1、BSI Standards PublicationBS ISO 22397:2014Societal security Guidelinesfor establishing partneringarrangementsBS ISO 22397:2014 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of ISO 22397:2014.The UK participation in its preparation was entrusted to TechnicalCommittee
2、 SSM/1, Societal security management.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. The British Standards Instit
3、ution 2014. Published by BSI StandardsLimited 2014ISBN 978 0 580 78373 9ICS 03.100.01Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 31 July 2014.Amendments issued
4、 since publicationDate Text affectedBS ISO 22397:2014 ISO 2014Societal security Guidelines for establishing partnering arrangementsScurit socitale Lignes directrices pour ltablissement daccords de partenariatINTERNATIONAL STANDARDISO22397First edition2014-07-15Reference numberISO 22397:2014(E)BS ISO
5、 22397:2014ISO 22397:2014(E)ii ISO 2014 All rights reservedCOPYRIGHT PROTECTED DOCUMENT ISO 2014All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posti
6、ng on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester.ISO copyright officeCase postale 56 CH-1211 Geneva 20Tel. + 41 22 749 01 11Fax + 41 22 749 09 47E-mail copyrightis
7、o.orgWeb www.iso.orgPublished in SwitzerlandBS ISO 22397:2014ISO 22397:2014(E) ISO 2014 All rights reserved iiiContents PageForeword ivIntroduction v1 Scope . 12 Normative references 13 Terms and definitions . 14 Plan the partnering arrangement 14.1 Define the purpose of the partnering arrangement 1
8、4.2 Identify partners to the arrangement . 14.3 Arrange initial dialogue with potential partners 25 Develop the partnering arrangement 25.1 Set the priorities 25.2 Conduct a risk assessment 25.3 Agree on the scope of the partnering arrangement 35.4 Identify objectives, tasks and resources . 35.5 Ide
9、ntify roles, responsibilities and levels of authority . 45.6 Establish relationship rules and how to resolve challenges 45.7 Determine communication and consultation needs. 45.8 Determine need for training and exercises 46 Implement the partnering arrangement 56.1 Apply partnering principles 56.2 Se
10、lect contractual tools 57 Review the partnering arrangement . 6Annex A (informative) How to generate the information necessary to establish relationship rules Example . 7Annex B (informative) Potential obstacles to the partnering arrangement 10Annex C (informative) Partnering review checklist 11Bibl
11、iography .13BS ISO 22397:2014ISO 22397:2014(E)ForewordISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committees. Each memb
12、er body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the International Ele
13、ctrotechnical Commission (IEC) on all matters of electrotechnical standardization.The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives, Part 1. In particular the different approval criteria needed for the different types
14、of ISO documents should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO shall not be hel
15、d responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarations received (see www.iso.org/patents).Any trade name used in this document is information
16、 given for the convenience of users and does not constitute an endorsement.For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information about ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the foll
17、owing URL: Foreword - Supplementary informationThe committee responsible for this document is ISO/TC 223, Societal security.iv ISO 2014 All rights reservedBS ISO 22397:2014ISO 22397:2014(E)IntroductionThe world has evolved into a global community of interdependent societies. Changes in technical and
18、 economic relationships have resulted in cross-jurisdictional and trans-boundary interdependencies for vital societal functions and assets. The security and well-being of people increasingly depend on the continuity of vital functions of organizations, local communities, nations and the global commu
19、nity. The impact of incidents has increased the need for enhanced preparedness, response and recovery programmes.There are many different roles and responsibilities within and between public, private and not-for-profit organizations. Some roles and responsibilities are primarily the responsibility o
20、f individual organizations while others can be adequately addressed only by the multiple organizations in order to manage risks. In a complex and changing world, organizations need to consider partnering. Partnering is the association with others in an activity or area of common interest in order to
21、 achieve individual and collective objectives.This International Standard provides principles and a process to develop the relationship among organizations in a partnering arrangement. Figure 1 illustrates the process for planning, developing, implementing and reviewing partnering arrangements.Figur
22、e 1 Process for planning, developing, implementing and reviewing partnering arrangementsA partnering arrangement can be between two or more organizations. It can improve the capacity of organizations to enhance prevention, preparedness, response, and recovery programmes. This for a wide range of eve
23、nt(s) which may include natural, human induced disasters with potential impact on an organization, community or society and the environment on which it depends. There are a variety of possible partnering arrangements, both formal and informal. For example, contracts, memoranda of understanding (MoUs
24、), mutual aid agreements, partnerships, cooperation agreements, coordination agreements, operational agreements, supply agreement, etc.This International Standard is not intended to replace local, national or international regulations. Organizations are advised to seek legal counsel before entering
25、into partnering arrangements. ISO 2014 All rights reserved vBS ISO 22397:2014BS ISO 22397:2014Societal security Guidelines for establishing partnering arrangements1 ScopeThis International Standard provides guidelines for establishing partnering arrangements among organizations to manage multiple re
26、lationships for events impacting on societal security. It incorporates principles and describes the process for planning, developing, implementing and reviewing partnering arrangements.This International Standard is applicable to all organizations regardless of type, size and nature of activity whet
27、her in or between the private, public, or not-for-profit sectors.2 Normative referencesThe following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. For undated references, th
28、e latest edition of the referenced document (including any amendments) applies.ISO 22300, Societal security TerminologyISO 31000:2009, Risk management Principles and guidelines3 Terms and definitionsFor the purposes of this document, the terms and definitions given in ISO 22300 and the following app
29、ly.3.1interoperabilityability of diverse systems and organizations to work together i.e. to inter-operate3.2partneringassociation with others in an activity or area of common interest in order to achieve individual and collective objectives4 Plan the partnering arrangement4.1 Define the purpose of t
30、he partnering arrangementThe organization(s) initiating the partnering arrangement should: clearly identify the need for a partnering arrangement, and consider existing policies, roles, responsibilities and interests and the benefits to itself and other potential partners.4.2 Identify partners to th
31、e arrangementThe organization(s) initiating the partnering arrangement should identify other organizations with the appropriate attributes as potential partners.INTERNATIONAL STANDARD ISO 22397:2014(E) ISO 2014 All rights reserved 1BS ISO 22397:2014ISO 22397:2014(E)These are organizations which coul
32、d become partners to the arrangement as they could: be directly or indirectly effected or impacted by an event; support or contribute to the work of preventing, preparing, responding and/or recovering from an event; be required to comply with legislation and regulation.Because the impact of an event
33、 may be uncertain, the initiating organization(s) should continually monitor and evaluate potential partners.4.3 Arrange initial dialogue with potential partnersThe initiating organization(s) should contact potential partners that may be interested in partnering.Before entering into a partnering arr
34、angement, the initiating organization(s) should request each potential partner to consider: the purpose of the partnering arrangement; the specific objectives to be achieved by each organization; the advantage of implementing the partnering arrangement; their capability and competence with respect t
35、o the partnering arrangement; any internal constraints that may interfere with effective implementation.5 Develop the partnering arrangement5.1 Set the prioritiesWhen developing the partnering arrangement, different events may be identified. This enables types of events to be determined and prioriti
36、es to be set. The partners to the arrangement should establish a process to identify the issues related to each type of events, thereby decide on the most appropriate arrangement.The partners to the arrangement should ensure that applicable legal, regulatory, and other requirements to which the orga
37、nization subscribes are considered in developing the partnering arrangement.5.2 Conduct a risk assessmentThe partners to the arrangement should undertake a risk assessment in accordance with ISO 31000:2009, 5.4. The results of the risk assessment are intended to provide information such as: vulnerab
38、ility of critical assets; high priority risk sources; risk treatments; risk profile; organizational capability (prevention, preparedness, response and recovery).When undertaking risk assessment, the following should be considered: respect confidentiality, policies and expectations of the partnering
39、arrangement when sharing information;2 ISO 2014 All rights reservedBS ISO 22397:2014ISO 22397:2014(E) identify risk sources whether or not they are under the control of the partners to the arrangement and even when the cause of the risk is not evident; consider that risk sources can have multiple co
40、nsequences or affect several assets at the same time.5.3 Agree on the scope of the partnering arrangementThe scope of the partnering arrangement describes the range of activities which the partners to the arrangement are to perform to manage each type of event. The partners to the arrangement should
41、 agree on a scope that: is consistent with the purpose of the partnering arrangement, takes into account the results of risk assessment, and describes mutual benefits and interests of the partners and the community.5.4 Identify objectives, tasks and resources5.4.1 GeneralThe partners to the arrangem
42、ent should identify and determine the objectives, tasks and resources required to manage each type of event in accordance with the mission, competence and capabilities of the partners to the arrangement.5.4.2 ObjectivesThe partners to the arrangement should consider their objectives e.g. in terms of
43、:a) saving lives and protecting properties;b) protection of assets;c) continuity of operations and minimizing all-hazards;d) protection of the environment;e) protection of image and reputation.5.4.3 TasksThe partners to the arrangement should identify and classify their tasks required to manage each
44、 type of event.5.4.4 ResourcesThe partners to the arrangement should identify their necessary resources such as:a) personnel;b) emergency equipment;c) facilities;d) provision;e) communication system;f) crisis management centres;g) logistics. ISO 2014 All rights reserved 3BS ISO 22397:2014ISO 22397:2
45、014(E)5.5 Identify roles, responsibilities and levels of authorityThe partners to the arrangement should identify and determine their roles, responsibilities and levels of authority required to manage each type of event in accordance with the mission, competence and capabilities of the partners to t
46、he arrangement.5.6 Establish relationship rules and how to resolve challengesThe partners to the arrangement should establish rules to manage their relationship and how to resolve challenges. These define the contractual, operational, financial and ethical responsibilities of the partners to the arr
47、angement, and provide guidance on how to govern their actions and fulfil the arrangement.When activities are likely to overlap between two or more partners to the arrangement, they should specify how to: achieve the highest degree of co-ordination between the activities of each of the partners to th
48、e arrangement, and clearly assign leaders and responsibility for each action to resolve possible conflict with respect to relationships and decision making.See example in Annex A on how to generate the information necessary to establish relationship rules.5.7 Determine communication and consultation
49、 needsThe partners to the arrangement should: agree to common terminology or common language of work; develop communication and consultation strategies and processes to provide information and encourage on-going dialogue; ensure that communication is a two-way process to inspire confidence and encourage the appropriate attitudes, behaviours and culture; consult prior to decision making or determining a direction on an issue; share and document how decisions are made in order to clarify the reasons for required ac
