260 likes | 434 Views
Integrated Security Management Systems Pilot Projects. United States – Israel Science & Technology Foundation (USISTF) Dr. Marc Siegel Program Director United States – Israel Science and Technology Foundation (USISTF) Phone: 202-419-0432 Email: siegel@usistf.org. What is the USISTF?.
E N D
Integrated Security Management Systems Pilot Projects United States – Israel Science & Technology Foundation (USISTF) Dr. Marc Siegel Program Director United States – Israel Science and Technology Foundation (USISTF) Phone: 202-419-0432 Email: siegel@usistf.org
What is the USISTF? • US-Israel Science and Technology Foundation is the funding and administrative arm of the US-Israel Science and Technology Commission (USISTC) • Bilateral initiative established by the US Dept. of Commerce and Israel Ministry of Industry and Trade in 1994 to foster scientific, technological, and economic cooperation between the peoples of the US and Israel. • Promotes binational science & technology collaborations; standardization, harmonization, and education on regulations; binational and regional training on cross-culture issues; strategic alliances of mutual benefit; and processes, policies, and procedures that enhance creativity in binational science and technology activities.
Program Objectives • Develop a blueprint for action for U.S. and Israeli private, public, and governmental entities. • “Proof of concept” of an integrated security management system built on existing tools and standards. • Provide the public and private sectors with relevant guidelines for an integrated security management system that are consistent with existing management system approaches, guidelines, and standards.
Why a Management System? • Provides a set of benchmarked tools and processes • Helps to systematically identify risks and problems, as well as problem-solving tools • Inclusive process • Provides specialized training • Establishes operational controls and procedures • Creates measurable goals and methods for accomplishing identified objectives
Why Use Existing Standards? • Facilitates joint audits • Promotes parallel assessments • Potential benefits and savings in case of certification and third-party registration • Avoids conflict and/or duplication • More easily understood & implemented • Leverages management buy-in • Combines “loss leaders” • Accelerates development and action
Project Timeline • Planning group established • Oversees project implementation • USISTF, MOE, SII, OFEE, and Israel Police Security Division • Stakeholder Meeting: March 10-11, 2004 Washington, DC • Established a clear blueprint for the steps involved in planning and implementation of the demonstration projects including the drafting of guidelines, protocols, and benchmarks for the conduct of the demonstration projects • Established bi-national working groups to develop and oversee demonstration projects • Agreement on information sharing and the protection of sensitive information • July 15, 2004 - Request for Applications for pilot studies closed • August 10, 2004 – Binational Peer Review Panel concludes application reviews • August 10-12, 2004 – Binational Working Group One meets at SII in Tel Aviv • Drafts Security Management Standard drawn on elements derived from the current ISO 9001 (quality management), ISO 14001 (environmental management), BSI 18001 (occupational health and safety) standards and the new NFPA 1600 (disaster/emergency management and business continuity programs) standards • Standard and guidelines to be used as baseline in all pilot projects • September – October 2004: • Pilots recommended by reviewers refined and finalized • Meetings with US DHS to identify pilot sites of major national impact and collaboration • Development of in-house pilot projects • November 2004 – November 2005 • Pilot project underway
Stakeholder Meeting: March 2004 • Identified the approach, procedures, outcomes, and metrics necessary to create an integrated security management system • Recommended use of the "Plan, Do, Check, Act" PDCA model & ISO-14001 • Precursor to the launch of proof-of-concept pilot demonstration projects
Working Groups • Group One: To develop products and guidelines • Group Two: Oversees implementation with pilots. Including serving as project resource, and ensuring milestones are on track. (implementation metrics) • Group Three: To develop metrics for system performance and security assurance (performance metrics) • Group Four: To monitor progress and work products in the interest of ultimate converting the information to an international standard. This group may begin writing Guide 72 Justification Document in parallel.
Common Elements • Policy • Planning • Implementation and operation • Performance assessment • Improvement • Management review
An Effective Management System • Flexible • Transparent • Useful to the “practitioner” • In harmony with mission focus • Focused on continual improvement
Plan-Do-Check-Act Model (PDCA) Continual Improvement Policy Management Review Planning Checking & Corrective Action Implementation & Control
Key Elements of Integrated PDCA Management System • Policy statement/commitment • Identification and prioritization of significant vulnerabilities and impacts • Development of objectives and targets • Implementation plan to meet objectives and targets • Checking and follow-up • Training • Management review
Guiding Principles of Project • Market Relevance • Meet demonstrated market needs • Encourage competitiveness and innovation • Avoid unnecessary burden • Avoid complexity • Should not imposed trade barriers • Used to achieve performance goals • Valued added to business and operations
Rationale for Using EMS Approach • Much of an Environmental Management System (EMS) may already be in place • Key is to use a systematic approach to planning, controlling and improving security efforts • Can be a vehicle for positive change
Planning Identify Vulnerabilities & Impacts Determine Priority Vulnerabilities Develop Identify Establish Activities, Objectives Management Products and Program and Targets Services Determine Legal and Other Requirements
Implementation and Operation Capabilities & Organization & Controls Accountability Communications MS Documentation Training, Awareness and Document Control Competence Structure and Responsibility Operational Control Communication Emergency Preparedness and Response
Checking and Corrective Action Ongoing Non-conformance, Monitoring and Corrective and Measuring Preventive Action Records Periodic Internal Audits
Management Review Process • To Assess the • suitability, • adequacy, and • effectiveness of the MS • Take account of: • audit findings • progress records on objectives • changes to facilities • changes in activities, products or services • changes in technology • concerns of interested parties • other relevant information • In order to determine the need for change and improvement to: • the security policy • the objectives and targets • other management system elements
Objectives of Pilot Case Studies • Create a set of guidelines and tools for wide-ranging implementation of integrated security management systems across industry, service, business, and governmental sectors • Test proof of concept prior to initiating the discussion of the mechanics of developing a standard • Provide the basis for either developing a set of guidelines as the end product, and/or providing the experience and data necessary to proceed with the “Justification Study Process” of developing a standard defined in the ISO Guide 72:2001(E)
Pilot Studies Underway • AcuTech Consulting Group: • Israeli Partner: Rotem Industries, Ltd. • Israel Pilot Site: Israel Petroleum & Energy Infrastructures Ltd. (PEI) Kamad Glilot site or Admot Hazafon site. • U.S. Pilot Site: Washington D.C. Water and Sewage Authority Blue Plains Facility • Environmental Security International: • Israeli Partner: Rotem Industries, Ltd. • Israel Pilot Site: Schneider’s Children’s Medical Center of Israel • U.S. Pilot Site: North Shore – LIJ Health System’s Schneider’s Children’s Hospital Pediatric Trauma Center of Queens, New York • Sinai Hospital of Baltimore: • Israeli Partner: Barzilai Medical Center • Israel Pilot Site: Barzilai Medical Center • U.S. Pilot Site: Sinai Hospital of Baltimore
Additional Pilots • Israel Aircraft Industries: • U.S. Partner: Network Information and Space Security Center (NISSC), Colorado Springs, Colorado • Israel Pilot Site: Israel Aircraft Industries • U.S. Pilot Site: Two U.S. aerospace sites as candidates
In-house Pilots • Commercial Properties • Israel Pilot Site: "Kiryon" office building and shopping center in Haifa • U.S. Pilot Site: Commercial property in New York • Ports • Israel Pilot Site: Katsaa Port • U.S. Pilot Site: Candidates being finalized • Airports • U.S. Pilot Site: Candidates being considered
Other Initiatives • Homeland Security market workshop in Israel • Will address first responder technology requirements and needs • Emphasis on US standards and procurement requirements Israeli and American companies must meet to participate in first responder market • Approaches necessary for addressing technology integrator needs. • This workshop would benefit both technology developers and potential exporters of technologies. • Workshop in Virtual Reality applications in homeland security – Israel and the US
Thank You Dr. Marc Siegel Program Director U.S.-Israel Science & Technology Foundation - USISTF 1130 17th St. NW, Suite 312 Washington D.C., 20036 DC Phone: 202-419-0432 San Diego Phone: 858-484-9855 Fax: 202-419-0435 Email: siegel@usistf.org URL: http://www.usistf.org