Expert commentary

BS 10800:2020 – Code of Practice for the

provision of security services
Lynn Watts-Plumpkin, Chair GW/3
Overview
BS 10800:2020 has been implemented to bring the British Standards for the security services sector in line with the
International Standards, such as ISO 9001:2015, to enable organizations to easily integrate the codes of Practice into their
management systems, if required.
There is commonality across the suite of security services standards, which include door supervision, close protection, cash
in transit, security dogs, events security, CCTV management and operation, investigative services, provision of lone workers as
well as static site guarding, mobile patrols and keyholding, etc. Therefore, the committee decided to introduce the umbrella
standard format, which is the new BS 10800 – Provision of security services containing the generic information from each
standard, with individual sector-specific standards containing the specific elements of each sector. The format was well
received by the industry during the draft for public comment stage.
BS 10800 is seen as the strategic (umbrella) standard containing context of the organization, top management commitment,
risks and opportunities, support, operations and performance evaluation. This ensures that strategy, risk-based thinking and
the documented information are in place so that the foundations of the business are strong and maintained.
The sector-specific standards contain the unique information relevant to each sector and are considered to be best practice
for organizations. The typical information within the sector-specific standards covers organizational structure, finances,
insurance, documented information requirements, resources, premises, control/response room, staff, equipment and
uniforms, training, service delivery, site surveys, assignment instructions (AIs), performance evaluation and performance of
customer property. Additional information, pertaining to sector-specific sector requirements, is also included.
Each of the relevant security services standards, already in operation, will be updated to the sector-specific format at the due
date of revision.

Reasons for change

The main reason for the change and introduction of the new services standards is to update the current format and to
remove the duplication from the codes of Practice so that organizations, which operate in more than one sector, adhere
to the umbrella standard BS 10800 – Provision of security services, plus the relevant specific information for their sector.
Annex A shows the security services standards hierarchy.
For a large number of security service companies who hold management systems standards, this will provide the additional
benefit of aiding integration with the International Standards.
The majority of the security services standards will be updated into the new format, with the exception of standards such
as the vetting and screening standard which relates to the screening of individual working in a secure environment BS
7858:2019 which remains a stand-alone code of practice and is a normative reference for the front-line security services
standards.

Summary
• One umbrella standard detailing the generic information for each of the security services standards
• Sector-specific codes of practice e.g. BS 7499, BS 7984, BS 7960 etc.
• Updated format to allow better integration with the International Standards, such as ISO 9001:2015 Quality Management
System standard

Main commentary
The introduction to BS 10800 details the way an organization can manage the provision of security services at a strategic
level. The code of practice follows the high-level structure of the ISO standards, i.e. ISO 9001:2015. The scope gives
recommendations for the management, staffing and operation of an organization providing security services.

2 © The British Standards Institution 2020 Visit bsigroup.com

The standard includes the strategic and generic information for security service organizations (such as context of the
organization, management commitment, planning and support), operation of the security service provider and performance
evaluation and lays out best practice.
Those organizations that already work to the management systems standards, i.e. ISO 9001:2015 quality management
systems, will be familiar with the requirements of a management system standard as follows:
• Context of the organization requires organization to determine the external and internal issues that could affect the
strategic direction.
• Internal issues could include staff performance, competence, culture, infrastructure and overall performance of the
organization.
• Organizations often conduct a PESTLE analysis (political, economic, social, technological, legal, environmental analysis)
and a SWOT analysis (strengths, weaknesses, opportunities, threat) to identify the external issues.
• Interested parties can include staff, customers, stakeholders, regulators, insurers, financial institutions, e.g. banks or
building societies, suppliers, competitors and any other business that has a vested interest in the organization.

BS 10800 requires top management, i.e. the individual or group of people that control the strategic direction of the
organization, to be accountable and demonstrate leadership and commitment by setting SMART objectives (specific,
measurable, achievable, relevant and time bound), such as the organization aims to maintain customer satisfaction at 85% or
above. This can be achieved and measured by sending out customer satisfaction surveys that have a score, e.g. 0 = poor, 1 =
substandard, 2 = below average, 3 = average, 4 = very good, 5 = excellent, which can be measured against a set of questions
against staff performance, knowledge of customer requirements, relationship with office, response from leaders, etc.
Top management are also required to show their commitment to ensure that there are sufficient resources and
infrastructure in place to meet the requirements, to monitor and manage the service delivery to the sector-specific codes of
practice and to ensure the customers and regulatory requirements are met and promoting continual improvement.
Risks and opportunities can be achieved through the SWOT analysis mentioned above, with the addition of consideration of
controls and mitigation to address any issues or shortfalls identified or which have occurred.
BS 10800 details that the organization should be aware of the customers’ security risks and threats to ensure that the
organization and staff understand the requirements and agree an appropriate approach to safeguarding customer’s assets.
The organization should take this into account when deciding on the level of service provision through site surveys, risk
assessments and site or operational instructions such as AIs or standing operational procedures or work instructions, etc.
BS 10800 requires an organization to consider the internal and external communications relevant to the business, including
what, when, how and with whom it communicates. To meet this area the organization could set up a newsletter or set up
a company-specific social media platform to communicate to staff. The website could be used to communicate to other
interested parties, as well as email and via the telephone.
Documented information specified in BS 10800 relates to the organization’s documents, to ensure the documents are
controlled, clear, relevant, fit for purpose and the most up-to-date version is available at the point of use. In addition to this
the standard requires that the changes are controlled and correctly issued to the relevant persons. BS 10800 recommends
that documents which have been replaced or are no longer in use are identified, e.g. marked obsolete, clearly indexed and
archived.
Annex A of BS 10800 is normative and details the terms and conditions of employment, disciplinary and grievance code and
health. A normative reference means that an organization is required to follow the requirements of the annex.
The rest of the clauses within BS 10800 are similar to those that are already in existence within the code of practice or are
self-explanatory and therefore additional guidance has not been deemed necessary.

Wider context
The new standards layout will assist with the integration of the management system standards, where relevant, and enable
both a strategic standard – the umbrella standard BS 10800 – and a sector-specific standard, such as BS 7499, allowing
companies to purchase additional standards without having to pay for duplicated information.

Visit bsigroup.com © The British Standards Institution 2020 3

The British Standards are written by industry for industry and everyone has the opportunity to comment on the standards
before they are released via the BSI Standards Development website as the standards go through a draft for public comment
stage.
For organizations which operate in more than one sector, or which are venturing into additional sectors, the introduction
of a suite of standards under the umbrella standard BS 10800 will mean that if they hold approval to BS 10800 and one
sector-specific standard, e.g. BS 7499:2020, they will need to comply only with the additional sector-specific elements, e.g.
BS 7984-3, etc.

Conclusion
The introduction of BS 10800 – The provision of security services code of practice, although quite radical, has introduced a
strategic standard and sector-specific standards which may be better understood by clients, as the codes of practice are now
based on the high-level structure of the International Standards and many clients will be familiar with the ISO layout. All new
security services standards will follow this new format, if appropriate.
To achieve approval to the codes of practice, organizations will need to meet the requirements of both BS 10800 the
umbrella standard and the relevant sector-specific code of practice, see Annex A, apart from BS 7858:2019 which remains as
a stand-alone code of practice.
The codes of practice, which have not been updated since the release of BS 10800, will remain stand-alone codes of practice
until they are updated to the new format.
The next standards which are currently being drafted to the new format are BS 10600 – Provision of enforcement services
and BS 8406 – Event stewarding and crowd control.

Further reading
Annex A. Umbrella and sector-specific standards hierarchy
BS 16000, Security Management – Strategic and Operational Guidelines
PD ISO/TS 9002:2016, Quality Management Systems – Guidelines for the Application of ISO 9001:2015

4 © The British Standards Institution 2020 Visit bsigroup.com

 Author
Lynn Watts-Plumpkin has worked in the security industry for over 35 years. Since her induction, as a
Security Operator for J Sainsbury, she has embraced many facets of the security world, most notably
Static Site Guarding and Private Investigation. Lynn first became involved with the Security Services
Standards during her employment with SSAIB and, since 2002, she has worked both as an assessor for
various certification bodies and as a Scheme Manager responsible for the SIA Approved Contractors
Scheme (ACS) and the Management Systems Standards. Recently, Lynn was one of the first auditors
to conduct assessments overseas in Iraq for PSC-1 and ISO 18788 – the standard for private security
companies working in areas of conflict.
 Lynn is a Fellow of the Security Institute and the International Institute of Risk and Safety Managers and chairs the
GW/3 committee which is the body responsible for the Security Services Standards, Security Management and Planning
Standards and Supply Chain Security Standards, which cover over 35 British or International Standards. Her current role
is conducting SIA, ACS and management systems audits, both in the UK and overseas, she is also working on an overseas
Government project which is security and standards related.

Peer reviewer
  Michael White, Head of Risk, Compliance and Assurance (UK and Ireland), G4S Secure Solutions (UK) Ltd

 Disclaimer
 This commentary is commissioned text from expert authorities in their industry. It has been commissioned, edited and peer-reviewed before publication
but remains the personal opinion of the individual experts who have provided it. It is not official British Standards guidance. Accordingly, BSI cannot
accept liability for any direct or indirect loss or damage arising from a reliance on the commentary except to the extent that such liability may not be
excluded by law.

Visit bsigroup.com © The British Standards Institution 2020 5

Annex A. GW/3 standards hierarchy

BSI Group
389 Chiswick High Road
London, W4 4AL
United Kingdom Buy your copy of BS 10800
T: +44 345 086 9001
E: cservices@bsigroup.com
now at: shop.bsigroup.com
bsigroup.com