Customer Service:
Mon - Fri: 8:30 am - 6 pm EST

 Historical

ISO/PAS 22399:2007

Societal security - Guideline for incident preparedness and operational continuity management

ISO/PAS 22399:2007 provides general guidance for an organization — private, governmental, and nongovernmental organizations — to develop its own specific performance criteria for incident preparedness and operational continuity, and design an appropriate management system. It provides a basis for understanding, developing, and implementing continuity of operations and services within an organization and to provide confidence in business, community, customer, first responder, and organizational interactions. It also enables the organization to measure its resilience in a consistent and recognized manner.

ISO/PAS 22399:2007 is applicable to all sizes of public or private organizations engaged in providing products, processes, or services that wishes to:

  • understand the overall context within which the organization operates;
  • identify critical objectives;
  • understand barriers, risks, and disruptions that may impede critical objectives;
  • evaluate residual risk and risk tolerance to understand outcomes of controls and mitigation strategies;
  • plan how an organization can continue to achieve its objectives should a disruptive incident occur;
  • develop incident and emergency response, continuity response and recovery response procedures;
  • define roles and responsibilities, and resources to respond to an incident;
  • meet compliance with applicable legal, regulatory, and other requirements;
  • provide mutual and community assistance;
  • interface with first responders and the media;
  • promote a cultural change within the organization that recognizes that risk is inherent in every decision and activity and must be effectively managed.

ISO/PAS 22399:2007 presents the general principles and elements for incident preparedness and operational continuity of an organization. The extent of the application will depend on factors such as the policy of the organization, the nature of its activities, products and services, and the location where and the conditions under which it functions.

ISO/PAS 22399:2007, however, excludes specific emergency response activities following an incident, such as disaster relief and social infrastructure recovery that are primarily to be performed by the public sector in accordance with relevant legislation. It is important, however, that coordination with these activities be maintained and documented.


Content Provider
International Organization for Standardization [iso]


Others Also Bought

Information technology - Security techniques - Guidelines for information and communications technology disaster ...
Societal security - Emergency management - Requirements for incident response
ISO 22300, ISO 22301 and ISO 22313 - Societal Security Business Continuity Package (Save 15% off List Prices)
Document History
We have no document history for this standard.
Amendments & Corrections
We have no amendments or corrections for this standard.
ANSI Logo

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.

CUSTOMER SERVICE
NEW YORK OFFICE
ANSI HEADQUARTERS