ISO/TMBG

Project No.IWA 37-2:2022
Title<p>This document specifies minimum requirements for the security of sites and facilities that handle cannabis and cannabis products for the purposes of cultivation (indoor and outdoor), processing, storage/distribution, transportation, retail sales, and research and testing, in order to prevent harm and/or unauthorized access to assets including (but not limited to):</p> <p>—    physical assets;</p> <p>—    personnel;</p> <p>—    cannabis and cannabis products;</p> <p>—    records and information.</p> <p>NOTE      Premises covered in this document include indoor and outdoor cultivation, processing/production facilities and retail stores.</p> <p>The overall security programme and individual security measures addressed in this document incorporate three types:</p> <ol> <li>a) physical controls;</li> <li>b) technical controls;</li> <li>c) administrative controls.</li> </ol> <p>This document specifies minimum requirements for general security of cannabis and cannabis products, up to and including:</p> <p>—    physical security design/measures intended to deny, deter, delay, respond to, and recover from unauthorized access;</p> <p>—    design, installation and maintenance of electronic security systems intended to restrict access, detect intrusion and visually monitor/record activity in security-sensitive areas;</p> <p>—    procedural security measures intended to instruct day-to-day security activities, both routine and emergency, across an organization;</p> <p>—    personnel security measures intended to ensure all personnel attending the facility are properly screened, instructed and trained in security awareness;</p> <p>—    the monitoring of the security status of cannabis and cannabis products throughout the product lifecycle, from cultivation to retail sale, including transportation.</p> <p>This document provides guidelines for:</p> <p>—    the installation, maintenance and inspection of physical and electronic premises security and cybersecurity systems;</p> <p>—    the implementation of information security governance at organizational level to include policies, procedures, and standards to protect the confidentiality, integrity and availability of records and information.</p> <p>All requirements in this document are generic and intended to be applicable to all organizations in the cannabis supply chain, regardless of size and/or complexity.</p>
Registration number (WIID)84024
Scope<p>This document specifies minimum requirements for the security of sites and facilities that handle cannabis and cannabis products for the purposes of cultivation (indoor and outdoor), processing, storage/distribution, transportation, retail sales, and research and testing, in order to prevent harm and/or unauthorized access to assets including (but not limited to):</p> <p>—    physical assets;</p> <p>—    personnel;</p> <p>—    cannabis and cannabis products;</p> <p>—    records and information.</p> <p>NOTE      Premises covered in this document include indoor and outdoor cultivation, processing/production facilities and retail stores.</p> <p>The overall security programme and individual security measures addressed in this document incorporate three types:</p> <ol> <li>a) physical controls;</li> <li>b) technical controls;</li> <li>c) administrative controls.</li> </ol> <p>This document specifies minimum requirements for general security of cannabis and cannabis products, up to and including:</p> <p>—    physical security design/measures intended to deny, deter, delay, respond to, and recover from unauthorized access;</p> <p>—    design, installation and maintenance of electronic security systems intended to restrict access, detect intrusion and visually monitor/record activity in security-sensitive areas;</p> <p>—    procedural security measures intended to instruct day-to-day security activities, both routine and emergency, across an organization;</p> <p>—    personnel security measures intended to ensure all personnel attending the facility are properly screened, instructed and trained in security awareness;</p> <p>—    the monitoring of the security status of cannabis and cannabis products throughout the product lifecycle, from cultivation to retail sale, including transportation.</p> <p>This document provides guidelines for:</p> <p>—    the installation, maintenance and inspection of physical and electronic premises security and cybersecurity systems;</p> <p>—    the implementation of information security governance at organizational level to include policies, procedures, and standards to protect the confidentiality, integrity and availability of records and information.</p> <p>All requirements in this document are generic and intended to be applicable to all organizations in the cannabis supply chain, regardless of size and/or complexity.</p>
StatusStandarts spēkā
ICS group13.310
65.020.20