PAS 96 2008- Defending Food & Drink
32
PUBLICLY AVAILABLE SPECIFICATION PAS 96:2008 Defending food and drink ICS code: 67.020 NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW Guidance for the deterrence, detection and defeat of ideologically motivated and other forms of malicious attack on food and drink and their supply arrangements
Transcript of PAS 96 2008- Defending Food & Drink
PUBLICLY AVAILABLE SPECIFICATION
PAS 96:2008
Defending food and drink
ICS code: 67.020
NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW
Guidance for the deterrence, detection and defeat ofideologically motivated and other forms of maliciousattack on food and drink and their supply arrangements
PAS 96:2008
© BSI March 2008
This Publicly AvailableSpecification comes into effect on 10 March2008
© BSI March 2008
ISBN: 9780 580 61990 8
Amd. No. Date Comments
PAS 96:2008
© BSI March 2008 i
ContentsPage
ii .......................... Forewordiii .......................... Rationale and purposeiv .......................... Introduction
1 .......................... 1 Scope
1 .......................... 2 Terms and definitions
2 .......................... 3 Malicious, ideologically motivated threats to food and food supply
3 .......................... 4 Broad themes of food defence3 .......................... 4.1 General3 .......................... 4.2 Response levels4 .......................... 4.3 The food supply web
5 .......................... 5 Presumptions
6 .......................... 6 A Protocol for threat assessment and mitigation
8 .......................... 7 Assessing the threat
8 .......................... 8 Assuring personnel security8 .......................... 8.1 Pre-employment prudence9 .......................... 8.2 Systems for control of temporary staff9 .......................... 8.3 Building employee inclusiveness
10 .......................... 9 Controlling access to premises10 .......................... 9.1 General10 .......................... 9.2 Access for motor vehicles11 .......................... 9.3 Access points for people 11 .......................... 9.4 Screening of visitors 11 .......................... 9.5 Identification of ‘unauthorized’ visitors11 .......................... 9.6 Secure mail-handling11 .......................... 9.7 Restrictions on portable electronic equipment
12 .......................... 10 Controlling access to services
12 .......................... 11 Secure storage of transport vehicles
12 .......................... 12 Controlling access to materials
13 .......................... 13 Controlling access to processes 13 .......................... 13.1 General13 .......................... 13.2 Assuring business processes14 .......................... 13.3 Assurance that sources of material are reliable and threat aware14 .......................... 13.4 Product security – tamper-evident consignments14 .......................... 13.5 Reception arrangements for materials 14 .......................... 13.6 Quality control arrangements
15 .......................... 14 Contingency planning for recovery from attack
15 .......................... 15 Audit and review of food defence procedures
16 .......................... Annexes16 .......................... Annex A (informative) Organization of the key sources of advice and information18 .......................... Annex B (informative) Guidance for specific parts of the food and drink supply chain20 .......................... Annex C (informative) Defending Food: A food and drink defence checklist
22 .......................... Bibliography
PAS 96:2008
© BSI March 2008ii
ForewordThis Publicly Available Specification (PAS) has been developed by the Centre for theProtection of National Infrastructure (CPNI) in collaboration with The British StandardsInstitution (BSI).
Acknowledgement is given to the followingorganizations that were consulted in the developmentof this specification:
• Arla Foods
• Associated British Foods
• Baxters Food Group
• Cranfield University
• Dairy UK
• Defra
• Food and Drink Federation
• Food Standards Agency
• Gate Gourmet
• J Sainsbury
• Kellogg
• London South Bank University
• Marks and Spencer
• Muller Dairy
• National Farmers Union
• Scottish Food and Drink Federation
• Waitrose
Wider comments from other parties were invited byBSI. The expert contributions made from organizationsand individuals consulted in the development of thisPAS are gratefully acknowledged.
This PAS has been prepared and published by BSI,which retains its ownership and copyright. BSI reservesthe right to withdraw or amend this PAS on receipt of authoritative advice that it is appropriate to do so. This PAS will be reviewed at intervals not exceedingtwo years, and any amendments arising from thereview will be published as an amended PAS andpublicized in Update Standards.
This PAS does not purport to include all the necessaryprovisions of a contract. Users are responsible for itscorrect application.
Compliance with this Publicly Available Specificationdoes not of itself confer immunity from legalobligations.
This Publicly Available Specification is not to beregarded as a British Standard.
PAS 96:2008
© BSI March 2008 iii
The food and drink industry in the UK – the foodsector of the national infrastructure – could be underthreat from ideologically motivated groups. The threatextends that from criminals who use extortion andfrom individuals with a grudge. It is different in naturefrom the (natural) hazards which the industry is wellversed in handling. The threat is unlikely to decline in the foreseeable future. PAS 96 provides broadguidelines to industry operators which should helpthem assess (see Clauses 6 and 7) and reduce (seeClauses 8 to 13 and Annex B) the risk to theirbusinesses and to mitigate (see Clause 14) theconsequences of an attack.
Broad guidelines should be interpreted as preciselythat. They are broad because managers will havespecific knowledge of the specialist detail of theirbusinesses which would not be appropriate for adocument such as this, and because specificinformation may be of help to an intending criminal.They are guidelines and not requirements because akey feature of PAS 96 is ‘proportionality’. The risk is different for different businesses, for differentoperations, and for different products. It is thereforeimplicit that different risk assessments will result indifferent action plans proportionate to an individualsituation, and indeed in some cases to a legitimatedecision to take no specific action.
To make the guidelines as sensible and as accessible aspossible, PAS 96 is deliberately written to integrate thereasoning behind a provision with the provision itself.It tries to use language familiar to the industry withoutcontinual definition, and it tries to balance concisenessand comprehensiveness by making sensible referencesto other sources of information. Some repetition hasbeen accepted where emphasis has been needed or toimprove readability.
It assumes that managers are aware of Hazard AnalysisCritical Control Point (HACCP), crisis management andbusiness continuity management principles and haveeffective procedures in place. It is expected that mostexecutives will build the provisions of PAS 96 into these
existing protocols. PAS 96 recommends a teamapproach, as that is typically the best way of bringingrelevant expertise together; however it is recognizedthat for many, particularly small enterprises, this mayhave to be a team of one person.
In contrast to many standards, PAS 96 is not seen as an external audit tool. The principle of proportionalitymeans that different operations within even a singlebusiness may come to very different assessments of its implications. It may be reasonable for a customer to ask its supplier if it is familiar with the guidelines of PAS 96, and to ask if it has implemented the(proportionate) steps which it judges necessary, but notto require specific action on each individual paragraph.
PAS 96 is written in a UK context and invites operatorsto view the guidelines in the context of the legislativerequirements of the UK. It does not considerapplication internationally, but operations may findsome of the approaches helpful and are welcome tomake whatever use they feel appropriate.
In summary, PAS 96 provides some approaches to the developing problem of malicious attack on thefood and drink industry. Its provisions should be both practical and proportionate, and should helpbusinesses deter potential attackers. BSI and CPNIwelcome feedback on the structure, format andprovisions of PAS 96, and especially of omissions whichreaders perceive or revisions which they feel necessary.
Rationale and purposeThis section sets the context for PAS 96 Defending Food and Drink. It describes andexplains the structure of the PAS and indicates the way in which it should, and shouldnot, be used. As such it is an important part of the PAS and should be fullyconsidered before the detailed provisions.
PAS 96:2008
© BSI March 2008iv
The public and businesses within the food and drinksector now face a different threat – that of maliciousattack, especially by ideologically motivated individualsand groups. This threat will manifest in a way whichreflects the motivation and capability of these people.It will not follow the statistically random, andtherefore predictable patterns of familiar ‘hazards’ so the established HACCP approach might not workwithout modification.
This document seeks to inform all those involved in the food and drink industry of the nature of thisthreat, to suggest ways of deterring attack and torecommend approaches that will mitigate the effect of an attack should it happen. The interpretation ofthe guidance depends on the individual judgement of business managers. Action taken by any businessshould be proportionate to the threat faced by thatbusiness and the document points to approaches toassess this threat. The provisions of this PAS are notdesigned to be used as an audit tool as differentorganizations will make different assessments ofthreat, vulnerability and impact, and will implementdifferent practices to defend the food they handle and the supply arrangements which they use.
Core to the defence of food is a systematic evaluationof vulnerable elements of the supply chain carried outby an experienced and trusted team. In this document,this is called ‘Threat assessment and mitigation’ and is described in Clause 6. The evaluation reflectsestablished procedures for risk management and it islikely that organizations will incorporate it into crisisand/or business continuity management frameworks.
Many other publications, including British Standardsand CPNI guides, are of direct relevance to the defenceof food and drink. These include good practiceguidance and standards for business continuity
IntroductionBusinesses within the food and drink industry are well versed in the processes neededto make safe, wholesome, nutritious and palatable food available to customers.Removal of contamination from raw food sources, processing to make themconsumable, and managing distribution to avoid recontamination and spoilage are atthe heart of the modern food industry. Hazard Analysis Critical Control Point (HACCP)methodology has proved invaluable in controlling adventitious hazards which arebased on the environmental and biological nature of food and which are essentiallyrandom in character.
management and traceability. In the interests ofconciseness, their content is outlined in this PAS and references are given for further reading in the bibliography. Food and drink supply requiresappropriate energy and water services and an effectivetelecommunications and transport infrastructure,therefore reference is given to authoritative guidanceto protective security in these areas.
Food safety legislation plays a key part in protectingconsumers from unsafe or unfit food. Food businessesare responsible for ensuring that the food meets foodsafety requirements. Full adoption of the guidancegiven in this PAS cannot prevent a malicious attack; but it should make such an attack less likely and theimpact less traumatic.
PAS 96:2008
© BSI March 2008 1
This PAS provides guidance to food businesses of allsizes and at all points in the food supply chain – fromfarm to fork and beyond (see Figure 1). It providesguidance on approaches to the protection of theirbusiness from all forms of malicious attack includingideologically motivated attack and to procedures tomitigate and minimize the impact of such an attack. It is intended to be of particular use to managers ofsmall and medium sized food enterprises who may not have easy access to specialist advice.
Food businesses will be able to use the guidance in thecontext of an effective Hazard Analysis Critical ControlPoint (HACCP) based food safety management regime.This PAS assumes and builds on effective operation ofHACCP protocols.
2 Terms and definitions
For the purpose of this PAS, the following terms anddefinitions apply:
2.1 food defence security of food and drink and their supply chains fromall forms of malicious attack including ideologicallymotivated attack leading to contamination or supply failure
2.2 threat assessment and mitigation systematic process of assessment of threats andidentification of vulnerabilities to raw materials,packaging, finished products, processes, premises,distribution networks and business systems by anexperienced and trusted team with the authority to implement changes to procedures
1 Scope
2.3 product security techniques used to make food products resistant tocontamination or misuse including tamper evidentclosures and lot marking
2.4 personnel security procedures used to confirm an individual’s identity,qualifications, experience and right to work, and tomonitor conduct as an employee or contractor
NOTE Not to be confused with ‘personal security’.
2.5 electronic security procedures used to protect electronic systems fromsources of threat, such as malware and hackers, intenton misusing them, corrupting them or putting themout of use
2.6 protective securityall the measures related to physical, electronic andpersonnel security which any organization takes tominimize the threat of malicious attack
2.7 food supplyany and all elements of what is commonly called thefood supply chain, net or web with the inclusion ofdrink and supporting and allied services (see 4.3)
Tamper-evident closure
PAS 96:2008
© BSI March 20082
Case Study A: In September and October 1984, 751 residents of The Dalles in Oregon USA were infected withSalmonellae food poisoning of which 45 werehospitalized. Fortunately no one died from theoutbreak. It subsequently transpired that localmembers of the Rajneeshee religious cult hadcontaminated 10 salad bars with the intention of preventing individuals from voting and therebyinfluencing the result of local elections in WascoCounty at which they hoped to gain politicalcontrol. Two cult officials were eventuallyconvicted and served 29 months in prison for a variety of offences. It is believed that theyobtained the bacterial culture from commercialsources. Nine of the salad bars affected went out of business.
The attack identified the relative ease with whichthe wholesomeness of ready to consume foodcould be undermined and pinpointed a particularlyvulnerable part of the food supply chain.
Global, highly competitive food trade may seem anideal target for malicious, ideologically motivatedattack. This could cause mass casualties, economicdisruption and widespread panic. In many ways thediversity of the food operations may seem to make the food supply highly vulnerable to attack. However,competition within the sector and the nature of foodsupply itself provides considerable intrinsic resilience.
Other forms of motivation have led to harmful attackson foods. Extortion, coercion and criminal action topromote a ‘cause’ may be accompanied by some formof warning which would not be expected from aterrorist group. Information of any form about anyattack or threat of attack should be passed to seniormanagers without delay. They should immediatelyimplement crisis management procedures including the notification of police.
In practice, undertaking a major attack on the foodsupply chain is much more difficult than at first it maybe believed. However, even a limited attack can causeharm and economic loss, and could result in significant
3 Malicious, ideologically motivated threats to food and food supply
Case Study B: In Summer 2007, a major UK producer of baked,chilled pastry goods lost five days of production, at a cost of 5% of its annual turnover, when thefactory was shut down following a malicious attackusing peanuts.
The factory was designated as a nut free site andallergen information on product packagingreflected this status. The discovery of peanuts,initially in service areas then in manufacturingareas, led to the factory shut down. It also resultedin products being removed from retailer sale dueto potential anaphylactic reactions from nut allergysufferers. A police investigation into the incidentdiscounted that the causes were accidental.
Production only resumed following a site widedeep clean and a major revision, andimplementation, of site protective securityprocedures. These measures were agreed with and supported by retail customers prior to theresumption of supply.
Fortunately no contaminated product left site soserious harm from anaphylactic shock was avoided.
Foods sold ‘open’ for customers to select may beparticularly vulnerable
PAS 96:2008
© BSI March 2008 3
damage to ‘brands’. With extensive consumer andmedia concern, this threat demands that companiesand businesses take a responsible and proactiveapproach to food defence.
This PAS identifies three generic threats to food and drink:
1. Malicious contamination with toxic materials causing ill-health and even death;
2. Sabotage of the supply chain leading to foodshortage;
3. Misuse of food and drink materials for terrorist or criminal purposes.
These threats could be carried out by a number ofindividuals or groups, including:
• people with no connection to the organization;
• those with a contractual relationship such assuppliers and contractors;
• alienated or disaffected staff.
Further, they could use both physical and electronictechniques to achieve their ends. This PAS attempts an holistic approach to food defence.
Food defence aims to:
• reduce the likelihood (chance) of malicious attack;
• reduce the consequences (impact) of an attack;
• protect organizational reputation (The Brand);
• reassure customers, press and public that‘proportionate’ steps are in place to protect food;
• satisfy international expectations [1] and support the work of allies and other trading partners.
4.1 General The food and drink industry can be seen as naturallyvulnerable to attack but highly resilient. Thevulnerability arises from relatively open access to sites,especially agricultural, retail and food service siteswhere the public is actively welcomed. It comes frommajor and short term (Just-in-Time) movements ofmaterials and from staff turnover and the use ofmigrant and temporary labour. However, the intrinsicvulnerability is significantly moderated by theoperation of established food safety systems whichgreatly reduce the opportunity for effective attack. The resilience of the sector comes from the overallavailability of food, from competitiveness within theindustry, and from the consumer’s ability to substituteone food for another. Reducing vulnerability andincreasing resilience can be achieved by greater controlof access to materials, processes, services and premisesgenerally and subjecting these to regular review.
4.2 Response levelsThere are three response levels which can beimplemented as the threat to a food organizationdevelops:
1. The ‘Normal’ response level reflects routineprotective security measures appropriate to thebusiness concerned. Proportionate steps which build on prudent crime prevention arrangements by consideration of this PAS would form the‘Normal’ response.
2. The ‘Heightened’ response level shows additionaland sustainable protective security measuresreflecting the broad nature of the threat combinedwith specific business and geographicalvulnerabilities and judgements on acceptable risk,given confidential notice by the authorities that the threat levels for the area had increased. As anexample, this ‘Heightened’ response could includethe banning of all but essential vehicles from a site.
3. An ‘Exceptional’ response would be theimplementation of maximum protective securitymeasures to meet specific threats and to minimizevulnerability and risk. It may well be that the‘Exceptional’ response involves executive action bythe Police with which the organization cooperates.
An organization may choose to identify an escalatingscale of activities which it would implement as a threat develops.
4 Broad themes of food defence
PAS 96:2008
© BSI March 20084
4.3 The food supply webFigure 1 illustrates some of the operations involved in modern food and drink supply.
It is not intended to be comprehensive. It is an over-simplified picture intended to illustrate the inter-relationships and to encourage a broad view.
Agri-Chemicals
Seed-Crops
Artificial insemination
Product assembly
Primary ingredients
manufacture
Water
Farming
Materials
Packaging
Distribution
Storage
Retail
Food ServiceCustomer
ConsumerWaste
disposal
Fishing
Figure 1 – A food supply web
Upstream
Downstream
PAS 96:2008
© BSI March 2008 5
Successful attacks on operations ‘downstream’ (foodservice outlets or retail stores) are likely to have limitedscope in terms of geographical area, number of casesor product type but could have traumatic impact(illness or even death). The Oregon State attackillustrates such an incident (see Clause 3 Case Study A).
‘Upstream’ businesses such as farms would be damagedeconomically by an effective attack that made largetracts of land unproductive. Manufacturers could suffersignificant damage to brand reputation and there isalso the potential for casualties to occur although suchan attack may prove more difficult than ‘downstream’scenarios. The Sudan 1 incident in 2005 (see Case StudyC) illustrates the point of economic loss.
Case Study C: In February and March 2005 more than 500 foodproducts were withdrawn from sale in the UKbecause of contamination with an illegal dye,Sudan 1. The pigment was present in chilli powdersourced from overseas. The chilli powder had beenused directly as an ingredient and in compoundproducts such as Worcestershire Sauce which werethemselves used as ingredients in more complexproducts.
While there has been no suggestion of maliciousintent, disposal cost the industry several hundredsof millions of pounds. The case also clearlyillustrated the complexity of operating effectivetraceability regimes with long shelf life ingredientsused in long shelf life products that are themselvescompound ingredients.
Good product security builds on sound food safetypractices to remove, prevent and detect adventitiouscontamination. Further information on good practicein this area can be found in Assured Food Standards[2], in Good Manufacturing Practice: A Guide to itsResponsible Management [3] and the FSA’s Preventingand Responding to Food Incidents [4]. Businessesshould have hygienic operations and use HACCP as an integral part of quality management systems. They should operate in line with recognized industrystandards such as the British Retail Consortium’s GlobalStandard for Food [5] or BS EN ISO 22000:2005, Foodsafety management systems. Requirements for anyorganization in the food chain. Smaller companies may find The Safe and Local Supplier Approval Scheme(SALSA) [6] useful.
NOTE Details of other industry standards are given in the bibliography.
Positive management policies should be in place tocontrol fire risks and health and safety issues. Crimeprevention should be an on-going concern. Genericguidance on crime prevention by design of premises is available from the Police [7]. It is recommended that management of food defence is the specificresponsibility of a nominated officer with the necessary authority.
5 Presumptions
are likely to be too numerous to justify individualstudies while premises level studies will miss keyaspects;
d) identification and documentation of the process inas much detail as possible. This should be consistentwith it being summarized on one sheet so all stagescan be seen at one time. A flow diagram isrecommended. The summary should include, in a proportionate manner, external steps (includingmaterial and staff sourcing, utilities, and productdistribution) and key services including disposal of waste;
e) agreement within the Threats Team that thesummary is fair and accurate;
f) identification of specific steps in the process atwhich malicious contamination or sabotage couldtake place. Some lateral thinking may be needed.The Threats Team might ask, “If we were trying toundermine our business, what would be the bestway?” It might consider how an attacker mightselect ‘attack’ materials: availability, toxicity, physicalform, safety in use, e.g. pesticides on farms andaggressive flavour materials in factories;
g) ongoing evaluation at each step as to whether theopportunity for attack merits further protectiveaction. Appropriate and proportionate action should be identified, recorded confidentially andimplemented;
h) a review of the evaluation after any alert orannually as well as points at which new threatsemerge or when there are significant changes inBest Practice.
PAS 96:2008
© BSI March 20086
Hazard Analysis Critical Control Point (HACCP) is the well-established and legally required approach for assuring the integrity of food. It encouragesmanagement teams to review established hazardswhich are typically adventitious in nature.
Threat assessment and mitigation builds on HACCP and business continuity management philosophies andis the systematic examination of processes to identifyvulnerable points and remedial action to improveresilience against malicious attacks by individuals orgroups. It specifically considers that malicious attack is likely to involve unforeseen agents or materials orstrategies. The nature of the ‘preferred’ agent will beinfluenced by the nature of the food itself, such as itsphysical state, chemical composition, packaging andshelf life. It uses the HACCP approach but attempts toanticipate modes of attack and identify deterrentprecautions.
Staff with the range of specialisms mentioned abovewill recognize the protocol as following the establishedHACCP format; and will also recognize the keydifferences based on the predictable, random nature of hazards and the targeted, malicious nature ofthreats which requires creative thinking. The protocolmay be managed within crisis and/or businesscontinuity procedures. A small company which doesnot possess enough trusted and experienced staff withthe range of specialisms mentioned above should seekadvice from specialist organizations as outlined inAnnex A.
The procedure can normally be ‘generic’ to a specificproduction line and should involve:
a) the formation of an interdisciplinary Threats Teamof experienced and trusted individuals who havespecialist knowledge of, responsibility for, andauthority to influence, the business processesinvolved. If possible, the team should includesecurity, technical, and human resources specialistsand may select its own leader. It should typically bean established and permanent group, able to review its decisions over time;
b) a confidential reporting and recording system thatallows management action on decisions but doesnot expose weaknesses to those without a need to know;
c) the identification of the scope of the process to beexamined. Product groups with similar sourcing,processing, packaging and supply characteristicsmight form suitable topics; individual product lines
6 A protocol for threat assessment and mitigation
The threat assessment and mitigation procedure can normally be generic to a specific production line
PAS 96:2008
© BSI March 2008 7
PAS 96:2008
© BSI March 20088
For extensive guidance on personnel security, pleaserefer to CPNI. [8]
8.1 Pre-employment prudenceA significant attack on food supplies is most likely toinvolve individuals with knowledge of and/or access to food processes. Many food operations have rapidturnover of staff and may recruit on the basis ofminimal information, and are therefore highlyvulnerable. Detailed guidance on pre-employmentscreening is available from CPNI [9]. Attention is alsodrawn to BS 7858:2006: Security Screening ofIndividuals Employed in a Security Environment.Recruiters should base their recruitment decisions onoriginal documents, not photocopies, and shouldassure themselves that documents used to support anapplication are genuine. Similar considerations apply to visiting contractors; employers should assurethemselves that their contractors operate securepersonnel policies and be prepared to carry out checksthemselves. The area of recruitment and employment is heavily regulated. Particularly pertinent examples are given in the bibliography [10 – 22].
All employees and visiting contractors within the foodindustry are to some extent in positions of trust.Employers should assure themselves that individualsare worthy of that trust. Some key or sensitivepositions (e.g. security guards, goods reception andpackaging supervisors, engineers and process controltechnicians) demand a high level of independence and trustworthiness and are pivotal to the success ofoperations. Systematic evaluation of job functions canidentify these roles and enable the appointment ofthose with an appropriate record or who have satisfieda more stringent screening process.
The product, the premises and the organization can be the target of attack and each element should beassessed separately. Managers could ask the followingquestions.
For the product:
• Does this product have particular religious, ethical or moral significance for some people?
• Could this product be used as an ingredient in a wide range of popular foods?
• Does the product contain ingredients or othermaterial sourced from overseas?
For the premises:
• Are premises located in a politically or sociallysensitive area?
• Do premises share access or key services with‘controversial’ neighbours?
• Are services to the premises adequately protected?
• Are external utilities adequately protected?
• Are hazardous materials, which could be valuable to hostile groups, stored on site?
• Are large numbers of people (including the generalpublic) using the location?
For the business:
• Are we under foreign ownership by nations involvedin international conflict?
• Do we have a celebrity or high profile chief executiveor proprietor?
• Do we have a reputation for having significant links,customers, suppliers, etc with unstable regions of the world?
• Are our brands regarded as controversial by some?
• Do we or our customers supply high profilecustomers or events?
NOTE These lists are not exhaustive.
This assessment of food defence requirements willallow managers to specify the ‘proportionate’ level of protection required (‘Operational Requirements’).They should then audit existing arrangements andundertake remedial action to correct weaknesses.Advice may be available at local level from CounterTerrorism Security Advisers (CTSAs) within a local Police force.
7 Assessing the threat 8 Assuring personnel security
PAS 96:2008
© BSI March 2008 9
8.2 Systems for control of temporary staffThe same requirements apply to temporary staff asapply to permanent employees. Temporary staff fromrecognized agencies may be treated like contractors for security purposes.
To control and monitor the use of casual and sub-contract staff the company should consideradjusting contracts to give them the power toexternally audit recruitment and screening processes of supplier staff deployed on their contract.
8.3 Building employee inclusiveness Managers will recognize that alienated ordisenchanted employees are more likely to be
disruptive or to overlook disruptive behaviour ofothers. They should encourage the development of an operational team spirit to encourage both loyalty to the operation and the reporting of unusualemployee behaviour.
Managers should be aware that both they and trustedstaff are open to coercion or deception by those of amalicious disposition and should give thought to howunusual behaviour should be managed.
At the time of publication of this PAS, CPNI wasformulating advice on on-going personnel security.
PAS 96:2008
© BSI March 200810
9.1 GeneralAccess of people, vehicles and materials onto premisesshould be restricted to those with a clear businessfunction. This reduces the opportunity for maliciousintrusion. For example, it could be more effective tocontrol pedestrian access for staff and visitors with car parking external to the secure premises than toexamine every vehicle regardless of need for access. In many situations such as primary agriculture accesscannot be controlled in this way. Similarly, controlscannot be used where the general public has businessaccess such as retail and food service outlets. In suchsituations, organizations will apply controls toappropriate buildings or parts of buildings.
Visible and comprehensive perimeter fencing may actas a deterrent to intruders, and an associated alarmsystem can give indication should intrusion take place.Advice on the specification of perimeter fencingdepends upon operational requirements provided bythe threat assessment. Unauthorized access may bemonitored using CCTV and security guarding, given a suitable external lighting system.
Perimeter controls should also consider site situation(roads, waterways, other buildings, planningconstraints) as well as technological issues like pestcontrol. Perimeter controls should be viewed as awhole so that weakness in one part does not negatestrengths in other parts. Any business contemplatingthe development of a new site should build protectivesecurity considerations into the design process.
9.2 Access for motor vehiclesEntry to vehicles on essential business should bethrough monitored access points. Approach roadswhich minimize the speed of the vehicle and maximizethe opportunity for inspection and rejection would be helpful.
Consideration should be exercised in site planning and maintenance. Access to and from the site shouldbe clear and able to be surveyed. Excess foliage shouldbe regularly cleared to facilitate total surveillance.
NOTE 1 Guidance on the manufacture and testing of hostile vehicle restraint measures (e.g. crashproof barriers)can be found in PAS 68:2007 Specification for vehiclesecurity barriers.
NOTE 2 Guidance on traffic calming and the layout andinstallation of vehicle restraint measures can be found in PAS 69: 2006 Guidance for the selection, installation anduse of vehicle security barriers.
Deliveries of materials should be scheduled in advanceand unscheduled deliveries should not be accepted.Staff responsible for receiving goods should checkdocumentation and the integrity of loads so far as ispossible, and record serial numbers from any tamperevident tags. Deliveries of goods other than those fortrade purposes (e.g. for staff canteen) should not beoverlooked as potential carriers of malicious material.Staff should be aware of the dangers of the unlawfuluse of emergency service and other liveried vehicles(‘Trojan’ vehicles) which are not what they seem, ofdeception to gain access, and of coercion of legitimatedrivers to carry malicious materials. They shouldinvestigate, when possible, any vehicles missingscheduled delivery times.
9 Controlling access to premises
Event activated lightingis a familiar feature
Even modest perimeterfencing can deter intruders
Rising bollards can control traffic
PAS 96:2008
© BSI March 2008 11
9.3 Access points for peopleAutomatic entry to individuals may be granted basedon what they have (e.g. a key or token such as a swipecard) or of what they know (e.g. a password or PINcode) or, preferably, of both. This last approach shouldbe used to limit access to sensitive areas like bulkstorage silos and process control rooms to trusted staff.
Other than persons on official business, all visitorsshould have appointments and be under managementendorsement and supervision.
9.4 Screening of visitorsAs a general rule, and with the exception of retail and food service customers, only visitors with ajustified reason should be allowed on food premisesand then only by appointment. Casual visitors shouldbe excluded unless from a recognized authority. Allvisitors should present reasonable proof of identity on arrival and a record of their attendance maintained.A nominated person should meet and accompany the visitor throughout the visit. Visitors should agree to cooperate with a security search should one be felt necessary.
9.5 Identification of ‘unauthorized’ visitorsFor all but very small operations, positive identificationof staff and visitors at all times is recommended. This could be by means of marked workwear and/oridentity passes. Staff should be trained and encouragedto be vigilant in order to identify, monitor and reportintruders and to report hostile surveillance.Appropriate use of closed circuit television (CCTV)could have value if operated according to theprinciples of the Data Protection Act 1998 [11] and if operators are appropriately licensed and trained. The police should be contacted immediately if anintruder is found on the premises.
Secure doors are available for the widest of doorways
CCTV can monitor access to restricted areas
9.6 Secure mail handlingPostal and courier services have been used to delivernoxious materials to premises. In the light of a threatassessment, managers may consider whethercentralized and/or remote reception and examinationof such deliveries is needed.
NOTE Managers could also consider appropriate mailopening training and the possible use of technical aids suchas X-Ray.
9.7 Restrictions on portable electronicequipmentModern cameras and audio/visual equipment includingmobile phones can be used to undermine the securityof premises by informing criminals about levels ofprotection. In the light of a threat assessment,managers may consider whether to restrict the use of such equipment.
PAS 96:2008
© BSI March 200812
Attack on factory services (mains power, fuel oil, gas supplies, potable water, mains drainage,telecommunications systems, refrigeration, cleaningsystems, etc) would sabotage operations and couldlead to malicious contamination. Air inlets toventilation systems can be vulnerable to noxious gasesor aerosols and may merit protection. Managers mayidentify sensitive areas and limit access to nominatedresponsible individuals and deputies. They should liaisewith suppliers of services so there is no avoidable gapin security between supplier owned and operatorowned infrastructure.
11 Secure storage of transportvehicles
Managers should ensure that vehicles under theircontrol are not misused and should ensure that storageat the depot and when en-route is secure.
10 Controlling access to services
Secure storage of foodstuffs and packaging materialswill reduce the opportunity for contamination.Lockable storage areas and numbered tamper-evidentseals on access ports to bulk silos are recommended.Secure storage of product labels will reduce the chanceof attack with counterfeit goods.
Hazardous materials, in particular cleaning andsanitising chemicals which can themselves be misusedfor malicious purposes, should be handled safely and inlocked storage under the control of a trusted manager.Guidance on the control of ammonium nitrate fertiliser[23] in agriculture (see Annex B.1) may be adapted foruse with peroxide based sanitizers, noxious additivesand pesticides. Effective stock reconciliation shouldform a constant element of control of such materials,as does tamper evidence (on intake and discharge) of distribution and storage containers. The sameconsiderations apply to any toxic or pathogenicmaterial used as laboratory agents.
Reception arrangements for raw materials shouldinclude checks of the integrity of tamper evident seals.Suspicious materials or those with damaged sealsshould not be used without further investigation and clearance.
Employees should be provided with lockable storagefor personal property to enable its separation from the process.
12 Controlling access to materials
Secure covers for storage chamber access points
PAS 96:2008
© BSI March 2008 13
13.1 GeneralCritical process control rooms should be secure andaccess limited to authorized staff. Where electronicprocess controls are in use, access should be by secureidentification and authentication mechanisms such asusernames and passwords. Detailed guidance on theprotection of process control (including SCADA –supervisory control and data acquisition) systems isavailable from CPNI [24]. By clear marking of staff, as often used to distinguish ‘high care’ (typically, post-process) from ‘low care’ (typically, pre-process)areas, individuals who are in the wrong place can be quickly identified.
13.2 Assuring business processesIn addition to specifically food technologies, the sectoris dependent on external services of the widereconomic community.
The transport infrastructure is critical to a ‘Just-in-time’approach to food supply. Managers should havecontingency routes as back up to their normaldistribution network. They may liaise withneighbouring operations to ensure alternative accessto local sites in the event that the primary entrance isout of use.
Modern business processes (e.g. sales and boughtledger, order receipt and processing, productionscheduling, point of sale stock control and paymentssystems) are typically based on generic electronicplatforms (e.g. SAP, ORACLE, Microsoft Windows, Unix)and are vulnerable to malicious attack regardless ofthe sector involved. Information technology managersshould implement ISO 27001 compliant electronicsecurity measures. They should maintain topical andcurrent virus checking software and firewalls, andshould install patches and upgrades as soon as theybecome available. They should consider to what extenthot standby (i.e. ready to operate), warm standby (i.e. can quickly be made operational) and cold standby(i.e. archived records) or other back up systems areneeded and whether duplication of informationtechnology systems is needed to provide the necessaryresilience. Access rights for administrators should bebased on separate and independent identification and authentication. This provides an audit trail for, for example, the allocation of user access rights, themanagement of anti-virus and firewall installation andpatch application. Some operations rely on bespokerather than off-the-shelf systems. These may be lesslikely to attract malicious attention, but may be moredifficult to defend. The increasing use of internet
13 Controlling access to processes
Clear labelling is essential to ensuring traceability
Distribution and storage containers should be tamper-evident
PAS 96:2008
© BSI March 200814
seals using numbered tags assures integrity andcontributes to product traceability. For ingredientsused in only small quantities and for retail packages,tamper evidence can initiate quarantine andinvestigation prior to use.
Partially manufactured ‘work in progress’ should becovered and could be made tamper evident if stored.Finished product packs for retail display shouldnormally be tamper evident.
13.5 Reception arrangements for materials All foodstuffs, packaging, and business services shouldbe treated as quarantined on arrival at Goods-In. Staff should record vehicle details and tamper sealnumbers, and confirm there are no damaged packs in the consignment.
Sensory examination of ingredients and otherfoodstuffs for unusual odours or appearance isrecommended for positive release into materialsstorage.
Secure quarantine and disposal of all waste material,especially printed packaging, is needed to ensure that it does not become a source of contamination or misuse.
13.6 Quality control arrangementsManagers should concentrate on quality assurancetechniques to defend food and drink, and not rely on quality control testing. When trying to spot a veryinfrequent event which would have dire consequences,quality control techniques based on sampling are notsufficiently effective and only 100% examination isadequate, as used for metal detection. Suchexamination would need to be by non-destructivetesting which is not practicable for unpredictablehazards. Having said that, sensory examination can be a most useful tool, as many contaminants willinfluence the colour, odour, texture or flavour of afoodstuff at levels at which they do not cause acuteharm. Investigation of incidents can make use ofspecialist analysis of hazardous materials, or researchassociations that can examine materials against anestablished profile and thereby identify discrepancies.Some routine checks such as chlorination checks ofmains water could indicate sabotage of services.
protocols, for example to enable remote working,makes operations increasingly open to attack andmerits vigorous implementation of security measures.CPNI offers specific advice to the nationalinfrastructure to help mitigate threats to electronicsecurity [25].
13.3 Assurance that sources of materials arereliable and threat awareThe integrity of materials supplied to premises isfundamental to good practice. Operational managers,in their vendor approval routines (especially for newsuppliers) may want to assure themselves that theirsuppliers are aware of security issues and have taken a proportionate approach.
Casual purchases should be subject to strict internaltechnical and quality control checks. Casual purchasesshould be the exception rather than the norm; careshould be taken to ensure that casual suppliers do not become permanent suppliers without first beingsubject to appropriate checks and controls.
13.4 Product security – tamper-evidentconsignmentsWhere malicious contamination cannot be prevented,tamper evidence provides an important protectionagainst damage and harm. For bulk supplies ofmaterials including packaging materials, protective
Tamper evidence provides an important protectionagainst damage and harm
Use of business continuity management principlescomplying with BS 25999 Business continuitymanagement. Part 1: Code of Practice will give goodresilience to react to and recover from malicious attack.Managers may want to review regularly, the balancebetween their provision of just-in-time supply versusjust-in-case provision. Some fall-back source of keyservices may be advisable, in addition to those ofelectronic service discussed in Clauses 10 and 13.2.While duplication of mains services is likely to beappropriate for only a very small number of very large ‘sole suppliers’; some thought could be given to alternative arrangements.
Emergency and crisis management procedures shouldbe developed and rehearsed with close liaison withlocal government and agencies (the Local ResilienceForum) to maximize collaboration and minimizeconfusion in the event of attack or accidentalemergency.
Organizations should maintain an emergency keycontacts list including both internal (senior executives,key post holders, and deputies) and external(Environmental Health Officers, Trading StandardsOfficers, public analysts, Food Standards Agency)partners.
All staff should be trained in emergency procedures.
Arrangements for media management and informingthe public in order to minimize over-reaction to anevent should be key elements of a business continuityplan. In the event of a malicious attack however,control of these activities is likely to be in the hands of the Police and the Food Standards Agency.
PAS 96:2008
© BSI March 2008 15
14 Contingency planning for recovery from attack
Effective lot (batch) coding facilitates product recall
An effective traceability system, both upstream toingredients and downstream of products should bedeveloped to minimize the consequences of an attack.Product recall arrangements should be rehearsed toensure that such procedures are as effective aspossible.
Special arrangements for the disposal of contaminatedmaterials may be necessary.
All policies relating to security and general riskmanagement (including Business Continuity andDisaster Planning) should be overviewed and collatedto ensure that there are no contradictions or anomaliesand that there are appropriate supporting proceduresin place.
15 Audit and review of fooddefence procedures
It is vital that breaches and suspected breaches ofsecurity be immediately reported to the nominatedmanager who will decide if a full review is needed.
The Threats Team should monitor the Security Servicewebsite [26] for updates in the national threatassessment. The local situation can be reviewedfrequently and briefly against changes to conditionspertaining at the premises. A concise report of thereview should be given only limited circulation.
PAS 96:2008
© BSI March 200816
Annex A (informative)Organization of the key sources of advice and information
Food & drink defence
Devolvedadministrations
Civil ContingenciesSecretariat
Home Office
Food StandardsAgency
CPNI
Defra
Tradeassociations
Food & drinkcompanies
Importersexporters
Packagingsuppliers
Distributionoperators
Food & drinkbusinessesLocal bodies
Nationalgovernment
NaCTSO
Local resiliencefora
Other emergencyservices
Local authorityEHOs/TSOs
Green lines indicate some major links between sources of information
Police CTSAs
PAS 96:2008
© BSI March 2008 17
CCS The Civil Contingencies Secretariat:Sits within the Cabinet Office at the heart of central government. It works in partnership with government departments, the devolvedadministrations and key stakeholders to enhance the UK’s ability toprepare for, respond to and recover from emergencies.
CPNI The Centre for the Protection of National Infrastructure:The Government authority which provides protective security adviceto businesses and organizations across the national infrastructure.
CTSAs Counter Terrorism Security Advisers:Police staff who have the core role of identifying and assessinglocations within their police force area that might be vulnerable to terrorist or extremist attack.
Defra The Department for Environment Food and Rural Affairs:Leads government work in support of a secure and sustainable food supply.
Devolved AdministrationsManage elements of food and drink defence through:a) the Scottish Government’s Environmental and Rural Affairs
Directorate.b) the Welsh Assembly Governmentc) the Northern Ireland Administration.
EHOs Environmental Health Officers:Work within local authorities to enforce food safety law.
FSA The Food Standards Agency:An independent Government department set up by an Act ofParliament in 2000 to protect the public’s health and consumerinterests in relation to food.
Home Office:Responsible for protecting the UK from the threat of terrorism.
LRF Local Resilience Forum:Operate at police force level and coordinate preparedness for andrecovery after an emergency.
NaCTSO The National Counter Terrorism Security Office:A police unit co-located with the CPNI. It contributes to the UKgovernment’s counter terrorism strategy (CONTEST) by supportingthe Protect and Prepare strands of that strategy. NaCTSO providestraining, tasking and co-ordination of CTSAs.
Trade Associations:Represent corporate members in their individual business areas andmay coordinate continuity planning advice.
TSOs Trading Standards Officers:Enforce consumer protection legislation within local authorities.
Acronym Organization and role Website
www.ukresilience.info/ccs
www.cpni.gov.uk
www.nactso.gov.uk
www.defra.gov.uk
www.scotland.gov.uk
www.wales.gov.ukwww.northernireland.gov.uk
www.lacors.gov.ukwww.cieh.org
www.food.gov.uk
www.homeoffice.gov.uk/security
www.ukresilience.info/preparedness/ukgovernment/lrfs.aspx
www.nactso.gov.uk
www.tsi.gov.ukwww.lacors.gov.uk
PAS 96:2008
© BSI March 200818
Annex B (informative)Guidance for specific parts of the food and drink supply chain
B.1 Primary producers including agriculture Many of the provisions of Assured Food Standards (the “Red Tractor Scheme”) for agriculture arepertinent to food defence [2].
Farmers are strongly advised to maintain effectivelevels of biosecurity which minimize unnecessarycontact between animals and between people andanimals. It is recommended that equipment andpremises be cleaned and disinfected as far as ispracticable. Signs of disease should be reported asearly as possible. Guidance on biosecurity can be found at www.defra.gov.uk/animalh/diseases/control/biosecurity/index.htm.
The Gangmasters Licensing Authority [22] aims to curb the exploitation of workers in the agriculture,horticulture, shellfish gathering and associatedprocessing and packaging industries and offers adviceon the use of casual teams of workers. Farmers shouldnot assume that members of regulated gangs arenecessarily trustworthy.
Farms make use of many chemicals which can bemisused to cause severe harm. Agri-chemicals should be stored in a secure manner which deters theft andshould be stored and handled separately from foodmaterials and equipment. Ammonium nitrate fertiliserhas been misused to make explosive devices and shouldbe handled in accordance with NaCTSO advice [23].
B.2 Ingredients manufacturersMass production of ingredients may be highlyautomated with little manual input. Such operationsshould assure themselves of the integrity of contractorsproviding engineering services to the plant.
The Meat Hygiene Service [27] controls and advisesslaughterhouse operators who should be alert tosymptoms of unusual or exotic disease in the animalsthey handle. They will have precautionary proceduresfor quarantine in the event of suspected zoonoticdisease.
B.3 Packaging suppliersProducers of primary (food and drink contact)packaging should be alert to opportunities forcontamination and keen to adopt rigorous personnelsecurity practices.
B.4 Food and drink processors and packersHighly labour intensive food assembly operators should recognize their considerable vulnerability tomalicious, ideologically motivated attack. For example,‘just-in-time’ supply of very short shelf life foodproducts can exert great pressure for casualrecruitment of staff to fill unskilled vacancies onpacking lines. Should adequate pre-employmentscreening be impossible, employers are advised toappoint to lower risk jobs (e.g. handling packagedfood only) under trusted supervision and limit access to a small strictly defined area.
Processors and packers of liquid foods includingbottled water will recognize the ease with whichcontaminants may be dispersed through the product.
Handling of detergents and sanitizers, especially inconcentrated form, is hazardous and requires skilledtrained staff. The potential for misuse makes securestorage and effective stock control essential.
Storage and effective stock control are essential
PAS 96:2008
© BSI March 2008 19
B.5 Transport distribution and storageStopovers during long distant haulage provideopportunity for malicious attack. Drivers should checktamper evident seals (including those used on inputand output ports of road tankers) after each break and before loading or off-loading and report anythingunusual promptly to allow forensic investigation.
Distributors involved in transport of food productsacross national borders should be familiar with theAuthorised Economic Operator (AEO) and Customs-Trade Partnership Against Terrorism (C-TPAT)requirements of the European Union and the USArespectively, and similar provisions of other nations.
The Road Haulage Association publishes securityguidance to fleet operators [28]
B.6 Food and drink retailersRetail outlets are public places and individuals haveready access to food products. NaCTSO has a trainingprogramme (Project ARGUS [29]) which helps retailers
The integrity of packaging is core to product protection
Diaphragm seals can give effective tamper-evidencefor packs of liquid and solid foods
Being close to point-of-consumption puts employees in food service outlets into a position where they could attack the food and see the impact almostimmediately
identify malicious behaviour at an early stage.Diligence on the shop floor can deter and detectundesirable activity.
A key threat to retailers comes from the individual orgroup which tampered with a packaged product thenreturned it to the display shelf. The integrity ofpackaging is core to product protection.
B.7 Caterers and restaurateursBeing close to point-of-consumption puts employees in food service outlets into a position where they could attack the food and see the impact almostimmediately. With common food contaminants,malicious attack may not be suspected and residualfood could have been disposed of before symptomsappear preventing forensic examination.
Some outlets cater specifically for vulnerable groups(e.g. the elderly, those with immune deficiencies) andwill want to be particularly diligent.
Caterers supplying the air travel industry will recognizestrict regulations which control their operations.
PAS 96:2008
© BSI March 200820
Table C.1 – Location of key guidance
Annex C (informative)Defending Food: A food and drink defence checklist
Business managers should select Items pertinent and proportionate to their operation, and should add otherItems as indicated by threat assessment and mitigation activity.
1 Sound food safety practices? 5
2 Nominated responsible manager? 5
3 Effective threat assessment and 6mitigation team?
4 Prudent recruitment procedures? 8.1
5 Key and sensitive positions identified? 8.1
6 Prudent use of contractors and 8.2agency staff?
7 Inclusive management culture? 8.3
8 Secure boundaries? 9
9 Perimeter alarm system? 9
10 Monitoring of unauthorised access? 9
11 Monitored access for vehicles? 9.2
12 Surveillable perimeter and approach 9.2roads?
13 Delivery vehicles by appointment only? 9.2
14 Serial numbers of tamper evident 9.2tags recorded?
15 Proof of identity required for visitors? 9.4
16 Positive identification of employees? 9.5
17 Vigilance training for employees? 9.5
18 Secure mail handling? 9.6
19 Nominated sensitive secure areas 10and jobs?
20 Regulated access to secure areas? 10
21 Water supplies protected? 10
22 Transport vehicles stored securely? 11
23 Sealed access to food stores, silos, trailers? 12
24 Secure storage of labels? 12
25 Secure, audited chemicals storage? 12
26 Secure lab control of toxins, pathogens, 12etc?
27 Secure protection of electronic process 13control systems?
28 ISO 27001 compliant electronic 13.2security procedures?
29 Casual purchases of materials are 13.3exceptional?
30 Open food minimized? 13.4
31 Unique security tags used on 13.4consignments?
32 Product packages are tamper evident? 13.4
33 Inspection of delivery vehicles 13.4before reception?
34 Sensory examination effective? 13.6
35 Crisis management procedures 14rehearsed?
36 Collaboration with neighbours and 14Local Resilience Forum?
37 Security contacts list? 14
38 Effective product traceability? 14
39 Effective product recall system? 14
No. Item Clause No. Item Clause
PAS 96:2008
© BSI March 2008 21
Table C.2 – Checklist
1 Sound food safety practices?
2 Nominated responsible manager?
3 Effective threat assessment and mitigation team?
4 Prudent recruitment procedures?
5 Key and sensitive positions identified?
6 Prudent use of contractors and agency staff?
7 Inclusive management culture?
8 Secure boundaries?
9 Perimeter alarm system?
10 Monitoring of unauthorised access?
11 Monitored access for vehicles?
12 Surveillable perimeter and approach roads?
13 Delivery vehicles by appointment only?
14 Serial numbers of tamper evident tags recorded?
15 Proof of identity required for visitors?
16 Positive identification of employees?
17 Vigilance training for employees?
18 Secure mail handling?
19 Nominated sensitive secure areas and jobs?
20 Regulated access to secure areas?
21 Water supplies protected?
22 Transport vehicles stored securely?
23 Sealed access to food stores, silos, trailers?
24 Secure storage of labels?
25 Secure, audited chemicals storage?
26 Secure lab control of toxins, pathogens, etc?
27 Secure protection of electronic process control systems?
28 ISO 27001 compliant electronic security procedures?
29 Casual purchases of materials are exceptional?
30 Open food minimized?
31 Unique security tags used on consignments?
32 Product packages are tamper evident?
33 Inspection of delivery vehicles before reception?
34 Sensory examination effective?
35 Crisis management procedures rehearsed?
36 Collaboration with neighbours and Local Resilience Forum?
37 Security contacts list?
38 Effective product traceability?
39 Effective product recall system?
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
■■
No. Item Completed No. Item Completed
PAS 96:2008
© BSI March 200822
Bibliography
Standards publicationsBS EN ISO 22000, Food safety management systems.Requirements for any organization in the food chain
BS EN ISO 22005, Traceability in the food and feedchain – General principles and basic requirement forsystem design and implementation
BS ISO/IEC 27001, Information technology. Securitytechniques. Information security management systems.Requirements
BS 7858, Security screening of individuals employed ina security environment. Code of practice
BS 25999, Business continuity management. Part 1:Code of practice
PAS 68, Specification for vehicle security barriers
PAS 69, Guidance for the selection, installation and useof vehicle security barriers
Other publications andwebsites[1] Terrorist Threats to Food. Guidance for
Establishing and Strengthening Prevention andResponse Systems. World Health Organization.Food Safety Issues (WHO). 2002.
[2] Assured Food Standards (Red Tractor Scheme)(www.myredtractor.org.uk) including:
Assured British Meat (ABM) for beef and lamb
Assured British Pigs (ABP)
Assured Chicken Production (ACP)
Assured Combinable Crops Scheme (ACCS)
Assured Produce (APS) for fruit, vegetables andsalad crops
National Dairy Farm Assured Scheme (NDFAS)
and related schemes including:
Farm Assured Welsh Livestock (FAWL)
Northern Ireland Farm Quality Assurance Scheme(NIFQAS)
Quality Meat Scotland (QMS)
Genesis Quality Assurance (GQA)
Soil Association Farm Assured (SAFA)
[3] Good Manufacturing Practice: A Guide to itsResponsible Management. Institute of FoodScience and Technology.
[4] Principles for Preventing and Responding to FoodIncidents. Food Standards Agency.www.food.gov.uk/multimedia/pdfs/principlesjul07.pdf
[5] BRC Global Standard for Food Safety. British RetailConsortium.
[6] The Safe and Local Supplier Approval Scheme.www.salsafood.co.uk
[7] Secured by Design. Association of Chief PoliceOfficers. www.securedbydesign.com
For dated references, only the edition cited applies. For undated references, the latest edition of the referenceddocument (including any amendments) applies.
PAS 96:2008
© BSI March 2008 23
[23] Secure Your Fertiliser. The National Counter-Terrorism Security Office.www.secureyourfertiliser.gov.uk
[24] SCADA. CPNI.www.cpni.gov.uk/protectingyourassets/scada.aspx
[25] CPNI. Products and Services.www.cpni.gov.uk/productsservices.aspx
[26] Current Threat Level in the UK. Security ServiceMI5. www.mi5.gov.uk
[27] The Meat Hygiene Service.www.food.gov.uk/foodindustry/meat/mhservice
[28] The Road Haulage Association.www.rha.org.uk/security-services/road-haulage-management-security-advice
[29] Project Argus. Protecting Against Terrorist Attack.www.nactso.gov.uk/argus.php
[8] Personnel Security: Threats, Challenges andMeasures. CPNIwww.cpni.gov.uk/docs/pers_sec_TCM.pdf
[9] A Good Practice Guide on Pre-EmploymentScreening. CPNI. www.cpni.gov.uk/docs/pre-employmentscreening.pdf
[10] GREAT BRITAIN. The Asylum and Immigration Act1996. London. The Stationery Office.
[11] GREAT BRITAIN. Data Protection Act 1998. London.The Stationery Office.
[12] GREAT BRITAIN. The Disability Discrimination Act1995. London. The Stationery Office.
[13] GREAT BRITAIN. The Employment Rights Act 1996.London. The Stationery Office.
[14] GREAT BRITAIN. The Equal Pay Act 1970 (asamended). London. The Stationery Office.
[15] GREAT BRITAIN. The Private Security Industry Act2000. London. The Stationery Office.
[16] GREAT BRITAIN. The Race Relations Act 1976.London. The Stationery Office.
[17] GREAT BRITAIN. The Race Relations AmendmentAct 2000. London. The Stationery Office.
[18] GREAT BRITAIN. The Rehabilitation of OffendersAct 1974. London. The Stationery Office.
[19] GREAT BRITAIN. The Sex Discrimination Act1975/86. London. The Stationery Office.
[20] GREAT BRITAIN. The Sex Discrimination (GenderReassignment) Regulations 1999. London. TheStationery Office.
[21] GREAT BRITAIN. Sex Discrimination (IndirectDiscrimination and Burden of Proof) Regulations2001. London. The Stationery Office.
[22] The Gangmasters Licensing Authority.www.gla.gov.uk
PAS 96:2008
© BSI March 200824
BSI is the independentnational body responsible forpreparing British Standards. It presents the UK view onstandards in Europe and atinternational level. It isincorporated by Royal Charter.
RevisionsBritish Standards are updated byamendment or revision. Users of British Standards should make surethat they possess the latestamendments or editions.
BSI offers members an individualupdating service called PLUS whichensures that subscribers automaticallyreceive the latest editions of standards.
Buying standardsOrders for all BSI, international andforeign standards publications shouldbe addressed to Customer Services.
Tel: +44 (0)20 8996 9001Fax: +44 (0)20 8996 7001Standards are also available from the BSIwebsite at www.bsigroup.com.
In response to orders for internationalstandards, it is BSI policy to supply theBSI implementation of those that havebeen published as British Standards,unless otherwise requested.
BSI – British Standards Institution
Information on standardsBSI provides a wide range ofinformation on national, European and international standards through its Library and Technical Help toExporters Service. Various BSI electronicinformation services are also availablewhich give details of all its productsand services.
Contact the Information CentreTel: +44 (0) 20 8996 7111Fax: +44 (0) 20 8996 7048Email: [email protected]
Subscribing members of BSI are kept up to date with standardsdevelopments and receive substantialdiscounts on the purchase price ofstandards. For details of these andother benefits contact MembershipAdministration.
Tel: +44 (0) 20 8996 7002Fax: +44 (0) 20 8996 7001Email: [email protected]
Information regarding online access toBritish Standards via British StandardsOnline can be found atwww.bsigroup.com/bsonline
Further information about BSI isavailable on the BSI website atwww.bsigroup.com
CopyrightCopyright subsists in all BSIpublications. BSI also holds thecopyright, in the UK, of thepublications of the internationalstandardization bodies.
Except as permitted under thecopyright, Designs and Patents Acts1988 no extract may be reproduced,stored in a retrieval system ortransmitted in any form by anymeans – electronic, photocopying,recording or otherwise – withoutprior written permission from BSI.
This does not preclude the free use,in the course of implementing thestandard, of necessary details suchas symbols, and size, type or gradedesignations. If these details are tobe used for any other purpose thanimplementation then the priorwritten permission of BSI must be obtained.
Details and advice can be obtained from the Copyright & Licensing Manager.
Tel: +44 (0) 20 8996 7070Fax: +44 (0) 20 8996 7553Email: [email protected], 389 Chiswick High RoadLondon W4 4AL.
British Standards Institution389 Chiswick High RoadLondon W4 4ALUnited Kingdom
www.bsigroup.com
ISBN 9780 580 61990 8
