ASIS International has announced the publication of a revised version of the ANSI/ASIS Chief Security Officer - An Organizational Model. This standard provides a model for organizations to use when developing a senior leadership function responsible for providing comprehensive, integrated risk strategies to protect an organization from security threats.
This standard replaces the 2008 ANSI/ASIS Chief Security Officer Organizational ANSI version.
“Early on, it was determined that the standard’s purpose was to state the risks that need to be managed within an organization — of any size — and based on those risks, determine the skills and competencies needed to manage those risks,” said Jerry Brennan, technical committee chair, and chief executive, Security Management Resources. “By identifying who owns what, who is accountable, and what is shared, organizations can then determine what is needed within its ‘senior security executive’ position and the competencies that are best suited for that role.”
The standard’s model for a senior leadership position is presented at a high level and designed as a guide for the development and implementation of a strategic security framework. The structure is characterized by appropriate awareness, prevention, preparedness, and necessary responses to changes in threat conditions. Specific considerations and responses are also addressed for deliberation by individual organizations based on identifiable risk assessment, requirements, intelligence, and assumptions.
“The perspective through which organizations evaluate and integrate operational risk within their strategic plan continues to be a dynamic process which not only impacts the role of the ‘senior security executive’ but also the position or positions that may assume that role,” said Charles Baley, ASIS Standards and Guidelines Commission Liaison and chief security officer, Farmers Group, Inc. “This Standard focuses on the importance of the function and not a single title or position.”
Applicable to both private and public sector organizations, the standard provides a methodology to evaluate and respond to a spectrum of threats to tangible and intangible assets on both a domestic and global basis.
View the executive summary (PDF).