Presentation is loading. Please wait.

Presentation is loading. Please wait.

and Security Management: ISO 28000

Published byLoreen Atkins Modified over 6 years ago

Similar presentations

Presentation on theme: "and Security Management: ISO 28000"— Presentation transcript:

1 and Security Management: ISO 28000
Standards for Supply Chain Risk Assessment and Security Management: ISO 28000 Assuring Safety, Security, and Sustainability using supply chain analysis, planning, and integrated Quality Management Systems 2012 Transportation Research Board Annual Meeting Washington DC January 25th, 2012 Michael J. Penders, Esq. Environmental Security International L3C

2 Identifying Vulnerabilities and Reducing Risk with Integrated Management Systems: Performance Measures, Accountability, and Deterrence Integrated Security Management requires the capacity to detect, prevent, and limit consequences of deliberate or negligent acts across the supply and distribution chains. Focused on acts that would use hazardous materials, wastes, supply chain, or infrastructure as a weapon or means of delivering an attack. An All Hazards Approach to Risk Assessment

3 Process for Integrated Risk Assessment, Management and Systems
Planning for many release and attack scenarios that pose threats to critical assets; not just worst case. Dynamic paradigms for risk assessment and planning. Benefits of Integrating Environmental, Health, Safety, Emergency Response, Disaster Recovery, Business Continuity, Information and Physical Security systems. Organizational Resiliency Enterprise Risk Management

4 Homeland Defense, Integrated Management Systems, and National Security
Nationally, Internationally, at Ports, and at Facilities: “We don’t know what we know.” Stove piping of agencies and information Speed and synthesis: keys to comprehension and security. Integrating environmental, energy, and security monitoring into operational controls, with defenses for IT systems

5 Integrating Elements of Security into Operational Management Systems
Access to Reliable Information by Decision Makers, Emergency Responders, Security Data Mining, Operational Controls, Remote Sensing Planning, Communications, Training Standards for Incident Command Demonstrated Performance at Military Bases

6 Critical Elements of Vulnerability, Risk Assessment and Systems Review
Facility and Treatment Review Physical Security: Perimeter; access controls; vehicles and materials delivery management; hazardous materials management; facilities design; critical infrastructure; personnel; subcontractors SCADA, Information, and Cyber Security Critical Control Points along Supply Chain

7 Strategic Security Management
Blue Plains D.C. Waste Water Treatment Facility Pollution Prevention and Strategic Sustainability Co-Generation, Redundancy, Defenses Management Controls and Real Time Monitoring Towards an Integrated Systems Approach Assuming worst case scenarios and that the enemy knows; design systems accordingly

8 New Standard and Incentives for Integrated Security Management
New International Standards for Security Management System (SMS) ISO 28000; ISO 27000 Performance Measures for Integrated Systems: Speed, Synthesis, Risk Reduction E-Commerce and Supply Chain Management Insurance/Financial/Regulatory Consideration

9 Security Planning Model
Continuous Vigilance Model Change Security Management System Incident SVA Audit

10 Security Management System Model Elements
Leadership commitment Security vulnerability assessment Legal and other requirements Threat and hazard deterrence and mitigation Implementation and operation Resources, roles, responsibility and authority Competence, training and awareness Continuous improvement Monitoring and measurement System evaluation Nonconformity, corrective action and preventive action Control of record Internal audit Management review Communications and warning Documentation Control of documents Operations and procedure Emergency preparedness and response

11 SVA Methodology Step 1: Asset Characterization
Step 2: Threat Assessment Step 3: Vulnerability Analysis Step 4: Risk Assessment Step 5: Countermeasures Analysis

12

13 Security Management System
Value to external Stakeholders: Customers; Government; Financial Institutions, Public Integrated Security Management System Innovative Technologies Enterprise Risk Management Business Continuity Deterrence

14 For more information or questions:
Michael Penders (703)

Download ppt "and Security Management: ISO 28000"

Similar presentations

EMS Checklist (ISO model)

EMS Checklist (ISO model)
Environmental Management System Implementation

Environmental Management System Implementation
[Organisation’s Title] Environmental Management System

[Organisation’s Title] Environmental Management System
Department of Environmental Quality Environmental Management System Overview.

Department of Environmental Quality Environmental Management System Overview.
Environmental Management System (EMS)

Environmental Management System (EMS)
EPA EMS General Awareness Training Presented by David Guest, Esq. U.S. EPA Washington, D.C.

EPA EMS General Awareness Training Presented by David Guest, Esq. U.S. EPA Washington, D.C.
1Comprehensive Disaster Risk Management Framework The Role of Local Actors 111 Safer Cities Session 1 World Bank Institute Fouad Bendimerad, Ph.D., P.E.

1Comprehensive Disaster Risk Management Framework The Role of Local Actors 111 Safer Cities Session 1 World Bank Institute Fouad Bendimerad, Ph.D., P.E.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Environmental Management Systems An Overview With Practical Applications.

Environmental Management Systems An Overview With Practical Applications.
Business Crisis and Continuity Management (BCCM) Class Session 3 3 - 1.

Business Crisis and Continuity Management (BCCM) Class Session
Tomas Pivoras - EMS experience1 Environmental management systems – experience from Lithuania Tomas Pivoras Kaunas University of Technology.

Tomas Pivoras - EMS experience1 Environmental management systems – experience from Lithuania Tomas Pivoras Kaunas University of Technology.
ENVIRONMENTAL MANAGEMENT SYSTEMS. ENVIRONMENTAL ISSUES Global Warming Climate Change Ozone Layer Resource Depletion Population Growth Waste Disposal Effects.

ENVIRONMENTAL MANAGEMENT SYSTEMS. ENVIRONMENTAL ISSUES Global Warming Climate Change Ozone Layer Resource Depletion Population Growth Waste Disposal Effects.
Session 2 World Bank Institute Katalin Demeter

Session 2 World Bank Institute Katalin Demeter
Environmental Management Systems Refresher

Environmental Management Systems Refresher
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
RESPONSIBLE CARE ® DISTRIBUTION CODE Daniel Roczniak Senior Director, Responsible Care American Chemistry Council June 2010.

RESPONSIBLE CARE ® DISTRIBUTION CODE Daniel Roczniak Senior Director, Responsible Care American Chemistry Council June 2010.
Applying a Systems Approach EPA Regions 9 & 10 and The Federal Network for Sustainability.

Applying a Systems Approach EPA Regions 9 & 10 and The Federal Network for Sustainability.
RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.

RC14001 ® Update GPCA Responsible Care Committee September 23, 2013.
1 The Standards Based Management System Approach to Deploying the Environmental Management System at Oak Ridge National Laboratory Dr. Fay Frederick, Division.

1 The Standards Based Management System Approach to Deploying the Environmental Management System at Oak Ridge National Laboratory Dr. Fay Frederick, Division.
Ship Recycling Facility Management System IMO Guideline A.962

Ship Recycling Facility Management System IMO Guideline A.962

Similar presentations

Ads by Google