New security standards to help protect your business

Analysis

New security standards to help protect your business

Standards Australia has released a set of new security Standards to assist businesses to better protect themselves against a wide range of potential risks and threats.

WantToReadMore

Get unlimited access to all of our content.

Standards Australia has released a set of new security Standards to assist businesses to better protect themselves against a wide range of potential risks and threats.

Australian Standards

These Australian Standards cover a number of critical security risk management areas. Of particular importance to employers are the new Standards pertaining to Employment Screening Standard, the operations of CCTV systems, Business continuity management, and Information security management. They were released in July 2006.

The Standards also help governments and business protect the community and infrastructure against Mumbai style terrorist attacks or respond to natural disasters like hurricane Katrina in New Orleans. 

Standards Australia worked with Federal and State governments, the business owners and operators of major infrastructure and major transport, power, retail and water industry representatives for the past year to develop the new Standards.

The need

Today's business climate is becoming more complex and risky, and companies, regardless of their size, face crises all the time. Loss of computer data, employing the wrong staff in positions of trust and being a victim of crime, fraud, or security breaches can have disastrous consequences for any business.

Astute owners and operators of businesses appreciate the importance of having a business continuity or disaster recovery plan in place. This is a sound precautionary measure to enable the business to respond quickly and ensuring the impact of the disruption is minimised.

Compliance with these new Standards will ensure a business's risk management strategy and its business continuity or disaster recovery plan is more robust.

As Mark Bezzina, Executive Director NSB, Standards Australia said 'Industry has told us that security Standards are one of the most important tools in developing world-class security systems. These Standards incorporate latest thinking in security technologies, procedures and protection, and are the most up to date to be found anywhere in the world.'

How these new Standards will help your business

  1. Employment Screening

The new Employment Screening Standard is designed to reduce the risk of potential security breaches and to ensure the integrity, identity and credentials of staff and contractors. The Standard provides guidance on:

  • When security checks should take place such as at the start of employment, before completion of probation periods and before promotion;
  • Verifying identity, checking CVs, education credentials and police records;
  • Privacy issues such as who the information can be released to; and
  • Training and probity checks on staff employed to do screening.
  1. The operations of CCTV systems

Closed-circuit television (CCTV) is the use of television cameras to transmit a signal to a specific, limited set of monitors and is often used for surveillance in areas where there is an increased need for security. Three new CCTV Standards deal with:

  • A Code of Practice, detailing recruitment, training, storage of information, privacy issues, responses to incidents;
  • Installation, customer requirements, equipment, evaluation; and
  • Technical requirements.
  1. Business continuity management

Business Continuity Planning (BCP) is a methodology used to create a plan for how an organisation will resume partially or completely interrupted critical function(s), within a predetermined time, after a disaster or disruption. BCP may be a part of a larger organisational effort to reduce operational risk associated with poor information security controls, and therefore may overlap with your risk management planning and practices.
  1. Two Handbooks to help businesses plan for, and recover from, catastrophic events including natural disasters, terrorist attack or criminal activity.

The handbooks provide a framework to:

  • Plan for a catastrophic event;
  • Get a business functioning at a basic level immediately after an event so as to deliver baseline services; and
  • Recover after an event so as to ensure the continuation and future success of the business.
  1. Information security management

Increased computer interconnectivity and the popularity of the Internet are allowing organisations of all types and sizes unprecedented opportunities to improve their operations by reducing paper processing, cutting costs, and sharing information. However, there are vulnerabilities in doing this and just how secure a business's information remains, depends on an organisation's ability to protect the integrity, confidentiality, and availability of the data and systems it relies on. Two new Information Security Management Standards include:

  • A Code of practice, which establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management;
  • A new Standard to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System.


More information

More information on these Standards is available at the Standards Australia website.

Related

SECURITY MEASURES - PROTECTION OF COMPANY PROPERTY

Privacy: getting the balance right

Employee referral schemes: how to make them work



  

 

Post details