ISO has published a new standard on information exchange between organizations
The timely and effective sharing of information within and across jurisdictions, disciplines, and organizations is essential to keep the population safe and to enhance resilience. Best practices show that those communities with solid, consistent security collaborations respond better to critical incidents.
Today, response to major emergencies involves multiple organisations collecting, collating and communicating data and information to enable better decision making that minimises social and economic impacts. The challenges involved in co-ordinating an effective response to large scale events are compounded by the number and variety of organisations involved. Critical infrastructure or services are increasingly privately managed or owned creating new requirements for co-operation and information exchange. Organizations from both the private and public sectors should be able to exchange information effectively and securely. Effective information exchange arrangements can provide benefits to participating organizations and will result in increased preventive measures and capacity building leading to a general increase in security.
ISO 22396, Security and resilience - Community resilience - Guidelines for information exchange between organizations has now been published. The project leader, Roger Holfeldt, CEO of Secana AB from Sweden explains:
“This new standard will provide organizations with an effective framework for information exchange that complements the organisational structures, cultures and existing interfaces between organisations. It will help both public and private sector organizations to exchange information effectively and securely in order to increase societal security and enhance resilience."
Key Features of Standard
ISO 22396 provides guidelines for information exchange. It includes principles, a framework and a process for information exchange. It will help organizations to identify mechanisms for information exchange so that they can learn from others’ experiences, from mistakes and successes. The standard will help organizations to maintain information exchange arrangements to increase commitment and engagement. It also provides measures that enhance the ability of the participating organization to cope with disruption risk.
The standard also contains several examples of successful information sharing arrangements involving both private and public sector organizations in a variety of sectors at both national and local levels.
ISO 22396, Security and resilience — Community resilience — Guidelines for information exchange between organizations is available from ISO national member bodies. It may also be obtained directly from the ISO Central Secretariat, respectively through the ISO Store or by contacting the Marketing, Communication & Information Department.