摘要 :
On a weekly basis, the U.S. Postal Service (USPS) processes over one million packages destined to overseas locations. All international shipments being sent from the United States are subject to federal export laws. The USPS has e...
展开
On a weekly basis, the U.S. Postal Service (USPS) processes over one million packages destined to overseas locations. All international shipments being sent from the United States are subject to federal export laws. The USPS has extensive export compliance policies and screening procedures to ensure that customers comply with federal export laws. Compliance policies and screening procedures are expensive and time consuming, and can negatively affect the efficiency of international mail delivery services. The U.S. Postal Inspection Service (USPIS) has defined, developed, and successfully implemented an innovative approach for export screening that has drastically improved its efficiency, effectiveness, and accuracy. Having benefited from using concepts of operational resilience management to improve the security and resilience of USPS products and services, the USPIS team conducted its new export screening project using a structured and repeatable approach based on the CERT Resilience Management Model (CERT-RMM), developed by the Software Engineering Institute at Carnegie Mellon University. This report describes how the CERT-RMM enabled the USPIS to implement an innovative approach for achieving complex international mail export control objectives. The authors also discuss how this USPIS application of CERT-RMM might be equally applicable to other shipping and transportation sectors that are tasked with meeting export control objectives.
收起
摘要 :
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies als...
展开
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies also contribute to the security and resilience of the mode of transport used to carry mail and the protection of the global mail supply chain. Since 2011, the U.S. Postal Inspection Service (USPIS) has collaborated with the CERT Division at Carnegie Mellon University's Software Engineering Institute to improve the resilience of selected U.S. Postal Service (USPS) products and services. The CERT Resilience Management Model (CERT-RMM) and its companion diagnostic methods served as the foundational tool for this collaboration. This report includes one result of the USPIS/CERT collaboration. It is an extension of CERT-RMM to include a new mail-specific process area for the transportation of international mail. The purpose is to ensure that all international mail is transported in accordance with the standards established by the Universal Postal Union (UPU), which is the governing body that regulates the transportation of international mail.
收起
摘要 :
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies als...
展开
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies also contribute to the security and resilience of the mode of transport used to carry mail and the protection of the global mail supply chain. Since 2011, the U.S. Postal Inspection Service (USPIS) has collaborated with the CERT Division at Carnegie Mellon University's Software Engineering Institute (SEI) to improve the resilience of selected U.S. Postal Service (USPS) products and services. The CERT Resilience Management Model (CERT-RMM) and its companion diagnostic methods served as the foundational tool for this collaboration. This report includes one result of the USPIS/CERT collaboration. It is an extension of CERT-RMM to include a new mail-specific process area for the induction (acceptance) of mail into the U.S. domestic mail stream. The purpose is to ensure that mail is collected and accepted in accordance with USPS standards and requirements for the resilience of mail during the induction process.
收起
摘要 :
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies als...
展开
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting public and postal personnel, assets, and revenues. Such methodologies also contribute to the security and resilience of the mode of transport used to carry mail and the protection of the global mail supply chain. Since 2011, the U.S. Postal Inspection Service (USPIS) has collaborated with the CERT Division at Carnegie Mellon University's Software Engineering Institute (SEI) to improve the resilience of selected U.S. Postal Service (USPS) products and services. The CERT Resilience Management Model (CERT-RMM) and its companion diagnostic methods served as the foundational tool for this collaboration. This report includes one result of the USPIS/CERT collaboration. It is an extension of CERT-RMM to include a new mail-specific process area for revenue assurance. The purpose is to ensure that the USPS is compensated for all mail that is accepted, transported, and delivered.
收起
摘要 :
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting the public and postal employees, assets, and revenues. Such methodologies...
展开
Developing and implementing measurable methodologies for improving the security and resilience of a national postal sector directly contribute to protecting the public and postal employees, assets, and revenues. Such methodologies also contribute to the security and resilience of the mode of transport used to carry mail and the protection of the global mail supply chain. Since 2011, the U.S. Postal Inspection Service (USPIS) has collaborated with the CERT (registered trademark) Division at Carnegie Mellon University's Software Engineering Institute to improve the resilience of selected U.S. Postal Service (USPS) products and services. The CERT Resilience Management Model (CERT-RMM) and its companion diagnostic methods have served as the foundational tool for this collaboration. CERT-RMM is a capability-focused maturity model for improving an organization's management of operational resilience activities across the domains of security management, business continuity management, and aspects of information technology operations management. These improvements enable high-value services to meet their missions consistently and with high quality, particularly during times of stress and disruption. This report describes the USPIS/CERT collaboration, how CERT-RMM has been applied to meet USPIS project objectives, how project outcomes are improving the resilience of USPS products and services, and how similar use of CERT-RMM applies to other transportation-systems subsectors.
收起
摘要 :
The safety, security, and resilience of international postal, shipping, and transportation critical infrastructure are vital to the global supply chain that enables worldwide commerce and communications. But security on an interna...
展开
The safety, security, and resilience of international postal, shipping, and transportation critical infrastructure are vital to the global supply chain that enables worldwide commerce and communications. But security on an international scale continues to fail in the face of new threats. Owners and operators of critical postal, shipping, and transportation operations need new methods to identify, assess, and mitigate security risks and gaps in the most effective manner possible. The U.S. Postal Inspection Service, in collaboration with the Universal Postal Union (UPU) and the CERT (registered trademark) Division at Carnegie Mellon University's Software Engineering Institute, developed a physical security assessment method to identify gaps in the security of international mail processing centers and similar shipping and transportation processing facilities. This assessment method and its associated field instrument are designed to be repeatable, cost effective, scalable, accurate, meaningful, and transparent. Since the method uses UPU standards as its reference, it may be used by the international community to evaluate the security of postal administrations around the world. The method also can be applied to other types of critical transportation services, such as metropolitan transit systems. This report describes the history, development approach, field experiences, and benefits of this method.
收起
摘要 :
Organizations that are using the CERT. Resilience Management Model and organizations that are considering using it want information about the business value of implementing resilience processes and practices, and how to determine ...
展开
Organizations that are using the CERT. Resilience Management Model and organizations that are considering using it want information about the business value of implementing resilience processes and practices, and how to determine which ones to implement. This report describes the SEI research study that begins to address this need. It includes a discussion of the completed phase 1 study and a proposed phase 2 project. Phase 1 included forming a hypothesis and set of research questions and using a variety of techniques to collect data and evaluate whether resilience practices have a discernible (measurable) effect on operational resilience--that is, an organization's ability to continue to carry out its mission (provide critical services) in the presence of operational stress and disruption. The outcomes of phase 1 provide the foundation for the proposed phase 2. The longer term goal includes developing a quantitative, validated business case for prioritizing and implementing specific resilience practices, including decision criteria for selecting and measuring investments in improved resilience.
收起