Optimization of security processes (SPO)

The digitalisation of the working environment in companies is constantly increasing. This circumstance is accompanied by the increasing importance of the processes for the individual work steps. Those responsible for Corporate Security can no longer escape this company-wide trend in their field of activity. Process cost analyses in this area also ask whether the individual work steps are defined and performed as cost-effectively as possible.

The world of ISO standards has only marginally reached the field of Corporate Security. An ISO standard, which explicitly deals with Corporate Security, has not yet been drawn up or adopted. Initial approaches to such standardisation by generally recognised bodies can be found in Austria, for example. Partial aspects are discussed within ISO as future fields of activity. Within the framework of Continuity or Resilience Management, corporate processes are increasingly being considered in terms of their resistance to the occurrence of damaging events.

In this situation, those responsible from Corporate Security must ask themselves the question of what “maturity level” the processes in their area have reached. If they are “random processes”, they are “repeatable”, they are “defined”, “managed” or “optimized”. This differentiation from IT has meanwhile proven to be practical and has been further established.

When optimising Security Processes, the establishment of a management system based on the principles of ISO 9001 is certainly very useful. A model here could be the ISO 27001 standard on Information Security. In addition to the relevant courses at designated universities, we offer guidance for the practitioner, be it within the courses of the VdS or in the Verismo Academy. During implementation, modern web-based tools can provide valuable support.

We have equipped our modern web-based tools DEMiOS 2.6 and CUSTODiOS 2.0 in the latest version with state-of-the-art alerting functionalities. For more details on both tools, please refer to the attached DEMiOS News No.4. All new features are briefly presented here.

We see both tools as instruments for achieving a significant improvement in processes within the scope of optimising security processes (SPO), be it in the work of the crisis management team itself, the control of event processing in normal operations or the evaluation of security-relevant events in a global corporation.

Finally, I would like to refer again to our comprehensive seminar program. With our certificate course in Crisis Management with three modules, we offer an alternative or supplement to other offers on the market, sometimes from a slightly different perspective.

We look forward to hearing from you or welcoming you to our company.

With kind regards

Klaus Bockslaff and team