Sign In

Title IX of the Implementing Recommendations of the 9/11 Commission Act of 2007 (Public Law 110-53) mandated that the Department of Homeland Security (DHS) develop and implement a Voluntary Private Sector Preparedness Accreditation and Certification Program. This program, known as PS-Prep, encourages private sector entities to increase their preparedness efforts and then apply to have their business continuity programs certified by an accredited third party. In June 2010, after the conclusion of a comment period, DHS published a notice in the Federal Register announcing its adoption of three standards for inclusion in the PS-Prep Program: ASIS SPC.1-2009, BS 25999, and NFPA 1600 v2007/2010.

After DHS finalized the standards selections, ANAB entered into an agreement with DHS to develop and implement a program to oversee the PS-Prep program, including managing the accreditation process and evaluating the qualifications of certification bodies seeking to perform readiness assessments. In late September 2010, ANAB issued program requirements (ANAB Accreditation Rule 37) and invited certification bodies to begin submitting applications. In mid-2011, PS-Prep “went live” when ANAB began issuing accreditation to qualified third party certification bodies to begin offering certification of private sector entities to the standards currently accepted under PS-Prep.

ASIS SPC.1-2009

ASIS SPC.1-2009 provides a comprehensive management systems approach for security, preparedness, response, mitigation, business/operational continuity, and recovery for disruptive incidents resulting in an emergency, crisis, or disaster (commonly referred to as organizational resilience). This standard was designed to allow integration with quality, safety, environmental, information security, risk and other management systems within an organization, and is intended for use by any sized organization in the private, not-for-profit, and public sectors. ASIS SPC.1-2009

British Standard (BS) 25999

BS 25999 provides end-to-end business continuity management guidance to organizations with aggressive risk management demands or international business interests by focusing on risk treatment, response and recovery. Part 1, the Code of Practice, establishes the process, principles and terminology of business continuity management (BCM). Part 2, the Specification, specifies requirements for planning, establishing, implementing, operating, monitoring, reviewing, exercising, maintaining and improving a documented business continuity management system (BCMS) within the context of managing an organization’s overall business risks. This standard is intended for use by any sized organization in the private, not-for-profit, and public sectors. BS 25999-1:2006 | BS 25999-2:2007

National Fire Protection Association (NFPA) 1600 v2007/2010

The NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity Programs provides the fundamental criteria to develop, implement, assess, and maintain the program for prevention, mitigation, preparedness, response, continuity, and recovery. This standard is intended for use by any sized organization in the private, not-for-profit, and public sectors. Of note, both the 2007 and 2010 editions of the standard have been adopted into the PS-Prep program. NFPA 1600:2007 | NFPA 1600:2010

Additional Resources

BS 25999 Self-Assessment

How To Deploy BS 25999 (second edition)

NFPA 1600 2010 Edition: What You Need to Know

UPDATED: What Is A Management System?

Is Business Continuity Certification Right for Your Organization?

Turning Standards into Features

 

CONTACT US

You have questions, we have answers! Contact us for additional information regarding our professionals, services and experiences, or to schedule a complimentary discussion with one of experts to further explore the business continuity and disaster recovery challenges specific to your organization.