BSI has published a revised version of its PAS 97 specification for mail screening and security. PAS 97:2015, which was sponsored by the UK Centre for the Protection of National Infrastructure (CPNI), replaces PAS 97:2012.
Mail streams that go into and around an organization can provide a vehicle for malicious attacks and become a catalyst for other security incidents. This can adversely affect the day-to-day business of the organization, as well as its reputation.
PAS 97:2015 aims to help organizations identify and implement appropriate postal security measures to meet their particular needs. It specifies requirements and recommendations for mail screening, set in the broader context of postal security. It concentrates on letters and small parcels entering the organization from any external source, including public/commercial postal services, by hand or by courier delivery.
Key elements include:
- Measures to assist businesses and other organizations in identifying and minimizing the impact of items of mail that represent a threat, or could otherwise cause concern or disruption;
- Broader postal security measures aimed at ensuring all incoming, outgoing and internal mail streams are managed to minimize the risk of loss or theft of valuable or sensitive items or information;
- A series of screening levels (1 to 5), increasing in complexity in line with measures required to protect against increased levels of threat/risk. These are complemented by a series of physical protection classes (A to D) describing incremental physical protective measures for mail rooms and personnel.
PAS 97:2015 is aimed at those responsible for planning, delivering or procuring mail handling and screening services within organizations, as well as commercial providers of such services.