ISO/TC 292 Security and resilience is a technical committee of the International Organization for Standardization formed in 2015 to develop standards in the area of security and resilience.
When ISO/TC 292 was created the following three committees were merged.
ISO/TC 292 works under the following scope [1] [2] [3] [4]
Standardization in the field of security to enhance the safety and resilience of society.
Excluded: Sector specific security projects developed in other relevant ISO committees and projects developed in ISO/TC 262 and ISO/PC 278.
ISO/TC 292 currently has the following organisation. [5] [6]
ISO/TC 292 is one of the larger committees in ISO with almost 70 member countries. [7]
It has a wide range of experts participating in the work of ISO/TC 292, from large corporations such as Thales to start-ups such as Cypheme. [8]
Business continuity may be defined as "the capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident", and business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company. In addition to prevention, the goal is to enable ongoing operations before and during execution of disaster recovery. Business continuity is the intended outcome of proper execution of both business continuity planning and disaster recovery.
BS was BSI's standard in the field of Business Continuity Management (BCM). It was withdrawn in 2012 and 2013 following the publication of the international standards ISO 22301 - ″Societal Security — Business continuity management systems — Requirements″ and ISO 22313 - ″Societal Security — Business continuity management systems — Guidance″
The British Standards Institution (BSI) is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.
ISO/TC 223 Societal security was a technical committee of the International Organization for Standardization formed in 2001 to develop standards in the area of societal security: i.e. protection of society from and response to incidents, emergencies, and disasters caused by intentional and unintentional human acts, natural hazards, and technical failures.
ISO 28000:2022, Security and resilience – Security management systems – Requirements, is a management system standard published by International Organization for Standardization (ISO) that specifies requirements for a security management system including aspects relevant to the supply chain.
ISO 22324:2022, Security and resilience — Emergency management — Guidelines for colour-coded alerts, is an international standard developed by ISO/TC 292 Security and resilience. This document provide guidelines for color codes to indicate severity of hazards in public warnings.
ISO 22313:2020, Security and resilience - Business continuity management systems – Guidance to the use of ISO 22301, is an international standard developed by technical committee ISO/TC 292 Security and resilience. This document provides guidance for applying the requirements for a business continuity management system (BCMS) in accordance with the requirements set out in ISO 22301:2019.
The Annex SL is a section of the ISO/IEC Directives part 1 that prescribes how ISO Management System Standard (MSS) standards should be written. The aim of Annex SL is to enhance the consistency and alignment of MSS by providing a unifying and agreed-upon high level structure, identical core text and common terms and core definitions. The aim being that all ISO Type A MSS are aligned and the compatibility of these standards is enhanced.
ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization.
ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions. This edition was published in the beginning of 2021 and replaces the second edition from 2018.
ISO 22322:2022 is an international standard developed by the ISO/TC 292 Security and Resilience committee. It was published by the International Organization for Standardization (ISO) in 2015.
ISO 22320:2018, Security and resilience - Emergency management - Guidelines for incident management, is an international standard published by International Organization for Standardization that provide guidelines to be used for organizations that helps to mitigate threats and deal with incidents to ensure continuity of basic function of society. ISO 22320 can be used by all types and sizes of organizations, no matter whether they are private or public but it is mostly focused on national emergency management organizations
ISO 22382:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for the content, security and issuance of excise tax stamps, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018.
ISO 22382 is a guidance document that provides various of recommendations for the content, security, issuance and examination of physical tax stamps. The purpose of the standard is to avoid counterfeited products and ensure that the required taxes have been paid for, for example on items as tobacco and alcohol. The recommendations includes:
ISO 22395:2018, Security and resilience -- Community resilience -- Guidelines for supporting vulnerable persons in an emergency, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in October 2018. This document is a voluntary guidance standard for supporting vulnerable persons in an emergency.
ISO 22315:2014Societal security – Mass evacuation – Guidelines for planning, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2014. ISO 22315 gives various of recommendations on how to plan for possible mass evacuations, for example a city. The standard includes guidance on the various phases of mass evacuation from how to prepare the public, take the decision for evacuation to analyzing the evacuee movement and assessing the shelter where the evacuees is put.
ISO 22380:2018 Security and resilience – Authenticity, integrity and trust for products and documents – General principles for product fraud risk and countermeasures, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018.
ISO 22380 is a guidance document that provides principles on how to identify the risks related to various types of product fraud and product fraudsters. The included guidance can be used by any type of organization in order to establish strategic, countermeasures to prevent or reduce any harm from fraudulent attacks.
ISO 22381:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for establishing interoperability among object identification systems to deter counterfeiting and illicit trade, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018. ISO 22381 is a guidance document that provides various of recommendations for establishing interoperability among independently functioning product identification and related authentication systems, as described in ISO 16678.
ISO 22392:2020, Security and resilience - Community resilience - Guidelines for conducting peer reviews, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2020: ISO 22392 gives various of recommendations on how to conduct peer reviews of community resilience and design a peer review tool to assess community preparedness for disasters.
ISO 22396:2020, Security and resilience - Community resilience - Guidelines for information exchange between organizations, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2020: ISO 22396 gives various of recommendations on how to exchange information between organizations. It is applicable to all types of organizations, both public and private. The recommendations include various of principles for information exchange as well as a framework and process on how to work.