System Guides

ISO 18788 Clause 7.1.2.4 focuses on the management of subcontracting or outsourcing activities within the Security Operations Management System (SOMS). It outlines requirements for defining and documenting processes, agreements, and terms of reference when engaging with subcontractors or outsource partners. Here's an explanation of the key elements of this clause:

Clause 7.1.2.4 - Outsourcing and Subcontracting:

1. Clearly Defined Process: The organization is required to have a clearly defined process for subcontracting or outsourcing activities, functions, and operations related to security operations. This process should ensure that engagements with subcontractors or outsource partners are well-managed.

2. Documentation of Terms of Reference and Codes of Conduct: The organization must establish, document, communicate, and monitor compliance with specific terms of reference and codes of conduct for subcontractors and outsource partners. These terms should relate to security operations and the respect for human rights.

3. Documented Agreement: When entering into subcontracted or outsourced arrangements, the organization must have a documented agreement that covers various aspects, including:

• a) Commitment by subcontractors to abide by the same legal, ethical, and human rights commitments and obligations as held by the organization. This ensures that subcontractors align with the organization's values and standards.

• b) Process for reporting risks, occurrences, and responses to undesirable and disruptive events. This helps in maintaining transparency and effective risk management.

• c) Confidentiality and conflict of interest agreements. These protect sensitive information and prevent conflicts that may arise during subcontracting.

• d) Clear definition and documentation of the services to be provided. This ensures clarity regarding the scope of work.

• e) Scope and limitations of command and control. This defines the boundaries of authority and responsibility.

• f) Definition of the support relationship between the contractor (organization) and the subcontractor. This outlines how support will be provided and received.

• g) Conformance to the applicable provisions of ISO 18788. This ensures that subcontractors adhere to the requirements of the International Standard.

In summary, this clause emphasizes the need for a well-defined process and documented agreements when subcontracting or outsourcing security operations-related activities. It also ensures that subcontractors and outsource partners align with the organization's legal, ethical, and human rights commitments. Clear communication, documentation, and compliance monitoring are key aspects of managing these relationships effectively within the SOMS.

ISO 18788 Clause 7.1.2.5 focuses on the development of financial and administrative procedures and controls within the Security Operations Management System (SOMS). These procedures and controls are essential to support effective security and risk management in both planned and emergency situations. Here's an explanation of the key elements of this clause:

Clause 7.1.2.5 - Financial and Administrative Procedures:

1. Development of Procedures: The organization is required to develop financial and administrative procedures and controls that support the provision of effective security and risk management. These procedures are essential to ensure that the organization can respond efficiently to both planned security operations and unforeseen disruptive or undesirable events.

2. Expedited Fiscal Decisions: The procedures should be established in a way that ensures fiscal decisions can be expedited when necessary. This means that financial processes should not hinder rapid decision-making in critical situations.

3. Alignment with Authority Levels: Procedures should be in accordance with established authority levels within the organization. This ensures that financial and administrative decisions are made within the appropriate framework of responsibility.

4. Adherence to Accounting Principles: The procedures should adhere to recognized accounting principles, ensuring transparency and accountability in financial matters.

5. Consultation and Coordination with the Client: The development of these procedures should involve consultation and coordination with the client or customer for whom security services are being provided. This ensures that financial and administrative processes align with the client's expectations and requirements.

In summary, this clause emphasizes the need for well-defined financial and administrative procedures and controls within the SOMS. These procedures should enable efficient decision-making, adhere to established authority levels and accounting principles, and be developed in consultation with the client. Effective financial and administrative processes are crucial for supporting security and risk management efforts, whether in planned security operations or during emergency response situations.