puce You are here > HOME > ADVISING > Implementing Management Systems > Security Management System - SMS
ADVISING
  1. Risk Analysis and Assessment
  2. Implementing Management Systems
  3. Classified Installations for Environmental Protection
  4. Project Owner Assistance
  5. Risk Control Intelligence and Inquiries
  6. Risk Treatment
  7. Tailor-made training programmes
  8. Advising News

Security Management System - SMS

Controlling the risk of malicious acts is one of the concerns facing companies and local authorities alike.

By formalising a malicious act security management system, companies and local authorities can :

  • demonstrate they have identified all the potential threats to their tangible and intangible assets,
  • contend they have a sufficient level of proficiency to address these threats and to continuously improve that proficiency,
  • demonstrate the involvement of personnel at every level of the organisation in the security management system,
  • guarantee, for the various stakeholders, that the organisation is structured to ensure its effective operation.

NORMATIVE FRAMEWORK

The following standards and reference systems can serve as a basis for formalising that organisation :

  • Reference system CNPP-1302 – Security Management System – Preventing malicious acts and threats,
  • ISO 28000 – Supply Chain Security Management Systems.
  • ISO 27001, information security management system.

The choice of reference system depends on the context and the expectations of the company or local authority.

METHODOLOGICAL APPROACH

Setting-up the Malicious Acts Security Management System is based on the following steps.

In addition to the diagram for setting up a Security MS, the following comments provide further explanation about the approach of the CNPP :

ORGANISATIONAL AND MANAGERIAL SECURITY DIAGNOSTIC

The objective in this phase is to analyse and assess the practices and current security organisation in relation to the requirements of the chosen reference system by carrying out an analysis of the documentation and practices, and by carrying out interviews of the main functions in the organisation.

SUPPORT FOR SECURITY MS DEPLOYMENT– ON-SITE SUPPORT

As part of its support service, the CNPP undertakes to perform the following :

  • Provide methodological assistance in introducing the reference system,
  • Ensure compliance with the work schedule, both in terms of the work done and lead-times,
  • Assist the Security MS Project Manager in drafting the Security manual and associated procedures,
  • Validate the consistency of the documentary system with the specific procedures.

ADDED VALUE

As project manager, the CNPP has led the working groups that drafted the following :

  • Reference system CNPP-1302 – Security Management System – Preventing malicious acts and threats,
  • The Security Management System Audit Guide – CNPP-1302.

The CNPP auditors have also carried out test audits of the security management system.

Contact :

Tel : +33 (0)2.32.53.63.50

Fax : +33 (0)2.32.53.73.84

E-mail : audit.conseil@cnpp.com

icone_imprim Print page

|

MEMBER AREA
SECURIBASE

CNPP © 2012 Tous droits réservés