Six Sigma Quality International

This document gives guidelines for incident management, including

— principles that communicate the value and explain the purpose of incident management,

— basic components of incident management including process and structure, which focus on roles and responsibilities, tasks and management of resources, and

— working together through joint direction and cooperation.

This document is applicable to any organization involved in responding to incidents of any type and scale.

This document is applicable to any organization with one organizational structure as well as for two or more organizations that choose to work together while continuing to use their own organizational structure or to use a combined organizational structure.

This document gives guidelines for incident management, including

— principles that communicate the value and explain the purpose of incident management,

— basic components of incident management including process and structure, which focus on roles and responsibilities, tasks and management of resources, and

— working together through joint direction and cooperation.

This document is applicable to any organization involved in responding to incidents of any type and scale.

This document is applicable to any organization with one organizational structure as well as for two or more organizations that choose to work together while continuing to use their own organizational structure or to use a combined organizational structure.

ISO 45001 is an ISO standard for management systems of occupational health and safety (OH&S), published in March 2018. The goal of ISO 45001 is the reduction of occupational injuries and diseases.^[1]

The standard is based on OHSAS 18001, conventions and guidelines of the International Labour Organization including ILO OSH 2001, and national standards.^[2][1] It includes elements that are additional to BS OHSAS 18001 (see below: ISO 45001 changes compared to OHSAS 18001:2007) which it is replacing over a three-year migration period from 2018 to 2021.^[3]

ISO 45001 also follows the High Level Structure of other ISO standards like ISO 9001:2015 and ISO 14001:2015 which makes integration of these standards much easier.

ISO 41001:2018 specifies the requirements for a facility management (FM) system when an organization:

a) needs to demonstrate effective and efficient delivery of FM that supports the objectives of the demand organization;

b) aims to consistently meet the needs of interested parties and applicable requirements;

c) aims to be sustainable in a globally-competitive environment.

The requirements specified in ISO 41001:2018 are non-sector specific and intended to be applicable to all organizations, or parts thereof, whether public or private sector, and regardless of the type, size and nature of the organization or geographical location.

Annex A provides additional guidance on the use of this document.

ISO 55001:2014 specifies requirements for an asset management system within the context of the organization.

ISO 55001:2014 can be applied to all types of assets and by all types and sizes of organizations.

ISO/PAS 21195:2018 specifies technical requirements for systems designed to detect a person who has gone overboard from a passenger ship. This document addresses how a system is expected to perform in various environmental conditions and a wide variety of incident profiles.

ISO/PAS 21195:2018 does not cover man overboard (MOB) detection systems that require the passengers or crew to wear or carry a device to trigger an MOB event.

ISO/PAS 21195:2018 specifies technical requirements for systems designed to detect a person who has gone overboard from a passenger ship. This document addresses how a system is expected to perform in various environmental conditions and a wide variety of incident profiles.

ISO/PAS 21195:2018 does not cover man overboard (MOB) detection systems that require the passengers or crew to wear or carry a device to trigger an MOB event.

This document gives guidelines for incident management, including

— principles that communicate the value and explain the purpose of incident management,

— basic components of incident management including process and structure, which focus on roles and responsibilities, tasks and management of resources, and

— working together through joint direction and cooperation.

This document is applicable to any organization involved in responding to incidents of any type and scale.

This document is applicable to any organization with one organizational structure as well as for two or more organizations that choose to work together while continuing to use their own organizational structure or to use a combined organizational structure.

The ISO/IEC 27000-series (also known as the 'ISMS Family of Standards' or 'ISO27K' for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).^[1]

The series provides best practice recommendations on information security management—the management of information risks through information security controls—within the context of an overall Information security management system (ISMS), similar in design to management systems for quality assurance (the ISO 9000 series), environmental protection (the ISO 14000 series) and other management systems.^[2][3][4]

The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT/technical/cybersecurity issues. It is applicable to organizations of all shapes and sizes. All organizations are encouraged to assess their information risks, then treat them (typically using information security controls) according to their needs, using the guidance and suggestions where relevant. Given the dynamic nature of information risk and security, the ISMS concept incorporates continuous feedback and improvement activities to respond to changes in the threats, vulnerabilities or impacts of incidents.

The ISO/IEC 27000-series (also known as the 'ISMS Family of Standards' or 'ISO27K' for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).^[1]

The series provides best practice recommendations on information security management—the management of information risks through information security controls—within the context of an overall Information security management system (ISMS), similar in design to management systems for quality assurance (the ISO 9000 series), environmental protection (the ISO 14000 series) and other management systems.^[2][3][4]

The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT/technical/cybersecurity issues. It is applicable to organizations of all shapes and sizes. All organizations are encouraged to assess their information risks, then treat them (typically using information security controls) according to their needs, using the guidance and suggestions where relevant. Given the dynamic nature of information risk and security, the ISMS concept incorporates continuous feedback and improvement activities to respond to changes in the threats, vulnerabilities or impacts of incidents.

The ISO/IEC 27000-series (also known as the 'ISMS Family of Standards' or 'ISO27K' for short) comprises information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).^[1]

The series provides best practice recommendations on information security management—the management of information risks through information security controls—within the context of an overall Information security management system (ISMS), similar in design to management systems for quality assurance (the ISO 9000 series), environmental protection (the ISO 14000 series) and other management systems.^[2][3][4]

The series is deliberately broad in scope, covering more than just privacy, confidentiality and IT/technical/cybersecurity issues. It is applicable to organizations of all shapes and sizes. All organizations are encouraged to assess their information risks, then treat them (typically using information security controls) according to their needs, using the guidance and suggestions where relevant. Given the dynamic nature of information risk and security, the ISMS concept incorporates continuous feedback and improvement activities to respond to changes in the threats, vulnerabilities or impacts of incidents.

ISO/PAS 21195:2018 specifies technical requirements for systems designed to detect a person who has gone overboard from a passenger ship. This document addresses how a system is expected to perform in various environmental conditions and a wide variety of incident profiles.

ISO/PAS 21195:2018 does not cover man overboard (MOB) detection systems that require the passengers or crew to wear or carry a device to trigger an MOB event.