Gestion de Riesgos, Resiliencia, Crisis y Continuidad: abril 2012

How standards help us in our everyday job

A bit of history

We have been bombarded during recent years about standards, coming from very different organizations. The history of standards goes back to the Second World War, from the moment at which the Allies had the urgent need to standardize mechanisms of collaboration. The second great moment came with the development of the global network (internet) -- it was more than fundamental to achieve a mechanism that ensured the network was flowing adequately and, with this intention, it was necessary that all the computers were linked by the same language all the time. The third important impulse came from the hand of two important milestones: on one hand, the strong impulse dedicated by the European Union to coordinate mechanisms that were facilitating the inter-ministerial communication among all its member states and partners and, on the other hand, the trend towards a global world in recession. As a consequence of the latter impulse it becomes necessary to strengthen an international mechanism that facilitates the task of inter-state coordination. It is at the time when the International Standards Organization (or ISO from the Greek “equal”) takes a relevant role in the area of the elaboration of standards and guidelines to facilitate a global communication. The industrialized countries and the emerging ones saw there an opportunity to compile lessons learned and good practices in a multitude of common areas.

Security Standards’ approach

The field of safety and security has quickly evolved into risk management as a wider field of development, by bringing together within risk management the expertise of different areas as dissimilar as security and finances. In addition, it is a must in this recession environment to better coordinate efficient response in all business areas under a unique Governance mechanism. The definitive impulse was given by the business continuity preparedness process that favoured the communication between areas rarely in contact with each other. Crisis Management has now, more than ever, a management/coordination role above all the different areas of response.

ISO, ASIS International, BSI, CPM, BCI and many others began a process of intercommunication that led to the birth of the ISO 31000 Risk Management Standard based on the Australian model. Since then, an endless number of very well coordinated and interlinked products have appeared, with the intention of obtaining a perfect communication flow between economy of means, efficiency and standardization. In this process was born the idea of connecting governance with Corporate Risk Management to better face an all hazards approach rather than a single scenario-based approach. This concept today is widely known as Enterprise Risk Management (ERM), and is intimately tied to the development of Organizational Resilience. The standards do not have the intention of imposing a system, but rather of offering sustainable alternatives and the probed and condensed expertise of recognized professional subject matter experts in every area. Every organization can use at its convenience any standard and adapt it to their internal needs with little effort. More than reinventing the wheel again, it is a way to share and better communicate.

Where are these standards available?

Not every publication with the word “standard” on the cover is really worth reading. One needs to differentiate between personal experience compilations and truly international standards. Though many of the good standards have a cost (no more than the one of every regular research publication), the investment is worth it because you can find an excellent compilation of good, consolidated practices and lessons learned of great utility that can maximize your time while researching and help your organization in the tedious process of improving the efficiency of our internal boards and governance mechanisms. There are other standards free of charge. Doing a rapid search online one can find copies of both of them (see below).