ISO 22320:2018, Security and resilience - Emergency management - Guidelines for incident management, is an international standard published by International Organization for Standardization that provide guidelines to be used for organizations that helps to mitigate threats and deal with incidents to ensure continuity of basic function of society (for example water and food supplies, health, rescue services, fuel delivery, and electricity). [1] [2] [3] ISO 22320 can be used by all types and sizes of organizations, no matter whether they are private or public but it is mostly focused on national emergency management organizations [4] [5] [6]
ISO 22320 includes the following main clauses: [7]
Annex A Additional guidance on working together
Annex B Additional guidance on incident management structure
Annex C Examples of incident management tasks
Annex D Incident management planning
ISO 22320 is the first of a series of ISO standards and Technical Reports on Emergency management, including [8]
This standard was originally developed by ISO technical committee ISO/TC 223 on societal security and published for the first time in November 2011. [15] ISO/TC 292 Security and resilience took over the responsibility of the work when ISO/TC 223 was dissolved and initiated a revision of the standard. [16]
Year | Description | |
---|---|---|
2011 | ISO 22320 (1st edition) | |
2018 | ISO 22320 (2nd edition). The document changed from being requirements to recommendations. |
Business continuity may be defined as "the capability of an organization to continue the delivery of products or services at pre-defined acceptable levels following a disruptive incident", and business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company. In addition to prevention, the goal is to enable ongoing operations before and during execution of disaster recovery. Business continuity is the intended outcome of proper execution of both business continuity planning and disaster recovery.
The ISO/IEC 27000-series comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
ISO/TC 223 Societal security was a technical committee of the International Organization for Standardization formed in 2001 to develop standards in the area of societal security: i.e. protection of society from and response to incidents, emergencies, and disasters caused by intentional and unintentional human acts, natural hazards, and technical failures.
ISO 28000:2022, Security and resilience – Security management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements for a security management system including aspects relevant to the supply chain.
ISO 22324:2022, Security and resilience — Emergency management — Guidelines for colour-coded alerts, is an international standard developed by ISO/TC 292 Security and resilience. This document provide guidelines for color codes to indicate severity of hazards in public warnings.
ISO/TC 292 Security and resilience is a technical committee of the International Organization for Standardization formed in 2015 to develop standards in the area of security and resilience.
ISO 22313:2020, Security and resilience - Business continuity management systems – Guidance to the use of ISO 22301, is an international standard developed by technical committee ISO/TC 292 Security and resilience. This document provides guidance for applying the requirements for a business continuity management system (BCMS) in accordance with the requirements set out in ISO 22301:2019.
ISO 22301:2019, Security and resilience – Business continuity management systems – Requirements, is a management system standard published by International Organization for Standardization that specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. It is intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization.
ISO 22300:2021, Security and resilience – Vocabulary, is an international standard developed by ISO/TC 292 Security and resilience. This document defines terms used in security and resilience standards and includes 360 terms and definitions. This edition was published in the beginning of 2021 and replaces the second edition from 2018.
ISO 22322:2022 is an international standard developed by the ISO/TC 292 Security and Resilience committee. It was published by the International Organization for Standardization (ISO) in 2015.
ISO 22319:2017Security and resilience - Community resilience - Guidelines for planning the involvement of spontaneous volunteers, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2017. ISO 22317 gives various of recommendations on how to deal with spontaneous volunteers (SVs) that show up at the incident scene to help the official emergency management team. When emergencies happen, concerned citizens want to help out in many ways. Following a disaster or crisis, members of the public often show up and offer their help. These spontaneous volunteers are not usually part of an organized volunteer organization such Search and Rescue Teams or the Humanitarian groups and may not have any training or experience as a volunteer. However, these volunteers can make very valuable contributions to the emergency response. But they can also present challenges for the emergency managers who may not be prepared for these volunteers. The purpose of this standard is to help organizations plan for the participation of spontaneous volunteers and to manage their work effectively and safely. .
ISO 22382:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for the content, security and issuance of excise tax stamps, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018.
ISO 22382 is a guidance document that provides various of recommendations for the content, security, issuance and examination of physical tax stamps. The purpose of the standard is to avoid counterfeited products and ensure that the required taxes have been paid for, for example on items as tobacco and alcohol. The recommendations includes:
ISO 22395:2018Security and resilience -- Community resilience -- Guidelines for supporting vulnerable persons in an emergency, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in October 2018. This document is a voluntary guidance standard for supporting vulnerable persons in an emergency.
ISO 22398:2013, Societal security – Guidelines for exercises, is an international standard published by International Organization for Standardization that provide guidelines to be used for organizations that want to plan, conduct and improve exercises. The guidelines can also be used for a full exercise programme.
ISO 22315:2014Societal security – Mass evacuation – Guidelines for planning, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2014. ISO 22315 gives various of recommendations on how to plan for possible mass evacuations, for example a city. The standard includes guidance on the various phases of mass evacutation from how to prepare the public, take the decision for evacuation to analyzing the evacuee movement and assessing the shelter where the evacuees is put.
ISO 22380:2018 Security and resilience – Authenticity, integrity and trust for products and documents – General principles for product fraud risk and countermeasures, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018.
ISO 22380 is a guidance document that provides principles on how to identify the risks related to various types of product fraud and product fraudsters. The included guidance can be used by any type of organization in order to establish strategic, countermeasures to prevent or reduce any harm from fraudulent attacks.
ISO 22381:2018 Security and resilience – Authenticity, integrity and trust for products and documents – Guidelines for establishing interoperability among object identification systems to deter counterfeiting and illicit trade, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2018. ISO 22381 is a guidance document that provides various of recommendations for establishing interoperability among independently functioning product identification and related authentication systems, as described in ISO 16678.
ISO 22392:2020Security and resilience - Community resilience - Guidelines for conducting peer reviews, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2020: ISO 22392 gives various of recommendations on how to conduct peer reviews of community resilience and design a peer review tool to assess community preparedness for disasters.
ISO 22396:2020Security and resilience - Community resilience - Guidelines for information exchange between organizations, is an international standard developed by ISO/TC 292 Security and resilience and published by the International Organization for Standardization in 2020: ISO 22396 gives various of recommendations on how to exchange information between organizations. It is applicable to all types of organizations, both public and private. The recommendations include various of principles for information exchange as well as a framework and process on how to work.