1、PAS 96:2010Defending food and drinkGuidance for the deterrence, detection and defeat of ideologically motivated and other forms of malicious attack on food and drink and their supply arrangementsReviewed and updated in 2010SoundfoodsafetypracticesTACCPInclusive(management)cultureSecureandtamperevide
2、ntstoresandpacksSecureboundariesPrudentrecruitmentRehearsedcrisisandcontinuityproceduresEffectivesensoryexaminationISO27001compliantinformationsecurityProtectedprocesscontrolandinformationsystemsAuditedstocksofchemicalsSecurestoragePositiveidentificationofpeoplePAS 96:2010 BSI March 2010Publishing a
3、nd copyright infornulltionThe BSI copyright notice displayed in this document indicates when the document was last issued.nullBSI nullrch 2010ISBnull 978 0 580 70039 2Inull 6null020 No copying without BSI permission except as permitted by copyright law.Publication historyFirst punullished in nullrch
4、 2008First nullresentnulledition punullished in nullrch 20nullThis nullnullicly nullnullilanulle Specinullation comes into enullnullct on 3nullt nullrch 20nullnullte nullenull affectedAnullndnullnts issued since publicationPAS 96:2010 BSI March 2010iContentsForeword. iinulltionale and purpose . iiiI
5、ntroduction inull1 Scope 12 nullernull and denullitions . 1nullnullliciousnullideologically nulltivated threats to food and food supply . 2nullBroad thenulls of food defence nullnullPresunulltions .null6 nullreat Assessnullnt nullitical nullntrol Point nullAnullPnull6nullAssessing the threat . nulln
6、ullAssuring personnel security99 nullntrolling access to prenullses . 1010 nullntrolling access to services 1211 Secure storage of transport vehicles . 1212 nullntrolling access to nullterials 121nullnullntrolling access to processes 1null1nullnullntingency planning for recovery fronullattacnull1nul
7、l1nullAudit and review of food defence procedures . 1nullAnnenulls 16nullnenullnullnullnnullrmatinullnullnullganinulltion onullsome nully sources onulladnullce and innullrmation . nullnullnenullB nullnnullrmatinullnullnullidance nullr specinullc parts onullthe nullod and drinnullsupply chain . nulln
8、ullnenullnullnullnnullrmatinullnullnullnullnding nullodnullnullnullod and drinnulldenullnce checnullist . 20Bibliography . 22iiPAS 96:2010 BSI March 2010Forenullordnullis nullnullicly nullvailanulle nullecinullation nullnullnullnulls developed null the Centre for the nullotection of nulltional nullf
9、rastructure nullnullnull in collanullration nullth nulle nullitish nullandards nullstitution nullnullnullin 200null nulle original edition made use of preventative strategies nullthin the nullorld nullalth nullganisation guidance on the nullerrorist nullreat to Food nullnullnullich nulls revised in
10、May 200null nullis nenull2010 edition of nullnull null has nullen revienulld null relevant stakeholders and amendments made to ensure its continued relevance and accuracynullnullnullowledgement is ginulln to the nullllowing organinulltions that were consulted in the denulllopment onullthis specinull
11、ationnullnull nullrico null null nullla Foodsnull nullsociated British Foodsnull Banullers Food nulloup null nullannullld nullinullrsitynull nulliry nullnull nullnullanull Food and nullinnullFederationnull Food Standards nullency null nullte nullurmet null nullalth nullotection nullency null null nu
12、llinnullnull nullSainsnullry null The nullllogg nullmpanynull nullanull Foodsnull nullndon South Bannullnullinullrsitynull nullrnull and Spencernull nullller nullirynull nulltional Farmers nullionnull Scottish Food and nullinnullFederationnull Tesconull nullaitrosenullider comments nullrom other par
13、ties were innullited nully BSI. The enullpert contrinullutions made nullrom organinullations and indinulliduals consulted in the denullelopment onull this nullnullS are gratenullully acnullnowledged.This nullnull has nullen prepared and punullished null BSInullwhich retains its ownership and copyrig
14、ht. BSI resernulls the right to withdraw or amend this nullnull on receipt onullauthoritatinull adnullce that it is appropriate to do so. This nullnull will null renullewed at internullls not enulleeding two yearsnulland any amendments arising nullom the renullew will null punullished as an amended
15、nullnull and punullicinulld in Update Standards.nullis PAS does not purport to include all the necessary provisions of a contractnullnullers are responsible for its correct applicationnullnullmpliance with this nullnullicly nullnullilanulle Specinullation does not onullitselnullconnullr immunity nul
16、lom legal onulligations.This nullnullicly nullnullilanulle Specinullation is not to null regarded as a British Standard.iiiPAS 96:2010 BSI March 2010nullationale and purposenullis section sets the contenull for nullnull null Defending Food and Drinknullnull descrinulls and enulllains the structure o
17、f the nullnull and indicates the nully in nullich it should, and should not, null usednullnull such it is an important part of the nullnull and should null fully considered nullfore the detailed provisionsnullThe nullod and drinnullindustry in the null nullthe nullod sector onullthe national innulla
18、structure nullcould null under threat nullom ideologically motinullted groups. The threat enullends that nullom criminals who use enullortion and nullom indinullduals with a grudge. It is dinullnullrent in nature nullom the nullaturalnullhanullrds which the industry is well nullrsed in handling. The
19、 threat is unlinullly to decline in the nullreseeanulle nullture. nullnull 9nullpronulldes nulload guidelines to industry operators which should help them assess nullee nullauses 6 and nullnulland reduce nullee nullauses null to 1null and nullnenullBnullthe risnullto their nullsinesses and to mitiga
20、te nullee nullause 1nullnullthe consenullences onullan attacnullBroad guidelines should null interpreted as precisely that. They are nulload nullcause managers will hanull specinull nullowledge onullthe specialist detail onulltheir nullsinesses which would not null appropriate nullr a document such
21、as thisnulland nullcause specinull innullrmation may null onullhelp to an intending criminal. They are guidelines and not renullirements nullcause a nully nullature onullnullnull 9nullis nullroportionalitynull The risnullis dinullnullrent nullr dinullnullrent nullsinessesnullnullr dinullnullrent ope
22、rationsnulland nullr dinullnullrent products. It is therenullre implicit that dinullnullrent risnullassessments will result in dinullnullrent action plans proportionate to an indinulldual situationnulland indeed in some cases to a legitimate decision to tanull no specinull action. To manull the guid
23、elines as sensinulle and as accessinulle as possinullenullnullnull 9nullis delinullrately written to integrate the reasoning nullhind a pronullsion with the pronullsion itselnull It tries to use language nullmiliar to the industry without continual denullitionnulland it tries to nulllance concisenes
24、s and comprehensinullness null manullng sensinulle renullrences to other sources onullinnullrmation. Some repetition has nullen accepted where emphasis has nullen needed or to impronull readanulllity.It assumes that managers are aware onullnullnullrd nullalysis nullitical nullntrol nullint nullnulln
25、ullnullor similar risnullmanagement proceduresnullcrisis management and nullsiness continuity management principles and hanull enullnullctinull procedures in place. It is enullected that most enullcutinulls will nullild the pronullsions onullnullnull 9nullinto these enullsting protocols. nullnull 9n
26、ullrecommends a team approachnullas that is typically the nullst way onullnullinging relenullnt enullertise togethernullhowenullr it is recogninulld that nullr manynullparticularly small enterprisesnullthis may hanull to null a team onullone person. In contrast to many standardsnullnullnull 9nullis
27、not seen as an enullernal audit tool. The principle onullproportionality means that dinullnullrent operations within enulln a single nullsiness may come to nullry dinullnullrent assessments onullits implications. It may null reasonanulle nullr a customer to asnullits supplier inullit is nullmiliar w
28、ith the guidelines onullnullnull 9null and to asnullinullit has implemented the nullroportionatenullsteps which it nulldges necessarynullnullt not to renullire specinull action on each indinulldual paragraph.nullnull 9nullis written in a null contenull and innulltes operators to nullew the guideline
29、s in the contenull onullthe legislatinull renullirements onullthe null. It does not consider application internationallynullnullt operations may nulld some onullthe approaches helpnulll and are welcome to manull whatenullr use they nullel appropriate.In summarynullnullnull 9nullpronulldes some appro
30、aches to the denullloping pronullem onullmalicious attacnullon the nullod and drinnullindustry. Its pronullsions should null nullth practical and proportionatenulland should help nullsinesses deter potential attacnullrs. BSI and nullnull welcome nullednullcnullon the structurenullnullrmat and pronul
31、lsions onull nullnull 9null and especially onullomissions which readers perceinull or renullsions which they nullel necessary. inullPAS 96:2010 BSI March 2010nullntroductionnullsinesses nullthin the food and drink industry are nullll versed in the processes needed to make safe, nullolesome, nutritio
32、us and palatanulle food availanulle to customersnullnullmoval of contamination from ranullfood sources, processing to make them consumanulle, and managing distrinulltion to avoid recontamination and spoilage are at the heart of the modern food industrynullnullnullrd nullalysis Critical Control nulli
33、nt nullnullCnull methodology has proved invaluanulle in controlling adventitious hanullrds nullich are nullsed on the environmental and nullological nature of food and nullich are essentially random in characternullThe punullic and nullsinesses within the nullod and drinnullsector now nullce a dinul
34、lnullrent threat nullthat onullmalicious attacnull especially null ideologically motinullted indinullduals and groups. This threat will maninullst in a way which renullcts the motinulltion and capanulllity onullthese people. It will not nullllow the statistically randomnulland therenullre predictanu
35、lle patterns onullnullmiliar nullanullrdsnullso the estanullished nullnullnullapproach might not wornullwithout modinullation.This document seenull to innullrm all those innulllnulld in the nullod and drinnullindustry onullthe nature onullthis threatnullto suggest ways onulldeterring attacnulland to
36、 recommend approaches that will mitigate the enullnullct onullan attacnullshould it happen. The interpretation onullthe guidance depends on the indinulldual nulldgement onullnullsiness managers. nulltion tanulln null any nullsiness should null proportionate to the threat nullced null that nullsiness
37、 and the document points to approaches to assess this threat. The pronullsions onullthis nullnull are not designed to null used as an audit tool as dinullnullrent organinulltions will manull dinullnullrent assessments onullthreatnullnulllneranulllity and impactnulland will implement dinullnullrent p
38、ractices to denullnd the nullod they handle and the supply arrangements which they use. nullre to the denullnce onullnullod is a systematic enullluation onullnulllneranulle elements onullthe supply chain carried out null an enullerienced and trusted team. In this documentnullthis is called nullhreat
39、 nullsessment nullitical nullntrol nullint nullnullnullnull and is descrinulld in nullause 6. The enullluation renullcts estanullished procedures nullr risnullmanagement and it is linullly that organinulltions will incorporate it into crisis andnullr nullsiness continuity management nullamewornull.n
40、ullny other punullicationsnullincluding British Standards and nullnull guidesnullare onulldirect relenullnce to the denullnce onullnullod and drinnull These include good practice guidance and standards nullr nullsiness continuity management and traceanulllity. In the interests onullconcisenessnullth
41、eir content is outlined in this nullnull and renullrences are ginulln nullr nullrther reading in the nullnulliography. Food and drinnullsupply renullires appropriate energy and water sernullces and an enullnullctinull telecommunications and transport innullastructurenulltherenullre renullrence is gi
42、nulln to authoritatinull guidance to protectinull security in these areas. In additionnull nullnenullnullpronulldes a short directory onullorganinulltions with relenullnce to aspects onullnullod denullnce. Food sanullty legislation plays a nully part in protecting consumers nullom unsanull or unnull
43、 nullod. Food nullsinesses are responsinulle nullr ensuring that the nullod meets nullod sanullty renullirements. Full adoption onullthe guidance ginulln in this nullnull cannot prenullnt a malicious attacnull nullt it should manull such an attacnullless linullly and the impact less traumatic. nullP
44、AS 96:2010 BSI March 20101 ScopeTamper-evident closure For the purpose onullthis nullnullnullthe nullllowing terms and denullitions applynull2null electronic security procedures used to protect electronic systems nullom sources onullthreatnullsuch as malware and hacnullrsnullintent on misusing themn
45、ullcorrupting them or putting them out onulluse2null food defence security onullnullod and drinnulland their supply chains nullom all nullrms onullmalicious attacnullincluding ideologically motinullted attacnullleading to contamination or supply nullilure2null food supplyany and all elements onullwh
46、at is commonly called the nullod supply chainnullnet or wenullwith the inclusion onulldrinnulland supporting and allied sernullces nullee nullnull null2null personnel security procedures used to connullm an indinulldualnulls identitynullnullalinullationsnullenullerience and right to wornull and to m
47、onitor conduct as an employee or contractor NOTE Not to be confused with personal security.2null product security techninulles used to manull nullod products resistant to contamination or misuse including tampernullnulldent closures and lot marnullng2null protective securityall the measures related
48、to physicalnullelectronic and personnel security which any organinulltion tanulls to miniminull the threat onullmalicious attacnull2null nullreat Assessnullnt nullitical nullntrol Point nullAnullPnullsystematic management onullrisnull through the process onullassessment onullthreatsnullidentinullati
49、on onullnulllneranulllitiesnulland implementation onullcontrols to raw materialsnullpacnullgingnullnullished productsnullprocessesnullpremisesnulldistrinulltion networnull and nullsiness systems null a nullowledgeanulle and trusted team with the authority to implement changes to proceduresThis nullnull pronulldes guidance to nullod nullsinesses onullall sinulls and at all points in the nullod supply chain nullnullom nullrm to nullrnullnullee Figure nullin nullnull null It pronulldes guidance on approaches to the protection onulltheir nullsiness nullom all nullrms onullmalicious attacnu
