Security Audits? What are they?
Security audits are routine checks to ensure policies, protocols, and security measures are operating effectively and according to a set of standards. PMV Security Group provides real world security audits using renowned industry leading standards. An effective security program has to start with solid foundation and that is where standards are introduced.
Do I need them?
That isn’t always easy to answer. If you have security policies just like any other department you want to ensure those security policies are performing well and accomplishing their goal. If they aren’t performing well or your staff are not implementing them properly, you may not find out till it’s too late. A security incident can cause irreversible damage to your organization so prevention is key.
- Business or organizations involved in the supply chain of products entering other countries (Especially US, Canada, and countries associated with European Union, or members apart of North American Free-Trade Agreement (NAFTA))
What kind of security audits or certifications should I obtain?
There are numerous organizations out there that have developed several security oriented audits. There are also several industry specific security audits that are unique to that industry. See below to cover a few.
Customs-Trade Partnership Against Terrorism or (CTPAT): A voluntary program created and managed by the United States Customs Border Patrol (CBP) to increase security and safety of the products being imported through US ports. This is one of the most recognized programs for supply chain security for manufacturers, logistics and other organizations connected to products and trade entering the US.
So what is the purpose of CTPAT?
It is a voluntary program is set forth by CBP to improve security across the entire supply chain. When you participate in the CTPAT program you are joining an alliance of more than 11,500 trade partners in the fight for safe product entry into the USA. The CBP are responsible for ensuring the nearly 25 million product containers entering the borders of the USA.
By obtaining CTPAT certification, your company can:
- Help the CBP carry out cargo security measures more effectively.
- Improve your own supply chain’s security standards, and
- Secure benefits for your business, such as a faster custom’s entry process
The International Organization for Standardization (ISO) considered as one the most recognized organizations when it comes to international standards not only security but several other industries as well.
- ISO 28000 | Specification for Security Management Systems for the Supply Chain: A standard published to
- Establish, implement and maintain a security management system
- Ensure compliance to security management policies
- Seeking certification of 3rd party audit accreditation or self-declaration certification
- ISO 27000 | Information Technology, Security Techniques, Information Security Management Systems: This is a family of certifications and there are several within this group that are utilized across several industries. (Not all will be listed here)
- ISO 27001: Information Technology | Information Security Management Systems
- ISO 27005: Information Security Risk Management
- ISO 27010: Information Security Management for inter-sector and inter-organizational communication
- ISO 27011: Information Security Controls for telecommunications
- ISO 37001 | Anti-Bribery Management Systems (ABMS): A standard published to help organizations:
- Establish, implement, maintain and improve anti-bribery compliance programs
- Develop countermeasures and anti-bribery practices
Who can use these certifications?
Most ISO standards are for small to large organization unless otherwise stated. We at PMV Security Group focus on relevant certifications to clients in the APAC region. We feel these are among the top ones that should be implemented.
Transported Asset Protection Association or (TAPA) is an organization has developed security security standards around decreasing cargo crime with vehicle & facility standards. They have a membership program along with these certifications:
- Trucking Security Requirements (TSR) Certification: Security standards designed to combat theft sensitive products transported over roadways.
- Facility Security Requirements (FSR) Certifications: Security standards designed to address how theft sensitive products are handled in storage areas and fixed warehouses.
- Air Cargo Security Standards (TACSS) Certifications: Minimum security standards for safe and secure transportation of air cargo transiting on and off airports & airport related facilities.
- Parking Security Requirements (PSR) Certifications: Security standards designed to address parking operations whether owned or operated.
- Typical users of standards include:
- Buyers of logistic services
- Logistic service providers and associated suppliers
- Law enforcement or other government organizations
- Professional Supply Chain Organizations
- Typical users of standards include:
Partners in Protection (PIP) is the Canadian equivalent of CTPAT as you see above. The goals are the same. Promote border and trade supply chain security through a voluntary program created and managed by the CBSA or Canadian Border Services Agency.
Who can use this certification?
Any organization engaged in business trade with Canadian entities or a component of a supply chain providing product imports through Canada’s ports.
- CBSA security assessments and expertise
- Improved supply chain security across components
- Recognition as a Trusted Trader at the border (reduced waiting times)