What is ISO 18788?
ISO 18788 is an international standard that provides a framework for establishing, implementing, operating, monitoring, maintaining, and improving a Security Operations Management System. Following in the footsteps of standards such as ISO 9001 and 45001, this standard takes on a systemic approach towards managing security operations.
With a focus on private security, risk management and accountability; ISO 18788 succeeds in setting the highest standard for the management of private security operations by ensuring that safety and professionalism are at the forefront of its principles.
Once certified, organisations can proudly promote themselves as certificate holders in any of their promotional materials and can include the URS certification logo free of charge.
Who requires an ISO 18788 certification?
ISO 18788:2015 is primarily required by organisations that conduct or contract security operations, with a strong emphasis placed on private security companies (PSCs). In addition, clients that contract private security services, as well as public authorities and governmental bodies would also benefit from utilising this standard as a basis for good practice.
How can an ISO 18788 certification benefit your business?
Becoming certified for ISO 18788 can bring a wide range of benefits to your organisation, including:
Enhanced Credibility and Reputation
Improved Operational Performance
Legal and Human Rights Compliance
Increased Client Confidence
How can you prepare for ISO 18788 Certification?
Although the thought of starting the certification process may seem daunting, there are a variety of steps you can take to make the process to becoming certified far more streamlined:
Familiarise yourself with the ISO 18788 standard
Define the Security Operations Management System policy for your organisation
Conduct a gap analysis to highlight areas where your organisation does not meet the standard requirements
Carry out a risk assessment to identify potential threats and vulnerabilities
What are the key requirements in ISO 18788?
When working towards becoming certified for ISO 18788, there are various areas that will be a focus during the audit. These areas include:
Establishing Norms of Behaviour and Codes of Ethical Conduct
Addressing risks and opportunities
Understanding the context of your organisation
Demonstrating a human rights-compliant approach
What clauses make up the structure of ISO 18788?
Clauses 1-3 – Introductory clauses:
The first three clauses of ISO 18788 combine to introduce the scope of the standard and demonstrate the sector specific areas where the certification can be applied.
To assist with understanding, the first and second cluses explore how the standard can be applied and identify additional standards that are referenced throughout. Whilst clause three provides a list of definitions for terms that feature throughout the standard to assist with ease of reading and understanding.
Clause 4 – Context of the organisation:
Clause 4 requires an organisations to establish the foundation for its Security Operations Management System (SOMS). This can be achieved through a thorough analysis of internal and external factors that could impact its security operations, such as legal, social, and economic conditions.
Organisations must also identify all relevant interested parties, like clients, employees, and local communities, and understand their needs and expectations.
Clause 5 – Leadership:
Clause 5 establishes that top management is ultimately responsible for the effectiveness of the Security Operations Management System (SOMS) and mandates that leadership’s commitment must be active.
Clause 6 – Planning:
Clause 6 sets out the basis that an organisation must systematically address risks and opportunities by creating and implementing plans to mitigate threats. It also requires organisations to establish specific, measurable security objectives that align with its overall policy.
Clause 7 – Support:
Clause 7 outlines the resources required to sustain the SOMS which include competent personnel, appropriate infrastructure, and a suitable work environment. It also requires staff to show competency in their roles through training and experience and demonstrate awareness of the security policy.
Clause 8 – Operation:
Clause 8 covers security services, and the translation of strategic plans into controlled actions. Per this clause, organisations are required to implement and manage processes such as conducting site-specific risk assessments and managing changes.
Clause 9 – Performance Evaluation:
Clause 9 focuses on the effectiveness of the Security Operations Management System and utilises a systematic approach to monitoring, measuring, and analysing security performance. As part of this clause, organizations are required to conduct regular internal audits to verify that the system conforms to the standard and is working as intended.
Clause 10 – Improvement:
Clause 10 requires an organization to proactively enhance its Security Operations Management System by taking corrective actions, and investigating the root causes of nonconformities to prevent recurrence.
How long will your ISO 18788 certificate be valid for?
Your ISO 18788 certificate will be valid for at least three years; dependent on the type of site that is being certified.