Developed by a Technical Committee consisting of more than 80 members from 17 countries, the document provides a comprehensive management approach designed to assist security professionals in identifying, applying and managing physical security measures in order to safeguard an organisation’s assets: its people, property and information.
Physical asset protection, also known as physical security management, includes the protection of both tangible (eg physical, human, infrastructure and environmental) assets and intangible assets (such as brand, reputation and information). The all-new Physical Asset Protection Standard offers a framework for establishing, implementing, operating, monitoring, reviewing, maintaining and improving physical protection systems.
“All organisations face risks,” said Allison Wylde, co-chair of the Physical Asset Protection Technical Committee and course leader for the MSc in Project Management which runs at the London Business School.
“The challenge is to first determine how much risk is acceptable and, second, how to cost-effectively manage risk to meet strategic and operational objectives. This standard helps practitioners determine the appropriate balance between these competing demands.”
Development of the new standard
Work first began on the standard in 2010 when members of the ASIS United Kingdom Chapter, ably led by Wylde, developed an asset protection draft standard. The draft, which was used as the starting point document for the full Technical Committee, was based on the management system framework described in the ANSI/ASIS SPC.1-2009 entitled ‘Organisational Resilience: Security, Preparedness and Continuity Management Systems: Requirements with Guidance for Use’.
This enables seamless integration with the organisational resilience standard, thereby allowing organisations to build a comprehensive management system for security and resilience management.
“Organisations need to manage the risks of undesirable and disruptive events,” stated Dr Marc Siegel, co-chairman of the Physical Asset Protection Technical Committee and commissioner of the ASIS Global Standards Initiative.
“A comprehensive management systems approach gives practitioners a management tool to cost-effectively protect an organisation’s assets in concert with the company’s overall mission and business objectives.”
Integrating security and related functions
The Physical Asset Protection Standard helps to integrate a given organisation’s security and related functions (eg risk management, safety, finance, quality assurance and compliance) into a comprehensive, proactive management system. This management system should:
- ensure top management leadership and commitment to the physical assets protection policy
- establish a comprehensive risk management programme that identifies, analyses and evaluates risks to tangible and intangible assets
- characterise the assets, then design and implement a physical protection system that meets the defines objectives while considering the available resources
- integrate people, procedures, technologies and equipment to meet the stated objectives
- continuously monitor, measure and review the performance of the management system
Excellent direction for security managers
“The Physical Asset Protection Standard provides direction to security managers,” explained Bernard D Greenawalt CPP, Standards and Guidelines Commission Liaison and vice-president of Securitas Security Services USA. “Used in conjunction with the ASIS Protection of Assets and the ASIS Facilities Physical Security Measures Guidelines, this new standard will help practitioners determine the appropriate level of acceptable risk and the investment required to manage those risks.”
The Security Institute’s chairman Mike Bluestone and director Azeem Aleem were on the convergence team and the Technical Committee. Indeed, the standard’s development has encompassed input from many information security leaders as well so it most certainly has a converged perspective at its heart (and a security convergence section).
The standard recommends various integrated and holistic strategies and boldly states that the application of security convergence should establish “a cross-discipline and cross-functional risk assessment and management framework that identifies, analyses, evaluates and treats all security risks within a singular, managed process.”
The standard is available to ASIS members via a free download through the ASIS website.
In addition, there will be an education session titled: ‘Implementing the New Physical Asset Protection Standard’. This takes place on Tuesday 11 September from 11.00 am-noon in Room 3201 at ASIS International’s 58th Annual Seminar and Exhibition (which takes place in Philadelphia).
The work of preparing ASIS Standards and Guidelines is carried out through the ASIS International Standards and Guidelines Commission and its various Technical Committees. An ANSI-accredited Standards Development Organisation, ASIS actively participates in the International Organisation for Standardisation, developing standards and guidelines within a voluntary, non-proprietary and consensus-based process using the knowledge, experience and expertise of ASIS membership, security professionals and the global security sector.
EBOOK: Lessons from IFSEC 2023 – Big Tech, Martyn’s Law and Drone Threats
Read IFSEC Insider’s exclusive IFSEC eBook and explore the key takeaways from the 2023 show!
Navigate the impact of Big Tech on access control, gain insights from Omdia’s analysts on video surveillance trends, and explore sessions covering topics like futureproofing CCTV networks, addressing the rising drone threat, and the crucial role of user proficiency in security technology.
There's also an exclusive interview with Figen Murray, the driver behind Martyn's Law legislation.
