PAS 97:2012 - A specification for mail screening and security – BSI British Standards

PAS 97:2012

A specification for mail screening and security

Status : Revised, Superseded, Withdrawn   Published : January 2012 Replaced By : PAS 97:2015

WITHDRAWN TITLE
*To ask about withdrawn titles contact the
BSI Customer Services
cservices@bsigroup.com, +44 345 086 9001


This Publicly Available Specification (PAS) has been written to help prevent attacks on mail systems. PAS 97 is a specification for mail screening and security to help organizations reduce the risk of harm to operations and staff. Publication comes just weeks after the Government updated its anti-terror strategy to take account of the increased likelihood of a chemical or biological terrorist attack in Britain.

Even in this electronic age, most businesses and other organizations rely on the ability to receive and send physical items of mail. As an essential part of normal operations, mail presents various potentially significant vulnerabilities. Mail streams into and within an organization provide a vector for malicious attacks and scope for other security incidents, all of which can adversely affect the day-to-day business of the organization, as well as its reputation.

This Publicly Available Specification (PAS) gives the requirements and recommendations for mail screening, set in the broader context of postal security. It will be useful to anyone responsible for planning, delivering or procuring mail handling and screening services within organizations, as well as commercial providers of such services.

The specification is for use by organizations of any size, sector or complexity. It sets out a comprehensive framework for protective security including:

  • Assessment of risks associated with postal incidents
  • Identification of appropriate measures to take in screening mail
  • Help with decisions on the investment in equipment and facilities
  • Implementation of these measures with regular review
  • Establishment of conditions to be imposed upon suppliers

Annexes in PAS 97 include guidance on possible indicators of suspicious items (e.g. an additional inner envelope that may be difficult to remove; an unusual postmark or no postmark) and suggested action upon discovery of suspicious items.

PAS 97 specifies measures to assist businesses and other organizations in identifying and minimizing the impact of items of mail that represent a threat, or could otherwise cause concern or disruption. It also addresses broader postal security measures aimed at ensuring all incoming, outgoing and internal mail streams are managed to minimize the risk of loss or theft of valuable or sensitive items or information.

This publication concentrates on letters and small parcels entering the organization from any external source, including public/commercial postal services, by hand or by courier delivery.

Attacks may be intended to cause physical damage to property, harm to individuals, create fear or merely to cause disruption. It is also quite possible for perfectly benign objects to appear suspicious, causing disruption through emergency responses that prove unnecessary.

In addition, incoming and outgoing mail streams may contain valuable items or sensitive information that warrant protecting from loss or theft.

Mail screening and security measures can be used to reduce the risk and impact of such incidents. This PAS aims to assist organizations in identifying and implementing appropriate postal security measures that meet their particular needs.

Too few or inappropriate measures increase the risk of significant security incidents that harm the organization and its business. Excessive measures are likely to be an unnecessary expense and may otherwise reduce the efficiency of the organization, for example by causing delays or using scarce staff and space resources.

In working to identify and implement the appropriate measures for an organization, it is important to consider factors both within and external to the organization as well as potential future changes to these. For example, the nature of the organization’s business could change in a way that affects mail throughput requirements, as could the public profile of the organization in a way that makes it more likely to be targeted by single-issue groups, terrorists or disaffected individuals.

Contents of PAS 97 A specification for mail screening and security contain:

  • Scope
  • Terms and definitions
  • Outline of process
  • Assessing the risk
  • Understanding the threat
  • Understanding the organization’s mail streams
  • Screening levels
  • Selecting appropriate screening levels for different mail streams
  • Physical protective measures
  • Summarizing the organization’s requirements
  • Implementation
  • General postal security measures
  • Management and responsibility
  • Operating procedures (including emergency procedures)
  • Mail room / screening facility
  • Screening methods and equipment
  • Human factors
  • Health and safety considerations
  • Sources of advice and information
  • Possible indicators that a delivered item may be of concern
  • Action upon discovery of any suspicious delivered item
  • Mail facility layout and construction to minimize the effects of an explosive device
  • Additional information on X-ray machines for mail screening

Whilst many of the principles detailed in this document can also be applied to improving the security of other, larger-scale deliveries, these are not explicitly covered.

PAS 97 does not propose a single standard of postal security and screening. Instead, it sets out to assist organizations in assessing their particular level(s) of risk, and selecting and implementing commensurate security measures. A series of screening levels (1 to 5) is defined in terms of progressively more complex screening measures; this is complemented by a series of physical protection classes (A to D) that describe incremental physical protective measures for mailrooms and personnel. Another factor contributing to the overall level of protection an organization derives from its postal security measures is the location of its mail facilities.

The security of electronic mail and associated IT systems is outside the scope of this PAS.

What is a pas?

A PAS provides a sponsored, fast-track route to standardization driven by the needs of the client organizations and developed according to guidelines set out in PAS 0. Key stakeholders are brought together to collaboratively produce a BSI PAS that has all the functionality of a British Standard for the purposes of supporting certification, sharing good practice or supporting innovation.

Within two years of the publication date a PAS is reviewed to determine whether amendment or revision is required or whether it should be considered for conversion to a formal British Standard.

A wide range of PAS documents are available to buy here in the BSI Shop, with many available as instant downloads. Some are also available free of charge.

For more information about fast-track standards, how PASs are commissioned, and how they could help your organization, please visit our PAS webpage.




Standard NumberPAS 97:2012
TitleA specification for mail screening and security
StatusRevised, Superseded, Withdrawn
Publication Date20 January 2012
Withdrawn Date31 October 2015
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
Replaced ByPAS 97:2015
ReplacesPAS 97:2009
DescriptorsPostal services, Letters (documents), Packages, Security, Health and safety requirements, Risk assessment
ICS13.310
CommitteeZZ/1
ISBN978 0 580 75058 8
PublisherBSI
FormatA4
DeliveryNo
Pages40
File Size0.982 MB
Price£80.00


WITHDRAWN TITLE
*To ask about withdrawn titles contact the
BSI Customer Services
cservices@bsigroup.com, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


BSOL

The faster, easier way to work with standards


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


Worldwide Standards
We can source any standard from anywhere in the world