BS 10800:2020 pdf download

BS 10800:2020 pdf download.Provision of security services —Code of practice.
3.16 top management
person or group of people who directs and controls an organization at the highest level NOTE Top management has the power to delegate authority and provide resources within the organization
4 Context or the organization
4.1 Understanding the organization and its context
The organization should determine external and internal issues that are relevant to its purpose and that ailed its ability to achieve the intended outcome(s) of its provision of security services
42 Understanding the needs and expectations or Interested panics The organization should determine:
a) the interested parties that are relevant to the provision of security services; and b) the relevant requirements of those interested parties.
4.3 Determining the scope
When determining the scope of the provision of security services, the organization should take into account
a) the external and internal Issues re erred to in 4.1;
b) the interested parties rekrred to in 42;
c) the products and services of the organization;
d) sectorspecific codes of practice; and
e) boundaries, e.g other offices or units.
The scope should be available as documented Information,
5 Top management commitment
5.1 General
Top management should demonstrate leadership and commitment with respect to the security services provided by the organization by:
a) setting dear aims and ubiectives for service provision;
b) setting achievable targets for service provision;
c) identifying and providing resources and putting Infrastructure In place to achieve contractual obligations, where applicable;
d) monitoring and managing service delivery; and
e) promoting continual improvement
5.2 Policy
Top management should Identify and document establish policies that are relevant to the purpose of the organization and its provision of service delivery
5.3 Organizational roles, responsibilities and authorities
Top management should assign the responsibilities and authorities for relevant roles and communicate these within the organization.
Top management should assign responsibility and authority for reporting on the perfurnunce of the services provided.
6 Planning
6.1 Risks and opportunities
When planning for the provision of security services, the organization should determine the risks and opportunities that need to he addressed, plan mitigations to address these risks and opportunities.
and evaluate the effectiveness of these mitigations.
NOTE 2 Foi-fzarrhergwdonce as, sector-specific risks and opportunities see the applicable British Standards, such as 857499 for .ctatic guarding or 85 7984 -3 fin mobde patrolling.
The organization should be aware of the customer’s management policy and strategy document that mitigates the customer’s security risks, threats and opportunities. The organization’s risk and threat assessment should highligb specilk areas to be induded In the customer’s management policy and strategy document.
NOTE 2 These areas are specific to each business, e.g. terrorism, theA slngk-issue extremists.
If a customer’s management policy and strategy document does not exist, the organization should work with the customer and agsee an approach to safeguarding their assets and security solutions.
6.2 Objectives and planning
The organization should establish obectives for the provision of security services, Including provision for its own business continuity and disaster recovery
The obfrictives should:
a) be consistent with customer requirements;
b) be measurable;
c) take into account applicable requirements;
d) be monitored;
e) be communicated; and
1) be updated, as needed.
The organization should retain documented information on the objectives.
NOTE 2 The onganlsutlon could ask the customer the following questkms.
a) Incident(s) of cnme What are the risks (actual and perceived) Assess the type, scale and partero of Incidents that have ocrwrrd in thr last 12 months
b) Environment and buildings: Where are the customer’s vulnn-ubk points? (e.g. access and egress paints and other lugh-risk secunty areas,) Assess the environmental and building factors that contribute to the customer’s security.
c) Security What teen of security is required to counlensct those risks eflecti vely’ Assess the effectiveness of the security measure.