ISO 18788-2015 PDF

Full title and description

ISO 18788:2015 — Management system for private security operations — Requirements with guidance for use. Provides a management-system framework for organisations that conduct or contract private security operations, enabling them to plan, operate, monitor and improve security operations in a way that is consistent with applicable law and respect for human rights.

Abstract

ISO 18788:2015 specifies requirements and guidance for a Security Operations Management System (SOMS). The standard sets out principles and auditable requirements for governance, risk management, operational controls (including use-of-force and weapons management), incident reporting and investigation, competence and training, subcontractor management, and continual improvement. It is written to be applied by organisations of any size that provide or contract private security services and can be integrated with other management systems (e.g., quality, safety, resilience, environment, information security).

General information

• Status: Published (confirmed).
• Publication date: September 2015 (2015-09).
• Publisher: International Organization for Standardization (ISO).
• ICS / categories: 03.080.20; 03.100.70; 13.310.
• Edition / version: Edition 1 (2015).
• Number of pages: 98 pages.

Scope

Specifies requirements and guidance for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an SOMS for organisations conducting or contracting private security operations. Applicable to a wide range of security activities (static guarding, mobile patrols, close protection, detention operations, law-enforcement support, weapons and hazardous material management, and related support functions). Emphasises conformity with applicable laws and recognized human-rights principles, and supports alignment with instruments such as the Montreux Document and international codes of conduct. Designed for integration with other management-system standards.

Key topics and requirements

• Structure of an SOMS: context, leadership, planning, support, operation, performance evaluation and improvement.
• Risk assessment and risk treatment specifically tailored to security operations and human-rights risks.
• Legal and regulatory compliance plus respect for human rights and accountability mechanisms.
• Operational controls: norms of behaviour, use-of-force continuum, weapons authorisation and control, detention and search procedures.
• Incident reporting, investigation, corrective action and lessons learned.
• Competence, training, fitness for duty and contractor/subcontractor management.
• Monitoring, measurement, internal audit and management review for continual improvement.
• Integration capability with other management systems (e.g., ISO 9001, ISO 22301, ISO 14001, ISO/IEC 27001).

Typical use and users

Used by private security companies, security services divisions within organisations, contractors and subcontractors providing security services, risk managers, procurement teams (client organisations), third‑party certification bodies, auditors and consultants who design, implement or evaluate security operations management systems. Also used by governments and contracting authorities as a specification for responsible procurement of security services.

Related standards

ISO 18788 is commonly used alongside ISO 9001 (quality), ISO 22301 (business continuity/resilience), ISO 45001 (occupational health & safety), ISO 14001 (environmental), and ISO/IEC 27001 (information security). The published amendment ISO 18788:2015/Amd 1:2024 (Climate action changes) modifies the base 2015 text to address climate-related aspects; the standard also references international instruments such as the Montreux Document and the International Code of Conduct for private security providers.

Keywords

private security, security operations management system (SOMS), risk management, use of force, human rights, governance, incident management, competency, subcontractor management, ISO 18788, security standards.

FAQ

Q: What is this standard?

A: An international management‑system standard specifying requirements and guidance for organisations that conduct or contract private security operations, aimed at ensuring lawful, accountable and human‑rights‑respecting security services.

Q: What does it cover?

A: Governance and leadership for security operations, risk assessment and treatment, operational controls (including use‑of‑force and weapons management), incident reporting and investigation, competence and training, subcontractor management, monitoring, audit and continual improvement.

Q: Who typically uses it?

A: Private security companies, in‑house security units, contracting authorities, risk and compliance managers, auditors, certification bodies and consultants involved in security operations.

Q: Is it current or superseded?

A: The original ISO 18788:2015 edition (published September 2015) remains the current base standard; it was confirmed in ISO review processes and has an issued amendment (ISO 18788:2015/Amd 1:2024) published in February 2024 addressing climate‑related changes. Organisations should apply the 2015 edition together with any applicable amendment(s) when implementing or certifying against the standard.

Q: Is it part of a series?

A: It is a standalone international standard for security‑operations management but is intended to be compatible with, and easily integrated into, other ISO management‑system standards (e.g., ISO 9001, ISO 22301, ISO 45001, ISO/IEC 27001).

Q: What are the key keywords?

A: private security, security operations, SOMS, risk management, use of force, human rights, governance, incident management.