal security (2001–2014)
- ISO/TC 247 Fraud countermeasures and controls (2009–2014)
- ISO/PC 284 Management system for quality of PSC operations (2013–2014)
Scope
ISO/TC 292 works under the following scope[2]
:[3][4][5]
Standardization in the field of security to enhance the safety and resilience of society.
Excluded: Sector specific security projects developed in other relevant ISO committees and projects developed in ISO/TC 262 and ISO/PC 278.
Leadership and organization
- Chair 2015– Mrs Åsa Kyrk Gere
- Secretary 2020- Ms Susanna Björk
- Secretary 2017–2020 Mr Bengt Rydstedt
- Secretary 2017-2017 Ms Susanna Björk
- Secretary 2015–2016 Mr Bengt Rydstedt
ISO/TC 292 currently has the following organisation.[6][7]
- Working Group 1: Terminology
- Working Group 2: Continuity and organizational resilience
- Working Group 3: Emergency management
- Working Group 4: Authenticity, integrity and trust for products and documents
- Working Group 5: Community resilience
- Working Group 6: Protective security
- Working Group 7: Guidelines for events
- Working Group 8: Supply chain security
- Working Group 9: Crisis management
- Joint Working Group 1: Managing emerging risk (Joint work with ISO/TC 262)
- CG: Communication Group
- DCCG: Developing Country Coordination Group
- UNCG: United Nation Coordination Group
ISO/TC 292 is one of the larger committees in ISO with almost 70 member countries.[8]
Published standards
- General
- ISO 22300:2018 Security and resilience – Vocabulary[9]
- ISO/TS 22375:2018 Security and resilience – Guidelines for complexity assessment process[10]
- ISO 22397:2014 Societal security – Guidelines for establishing partnering arrangements[11]
- ISO 22398:2014 Societal security – Guidelines for exercises[12]
- Business continuity management
- ISO 22301:2019 Security and resilience – Business continuity management systems – Requirements[13]
- ISO 22313:2020 Security and resilience – Business continuity management systems – Guidance on the use of ISO 22301[14]
- ISO/TS 22317:2015 Societal security – Business continuity management systems – Guidelines for business impact analysis[15]
- ISO/TS 22318:2015 Societal security – Business continuity management systems – Guidelines for supply chain continuity[16]
- ISO/TS 22330:2018 Security and resilience – Business continuity management systems – Guidelines for people aspects on business continuity[17]
- ISO/TS 22331:2018 Security and resilience – Business continuity management systems – Guidelines for business continuity strategy[18]
- ISO/IEC/TS 17021-6:2015 Conformity assessment – Requirements for bodies providing audit and certification of management systems – Part 6: Competence requirements for auditing and certification of business continuity management systems[19]
- ISO 22320:2018 Security and resilience – Emergency management – Guidelines for incident management[20]
- ISO 22322:2015 Societal security – Emergency management – Guidelines for public warning[21]
- ISO 22324:2015 Societal security – Emergency management – Guidelines for colour coded alert[22]
- ISO 22325:2016 Security and resilience – Emergency management – Guidelines for capability assessment[23]
- ISO 22326:2018 Security and resilience – Emergency management – Guidelines for monitoring facilities with identified hazards[24]
- ISO 22327:2018 Security and resilience – Emergency management – Guidelines for implementation of a community-based landslide early warning system[25]
- ISO 22328-1:2020 Security and resilience – Emergency management – Guidelines for implementation of a community-based natural disasters early warning system
- ISO/TR 22351:2015 Societal security – Emergency management – Message structure for exchange of information[26]
- Authenticity, integrity and trust for products and documents
- ISO 22380:2018 Security and resilience – Authenticity, integrity and trust for products and documents – General principles for product fraud risk[27]
- ISO 22381:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for interoperability of product identification and authentication systems[28]
- ISO 22382:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for the content, security and issuance of excise tax stamps[29]
- ISO 22383:2020 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines and performance criteria for authentication solutions for material goods
- ISO 22384:2020 Security and resilience – Authenticity, integrity and trust for products and documents - Guidelines to establish and monitor a protection plan and its implementation
- ISO 16678:2014 Guidelines for interoperable object identification and related authentication systems to deter counterfeiting and illicit trade[30]
- Supply chain security management
- ISO 28000:2007 Specification for security management systems for the supply chain[31]
- ISO 28001:2007 Security management systems for the supply chain – Best practices for implementing supply chain security, assessments and plans – Requirements and guidance[32]
- ISO 28002:2011 Security management systems for the supply chain – Development of resilience in the supply chain – Requirements with guidance for use[33]
- ISO 28003:2007 Security management systems for the supply chain – Requirements for bodies providing audit and certification of supply chain security management systems[34]
- ISO 28004-1:2007 Security management systems for the supply chain – Guidelines for the implementation of ISO 28000 Part 1: General principles[35]
- ISO 28004-3:2014 Security management systems for the supply chain – Guidelines for the implementation of ISO 28000 Part 3: Additional specific guidance for adopting ISO 28000 for use by medium and small businesses (other than marine ports)[36]
- ISO 28004-4:2014 Security management systems for the supply chain – Guidelines for the implementation of ISO 28000 Part 4: Additional specific guidance on implementing ISO 28000 if compliance with ISO 28001 is a management objective[37]
- ISO 22315:2015 Societal security – Mass evacuation – Guidelines for planning[38]
- ISO 22319:2017 Security and resilience – Community resilience – Guidelines for planning the involvement of spontaneous volunteers[39]
- ISO 22392:2020 Security and resilience – Community resilience – Guidelines for conducting peer reviews[40]
- ISO 22395:2018 Security and resilience – Community resilience – Guidelines for supporting vulnerable persons in an emergency[41]
- ISO 22396:2020 Security and resilience – Community resilience – Guidelines for information exchange between organisations[42]
- ISO/TR 22370:2020 Security and resilience – Urban resilience – Framework and principles
- Organizational resilience
- ISO 22316:2017 Security and resilience – Organizational resilience – Principles and attributes[43]
- ISO 18788:2015 Management system for private security operations – Requirements with guidance for use[44]
- Revised, replaced or withdrawn
- ISO 22300:2012 Societal security – Terminology (replaced by 2018 edition)[45]
- ISO 22301:2012 Societal security – Business continuity management systems – Requirements [46] (replaced by 2019 edition)
- ISO 22313:2012 Societal security – Business continuity management systems – Guidance (replaced by 2020 edition)
- ISO/TR 22312:2012 Societal security – Technological capabilities[47]
- ISO 22320:2011 Societal security – Emergency management – Requirements for incident response (replaced by 2018 edition)[48]
- ISO/PAS 22399:2007 Societal security – Guideline for incident preparedness and operational continuity management (replaced by ISO 22301 and ISO 22313)[49]
- ISO 12931:2012 Performance criteria for authentication solutions used to combat counterfeiting of material goods[50]
References
- "ISOTC292". www.isotc292online.org.
- "ISO/TC 292 - Security and resilience". ISO.
- "ISO/TC 292 Security and resilience". www.scc.ca. Retrieved 2020-08-01.
- "What is standardisation? | resistand". resistand.eu.
- Solutions, Security (September 3, 2018). "Standards Increasing Security".
- "ISOTC292". www.isotc292online.org.
- "International Standards Development". www.asisonline.org.
- "ISO - ISO/TC 292 - Security and resilience". www.iso.org.
- "ISO 22300:2018". ISO.
- "ISO/TS 22375:2018". ISO.
- "ISO 22397:2014". ISO.
- "ISO 22398:2013". ISO.
- "ISO 22301:2019". ISO.
- "ISO 22313:2020". ISO.
- "ISO/TS 22317:2015". ISO.
- "ISO/TS 22318:2015". ISO.
- "ISO/TS 22330:2018". ISO.
- "ISO/TS 22331:2018". ISO.
- "ISO/IEC TS 17021-6:2014". ISO.
- "ISO 22320:2018". ISO.
- "ISO 22322:2015". ISO.
- "ISO 22324:2015". ISO.
- "ISO 22325:2016". ISO.
- "ISO 22326:2018". ISO.
- "ISO 22327:2018". ISO.
- "ISO/TR 22351:2015". ISO.
- "ISO 22380:2018". ISO.
- "ISO 22381:2018". ISO.
- "ISO 22382:2018". ISO.
- "ISO 16678:2014". ISO.
- "ISO 28000:2007". ISO.
- "ISO 28001:2007". ISO.
- "ISO 28002:2011". ISO.
- "ISO 28003:2007". ISO.
- "ISO 28004-1:2007". ISO.
- "ISO 28004-3:2014". ISO.
- "ISO 28004-4:2014". ISO.
- "ISO 22315:2014". ISO.
- https://www.iso.org/standard/66951.html
- "ISO 22392:2020". ISO.
- "ISO 22395:2018". ISO.
- "ISO 22396:2020". ISO.
- "ISO 22316:2017". ISO.
- "ISO 18788:2015". ISO.
- "ISO 22300:2012". ISO.
- "ISO 22301:2012". ISO.
- "ISO/TR 22312:2011". ISO.
- "ISO 22320:2011". ISO.
- "ISO/PAS 22399:2007". ISO.
- "ISO 12931:2012". ISO.