Security Operations Manual

Similar documents
9001:2015, ISO 14001:2015 & ISO

APS Cleaning Quality Management System Scope of Certification The provision of commercial and industrial cleaning services throughout Queensland.

UPGRADE ASSESSMENT CHECKLIST

1 Management Responsibility 1 Management Responsibility 1.1 General 1.1 General

Analysis of ISO 9001:2015 against the ICoCA Certification Assessment Framework

Quality Manual ISO 9001:2015 Quality Management System

Quality Manual Template ISO 9001:2015 Quality Management System

Osprey Technologies, LLC. Quality Manual ISO9001:2008 Rev -

ISO 9001: 2000 (December 13, 2000) QUALITY MANAGEMENT SYSTEM DOCUMENTATION OVERVIEW MATRIX

Quality Systems Manual

POLICY MANUAL FOR ISO 9001:2008. Document: PM-9001:2008 Date: April 7, Uncontrolled Copy

ISO 9001:2008 Quality Management System QMS Manual

EHQMS Manual & Policy Document

Quality System Manual - Section 00

AS 9100 Rev C Quality Systems Manual AS-050C-QM

CORPORATE MANUAL OF INTEGRATED MANAGEMENT SYSTEM

Quality Commitment. Quality Management System Manual

Quality Management System Manual

25 D.L. Martin Drive Mercersburg, PA (717)

Derlin Construction Limited QUALITY POLICY MANUAL ISO 9001:2008

4. Quality Management System 4.1 GENERAL REQUIREMENTS

Quality Manual DRAFT. Quality Management Plan Version A1 Date: <22/01/11> Page 1 of 17

Construction Safety Audit Scoring System (ConSASS) Audit Checklist

ISO 9001:2015 QUALITY MANAGEMENT SYSTEM POLICIES AND PROCEDURES

Business Management System Manual Conforms to ISO 9001:2015 Table of Contents

Machined Integrations, LLC

Project Procedure 1.0 PURPOSE 2.0 SCOPE 3.0 REFERENCES 4.0 DEFINITIONS. No.: P /21/2012 PAGE 1 OF 8 INTERNAL QUALITY AUDITS

ISO 9001:2015. Quality Manual Template.

S.D.F ELECTRICAL PTY LTD ABN EMPLOYEE POLICY BOOKLET

QUALITY SYSTEM MANUAL

Revision. Quality Manual. Multilayer Prototypes. Compliant to ISO / AS9100 Rev C

Luminus Devices, Inc Quality Management Systems Manual ISO 9001:2008

Eagle Machining, Inc.

QUALITY MANUAL ECO# REVISION DATE MGR QA A 2/25/2008 R.Clement J.Haislip B 6/17/2008 T.Finneran J.Haislip

Texas International Oilfield Tools, Ltd.

Pre Audit Transition Gap Analysis QMS and EMS

EQMS Manual & Policy Document

INTERNATIONAL STANDARD

Integrated Clause-byclause Guidance

Quality Management System Guidance. ISO 9001:2015 Clause-by-clause Interpretation

METUCHEN CAPACITORS INCORPORATED. Quality Manual P.O. BOX HIGHWAY 35, SUITE 2 HOLMDEL NJ USA

Proprietary Document Disclosure Restricted To Employees and Authorized Holders

ANSI/ASIS PSC.1 Standard: Enhancing Management of Security Operations

British Standard BS Specification for an Anti-bribery Management System. Summary

ISO 9001:2015 Gap Analysis Check Sheet

ISO 9001: 2008 Engineering Design Construction Quality Management System Sample - Selected pages (not a complete plan)

Temporary, contract and interim recruitment services Permanent and fixed term selection recruitment services Retained & executive recruitment services

ISO 9001:2015. Quality Management System. Manual

Definitions contained in the above mentioned Specifications and Industry Standards are applicable herein.

Supplier Quality Survey. 1. Type of Business: g) Commodities supplied? Supplier Changes/comments: 2. Headcount breakdown by group: Purchasing

QUALITY MANUAL. Number: M-001 Revision: C Page 1 of 18 THIS DOCUMENT IS CONSIDERED UNCONTROLLED UNLESS ISSUED IDENTIFIED AS CONTROLLED

NMT Specialized Machining Inc & NMT General Machining Inc AS 9100 Rev C Quality Systems Manual

ISO9001 QUALITY POLICY MANUAL

Guidance on the Application. of ISO / IEC Accreditation International Association for Certifying Bodies

APPENDIX B Corrosion Management System Framework and Guidance

Quality Manual. Document: QM Issue: 3 Revision: 3 Date: March 31, This Document is Obsolete Once Printed

4. General requirements 4.1 Impartiality and independence F Organisation s SANAS No/s. Date/s of evaluation

ISO 9001:2000 Revision G

<Full Name> Quality Manual. Conforms to ISO 9001:2015. Revision Date Record of Changes Approved By

Document Number: QM001 Page 1 of 19. Rev Date: 10/16/2009 Rev Num: 1. Quality Manual. Quality Manual. Controlled Copy

Quality Systems Manual

OPERATIONS MANUAL ISO 9001 Quality Management System

Quality System Manual - Section 00

ENVIRONMENTAL MANUAL. Page 1 of 26 Uncontrolled when printed NCH Env Manual Vers 11.0 date 01/02/18

ISO AUDIT PREPARATION KIT 2016

ISO 9001:2015 GAP ANALYSIS CHECKLIST

BINDT AUDIT PROCEDURE CONFORMITY ASSESSMENT AND CERTIFICATION/VERIFICATION OF MANAGEMENT SYSTEMS

ISO9001:2008 SYSTEM KARAN ADVISER & INFORMATION CENTER QUALITY MANAGEMENT SYSTEM SYSTEM KARAN ADVISER & INFORMATION CENTER

Awareness to ISO 9001:2000

Pre Audit Transition Gap Analysis QMS (ISO 9001 Only)

Comparison Matrix ISO 9001:2015 vs ISO 9001:2008

RELATIONSHIP CLIENT IMPROVEMENT LEADERSHIP PROCESSES INFORMATION PEOPLE

Level 5 NVQ Diploma in Management and Leadership Complete

AEROSPACE STANDARD. Quality Systems - Aerospace - Model for Quality Assurance in Design, Development, Production, Installation and Servicing

GSR Management System - A Guide for effective implementation

Business Management System Manual

Vesper Group 2015 Global Compact Communication on Progress (COP)

Quality Manual. Quality Manual. In support of ISO 9001:2015. Approved by: Paul Brisson. Date: 17-May-18 Page 1 of 33

Monroe Engineering is committed to customer satisfaction; we strive for Continuous Improvement in our products and our people.

Correlation Matrix & Change Summary

RULES FOR A QUALITY STANDARDS SYSTEM (QSS) IN MARITIME ACADEMIES/INSTITUTIONS

Audit and Risk Committee Charter

ISO /TS 29001:2010 SYSTEMKARAN ADVISER & INFORMATION CENTER SYSTEM KARAN ADVISER & INFORMATION CENTER

WHO Prequalification of In Vitro Diagnostics Programme

Guidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.

Guidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.

ISO 9001:2015 Expectations

Workplace Safety and Health Guidelines Contractor Management

ISO 9001:2015 Quality Management System. New/Revised Requirements

PRECISE INDUSTRIES INC. Quality Manual

QUALITY SYSTEM MANUAL

THE PROCESS APPROACH IN ISO 9001:2015

Quality Management System Manual

QUALITY ASSURANCE AND QUALITY CONTROL MANUAL

POLYCRAFT INCORPORATED QUALITY MANUAL Quality Manual QM -10 Approval: D. Wheeler.

[Type text] QUALITY MANUAL. ISO 9001:2015 Quality Management System QMS1 ISSUE 1 12/09/16

CORPORATE QUALITY MANUAL

Labour Standards Policy

The Incorporated Engineer Standard

CORPORATE GOVERNANCE STATEMENT

Transcription:

2018-01-01 Security Operations Manual 1 INTRODUCTION 2 2 CONTEXT 2 3 RISK 3 4 SCOPE 3 5 REFERENCES 4 6 SECURITY OPERATIONS MANAGEMENT SYSTEM 4 7 MANAGEMENT RESPONSIBILITIES 5 7.1 Security policy 6 8 RESOURCE MANAGEMENT 7 9 SECURITY OPERATIONS REALIZATION 7 9.1 Purchasing and Procurement 8 9.2 Delivery 8 10 MEASUREMENT & IMPROVEMENT 8 10.1 Customer Satisfaction 8 10.2 Internal Audit 9 10.3 Process Monitoring & Measurement 9 10.4 Improvement 9 UNCONTROLLED IN PRINT

1 INTRODUCTION Vesper Group has developed and implemented a Security Operations Management System (SOMS), which is integrated in our Quality Management System, in order to document the company s best security operations practices, safeguard its security operations and its clients while ensuring respect for human rights, applicable laws and fundamental freedoms and to continuously improve the overall management of its security operations. Vesper Group s top management is committed to, and conforms to, the requirements of the international standards ISO 18788 and PSC.1-2012, and complies with the relevant principles, legal obligations, voluntary commitments, and good practices of: a) Montreux Document On Pertinent International Legal Obligations and Good Practices for States Related to Operations of Private Military and Security Companies During Armed Conflict (09/2008); and b) International Code of Conduct for Private Security Service Providers (ICoC) (11/2010); and c) Guiding Principles on Business and Human Rights; Implementing the United Nations Protect, Respect and Remedy Framework 2011. This manual describes the security operations management system and is also used externally to introduce our security operations management system to our clients and other external stakeholders. The integrity of our security operations management system and focus on respect for human life, the safety and security of our operations and clients, accountability to law and respect for human rights as well as continuous improvement, both proactive and reactive, are included in the descriptions in this manual. 2 CONTEXT Many stakeholders, both internal as well as external, will be affected by how our security operations are being conducted. Vesper Group therefore undertakes a risk assessment prior to any security operation where internal and external operational context is identified and evaluated in terms of risk-exposure in conjunction with planned security operations. Internally, Vesper Group, evaluates the company s: business strategy and plans; policies and instructions; governance, roles and responsibilities; overall risk management; internal stakeholders; our company values and codes of conduct; lines of reporting and decision-making; tactics, procedures and routines; products and services as well as brand-reputation. UNCONTROLLED IN PRINT 2 / 9

The success of Vesper Group s security operations is also dependent on how well we can adapt to the external context where the operations are being conducted, which is also identified and evaluated prior to any security operation. This include but is not limited to: cultural and political context; legal and regulatory requirements; contractual obligations; infrastructural requirements; supply-chain management; external stakeholder, including local population, requirements, perceptions and interest; local interoperability and interdependencies. 3 RISK Vesper Group conducts a thorough risk assessment of internal and external factors that influence the management of risk prior to any security operation during which several criteria are being considered. They include: critical activities; capabilities, functions and services; stakeholder relations; the operational environment; potential impact of undesirable events; legal and regulatory requirements; nature and types of threats, their likelihood and severity; reputational and perceived risk and risk tolerance. The findings of the risk assessments are documented and form the basis for the approval or disapproval of the security operation in question. 4 SCOPE The ISO 18788 and PSC.1-2012 standards describes the requirements for a Security Operations Management System by addressing business and risk management for the effective conduct of security operations, particularly, when they are conducted in environments where governance may be weak or the rule of law is undermined due to human or naturally caused events. The Security Operations Management System is applicable for Vesper Group s Business Area Security Operations, which is a clearly defined business area of Vesper Group. The Security Operations Management System complies with all applicable requirements contained in ISO 18788 and PSC.1-2012, and covers provision of all services supplied and security operations conducted by Vesper Group s Security Operations department, including its subcontractors, globally. The following table identifies scoping boundaries to ISO 18788 and PSC.1-2012 requirements not applicable to Vesper Group and provides a brief narrative justifying their exclusion from the scope of the Security Operations Management System. UNCONTROLLED IN PRINT 3 / 9

Exclusion Vesper Group s Business Area Security and intelligence Management Vesper Group s Business Area Cyber and Threat Intelligence Justification Security Management does not conduct Security Operations Cyber and Threat Intelligence does not conduct Security Operations 5 REFERENCES In addition to ISO 18788 and PSC.1-2012 standards the company will also make reference to other relevant International standards and documents appropriate to the conduct of security operations and its market. Montreux Document On Pertinent International Legal Obligations and Good Practices for States Related to Operations of Private Military and Security Companies During Armed Conflict (09/2008); International Code of Conduct for Private Security Service Providers (ICoC) (11/2010); Guiding Principles on Business and Human Rights; Implementing the United Nations Protect, Respect and Remedy Framework 2011. ISO 9001:2015 Quality Management System 6 SECURITY OPERATIONS MANAGEMENT SYSTEM Vesper Group has implemented an ISO 18788 and PSC.1-2012 security operations management system that monitors, measures and analyses processes and takes action to achieve planned results and the continual improvement of our security operations management system. Any outsourced or subcontracted activity is controlled as per applicable ISO 18788 as well as PSC.1-2012 requirements. UNCONTROLLED IN PRINT 4 / 9

This security operations manual contains documented description of how Vesper Group effectively and fully meet the requirement of ISO 18788 and PSC.1-2012 standards. The level of details in this document is kept to a brief level due to the sensitive nature of the services supplied by Vesper Group to its customers. All policies, processes, checklists and manual are subject to review on regular bases to verify the effectiveness and conformity to applicable requirement, standard or other. The documentstructure consists of policies, management processes, support processes and business processes. All processes include checklists in several steps. All process-documentation includes standard document administration criteria, responsibility, objectives, review interval and records that need to be saved, were it is saved and for how long. All documents are identified by its unique name in the system. Original documents are safely stored electronically with relevant access rights for author, approver and user. 7 MANAGEMENT RESPONSIBILITIES Executive Management has the responsibility and authority for supporting development and implementation of the Security Operations Management System, for ensuring that it remains relevant to the company s objectives and the needs and expectations of customers, and that it promotes a continual improvement environment. Executive Management is also responsible for ensuring that the policies are appropriate for the business, promotes the security operations management system s effectiveness and is reviewed at appropriate intervals. Executive Management are responsible for communicating policies and the importance of meeting stakeholder s as well as statutory and regulatory requirements to employees within their respective organizations. They shall ensure that it is understood and applied to the daily work of the organization through the establishment of objectives and trainings as well as allocation of resources. All managers are responsible for the continuous improvement and support of the system. All employees are responsible for the professionalism of their work and implementation of policies applicable to processes they perform. Employees are motivated and empowered to identify and report any known or potential problems and recommend solutions. Vesper Group strives to identify current and future stakeholders in order to understand requirements, perceptions, values, needs, interests and risk tolerance. All involved managers UNCONTROLLED IN PRINT 5 / 9

ensure that these are understood, converted into internal requirements, and communicated to the appropriate personnel in our organization. Stakeholder complaints and other stakeholder input/feedback are continually monitored and measured to identify opportunities for improvement. Management representative for Vesper Group is the Managing Director. The Managing Director s responsibilities include driving reviews, improvement suggestions and audit planning for the Security Operations Management System in the monthly Executive Management Team meeting. In the meeting the Executive Management Team will also review other relevant data such as customer input, process performance, complaints and grievances, corrective and preventive actions and audit reports. The Executive Team will, based on the input, decide on appropriate actions. All managers and supervisors are responsible for establishing regular formal and informal communications as needed to convey to their employees the relevance and importance of their activities. Communications regarding how employees contribute to the achievement of objectives is also conveyed and reinforced during employee annual appraisal. 7.1 Security policy Top management ensures that the security policy is communicated to all employees. It is included in new employee training. Vesper Group conducts security operations in environments that are inherently unstable and dangerous. Vesper Group is committed to conducting those security operations to the highest level of professionalism while maintaining the safety and security of the operations and clients and also ensuring respect for human rights, laws and fundamental freedoms. While conducting security operations, Vesper Group, is therefore committed to the following objectives: a) Respect human life and dignity as its first priority; b) Avoid, prevent and reduce the likelihood and consequence of disruptive and undesirable events; c) Comply with applicable legal requirements; d) Respect human rights; and e) Promote continual improvement of its conduct of security operations Vesper Group implements effective processes to support the conduct of security operations and its Management are responsible for establishing objectives and measurement to drive continuous improvement in security operations. UNCONTROLLED IN PRINT 6 / 9

All Vesper Group s employees, consultants and subcontractors are responsible for conducting security operations in accordance with this policy and are expected to contribute to the continual improvement of Vesper Group s conduct of Security Operations. 8 RESOURCE MANAGEMENT Vesper Group s Security Operations are, to a high extent, a project-oriented business, mostly with time-limited projects requiring special competencies. The specific competency for a project is documented together with the customer before the start of the project. To support the business, Vesper has access to qualified candidates for different roles depending on customer requirement. To qualify, candidates will be evaluated based on education, previous experience, several practical tests, interviews and references. All candidates for a project position will go through, for the role, relevant Vesper training and personally sign Vesper Code of Conduct and other, for the role, relevant policies. The signature include understanding the policy, commitment to it and consequences for not comply with the policy. If needed during a project additional trainings will be agreed between the individual and the project responsible manager. The effectiveness of additional training will be evaluated. As most services are performed at customer or other external locations, infrastructure and work environment are identified and risk assessed as part of the project description. General knowledge in specific areas related to work environment is part of the qualification for a project, such as weapon- training. Infrastructure and work environment are important and constantly monitored by both the employee and the responsible manager. 9 SECURITY OPERATIONS REALIZATION Vesper Group security operations are project-oriented and customer-requirement for a service is specified and reviewed in cooperation between the customer and Vesper Group before accepting a project. The overriding objectives for Vesper Group s security operations are described in the security operations policy and include: Respect for human life, the safety and security of the security operation and the client, legal and regulatory requirements and the respect for human rights. Vesper Group s expert judgment as well as previous experience from similar projects and regulatory considerations will also be included in the project assessment. Agreed requirement between the customer and Vesper Group, including required professional skills, specific targets and key performance indicators, are recorded in the proposal and related project-documentation. UNCONTROLLED IN PRINT 7 / 9

Ongoing communication between the customer and Vesper Group will be handled by the appointed contract manager during the whole project. This is part of Vesper Group s commitment to handle agreed changes, exceed customer expectations and reduce possibilities for dissatisfaction. The contract manager and Business Area manager will handle any complaints from the customer or other stakeholder in a fast and professional manner. The Business Area manager will also link any systemic improvement to the Executive Management Team for permanent correction and implementation. 9.1 Purchasing and Procurement The purchasing and procurement process is essential to Vesper Group s ability to provide our customers with services and products that meet their requirements. This is done by primarily the use of pre-evaluated suppliers and subcontractors. Evaluation of suppliers is based on a number of criteria, including capacity, ethical behavior and previous performance. Approved suppliers commit to the same high ethical policies as Vesper Group. All approved suppliers are subject to regular review. Requirement for approval of purchased service or product is part of purchasing information and project documentation. Verification of purchased service or product is the responsibility of the project manager for the project concerned. 9.2 Delivery Delivery of services is done in accordance with agreed project specification utilizing defined skilled professionals and according to internationally established methods as well as local regulations. Professionals are assigned to the project based on competence and experience. Project documentation can include use of specific security related products. Customer owned property play an essential role for Vesper Group as much of the services include safeguarding customer property and personnel. All activities used to achieve this is defined in the project documentation. 10 MEASUREMENT & IMPROVEMENT 10.1 Customer Satisfaction Vesper Group utilizes two level s of customer satisfaction architecture. One transactional level for surveys related to customer satisfaction with individual project and one level of overall relationship surveys. All surveys consist of standard questions, both open and ranking questions and is done normally in meeting with the customer. Scores from surveys will be used by Business Management and Human Resource for improving individual project and summarized score by Executive Management to improve Vesper Group s performance. UNCONTROLLED IN PRINT 8 / 9

UNCONTROLLED IN PRINT 9 / 9

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback