ISO has published a new standard on information exchange between organizations

The timely and effective sharing of information within and across jurisdictions, disciplines, and organizations is essential to keep the population safe and to enhance resilience. Best practices show that those communities with solid, consistent security collaborations respond better to critical incidents.

Today, response to major emergencies involves multiple organisations collecting, collating and communicating data and information to enable better decision making that minimises social and economic impacts. The challenges involved in co-ordinating an effective response to large scale events are compounded by the number and variety of organisations involved. Critical infrastructure or services are increasingly privately managed or owned creating new requirements for co-operation and information exchange. Organizations from both the private and public sectors should be able to exchange information effectively and securely. Effective information exchange arrangements can provide benefits to participating organizations and will result in increased preventive measures and capacity building leading to a general increase in security.

ISO 22396, Security and resilience - Community resilience - Guidelines for information exchange between organizations has now been published. The project leader, Roger Holfeldt, CEO of Secana AB from Sweden explains:

“This new standard will provide organizations with an effective framework for information exchange that complements the organisational structures, cultures and existing interfaces between organisations. It will help both public and private sector organizations to exchange information effectively and securely in order to increase societal security and enhance resilience."

Key Features of Standard

ISO 22396 provides guidelines for information exchange. It includes principles, a framework and a process for information exchange. It will help organizations to identify mechanisms for information exchange so that they can learn from others’ experiences, from mistakes and successes. The standard will help organizations to maintain information exchange arrangements to increase commitment and engagement. It also provides measures that enhance the ability of the participating organization to cope with disruption risk.

The standard also contains several examples of successful information sharing arrangements involving both private and public sector organizations in a variety of sectors at both national and local levels.

ISO 22396, Security and resilience — Community resilience — Guidelines for information exchange between organizations is available from ISO national member bodies. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information Department.

Upcoming events

28 Feb, Zoom
Working Group 1

5 March, Zoom
Communication Group meeting

[tbd], 2024
11th ISO/TC 292 plenary meeting

Topics

Authenticity, integrity and trust for products and documents
Business continuity management
Community resilience
Crisis management
Emergency management
Event management
Organizational resilience
Protective security
Supply chain security
Terminology

This website has been developed by Swedish Civil Contingencies Agency in collaboration with ISO and Swedish Institute for Standards responsible for the ISO/TC 292 secretariat

An overview of ISO/TC 292 can also be found at the ISO webpage.

ISO

SIS