Work Item
ASTM WK77233

New Guide for Enterprise Risk Management and Resilience Integration

1. Scope

1) the development of standards (specifications, guides, practices, test methods, classifications, or terminology) for homeland security applications that do not exist elsewhere, specifically focusing on protecting responders and the public in the following areas:
• Chemical, Biological, Radiological, Nuclear, Explosive (CBRNE) detection and response (e.g., equipment, use of equipment, and protocols during and after intentional and unintentional events)
• Preparing for and responding to natural disasters, accidents, and intentional events (e.g., training and concept of operations)
• Protecting and equipping public safety personnel and responders in homeland security operations or events, but may cross over to day-to-day operations (e.g., law enforcement personal protective equipment, such as body armor and gloves, and operational equipment used for protection of citizens and responders)
• Security and protection of buildings, critical infrastructure, borders, ports, and transportation systems (e.g., preparation for intentional and unintentional events, resiliency of infrastructure, and physical protection barriers)
2) the coordination and development of standards for homeland security applications with other ASTM committees (such as F23 and D13) or other standards developing organizations having similar or related scopes (such as NFPA and ANSI).
2.2 It is the intention of E54 to coordinate with other ASTM committees and standards developing organizations having similar or related scopes to ensure that E54 does not duplicate efforts of others and to ensure the development occurs within the proper organization.
2.3 Coordination with others will be the responsibility of the E54 Strategic Planning Subcommittee.


References: GAO, Standards for Internal Control in the Federal Government (Green Book), ISO 31000 (Risk Management), ISO 9000:2015 (Quality Management Systems (QMS), and ISO - The Integrated Use of Management System Standards. OMB Circular A-11 for Strategic Reviews, OMB Circular A-119: Federal Participation in the Development and Use of Voluntary Consensus Standards and Conformity Assessment Activities and OMB Circular No. A-123, Managements Responsibility for Enterprise Risk Management and Internal Control.::


Enterprise Risk Management (ERM) is an organizational process that allows management to identify, prioritize, and mitigate risks across a broader spectrum of activities than traditional risk management to evaluate the impact of risks that can adversely impact an organization's accomplishment mission/s. Subsequently, ERM provides the foundation for strategic-level decision-making across organizational departments and "silos" and eliminates the problems with existing silos in this regard. In addition to internal risks, ERM considers external risks, as well as a combination thereof, and external factors such as natural and economic failures, which could multiply the negative impacts associated with the risks. ERM and resilience integration allows management to identify risks that can adversely impact the effective administration of an agency, organizational, departmental, and workforce policies. Having an ERM guide means that agencies, organizations, departments, and workforce champions will be better positioned to promote and absorb ERM foresight and have a more effective decision-making framework and basis for making implementation-related decisions more effectively. Many organizations have multiple or separate continuity of operation strategies, succession, and risk mitigation plans which may not reflect ERM and resilience. As a result, the development of effective, comprehensive ERM plans would allow management to respond more quickly and effectively to address risks to an organization. Several methodologies exist for addressing risk management, but the distinction between and the applicability for enterprise-wide governance documents that reference voluntary consensus standards and conformity assessment, federal guidance, internal controls would benefit all stakeholders. It would be advantageous to have an ASTM standard guide that provides recommended practices for cooperation and coordination across organizations with respect to ERM and Resilience Integration for creating a more effective and consistent approach.

The title and scope are in draft form and are under development within this ASTM Committee.


Developed by Subcommittee: E54.02

Committee: E54

Staff Manager: Kevin Shanahan

Work Item Status

Date Initiated: 06-08-2021

Technical Contact: John Bridges III

Item: 000