The biorisk management system:

• establishes the biorisk management principles that enable laboratories and related facilities to achieve their biosafety and biosecurity objectives;
•  defines the essential components of a biorisk management system framework to be integrated into a laboratory or other related organization’s overall governance, strategy and planning, management, reporting processes, policies, values, and culture;
• describes a comprehensive biorisk management process that mitigates biorisks (biosafety and biosecurity risks); and
• provides guidance on the implementation and use of the standard, where appropriate.

The biorisk management system is based on a management system approach, which enables an organization to effectively identify, assess, control, and evaluate the biosafety and biosecurity risks inherent in its activities. As such, this document is intended to define requirements for a biorisk management system that is appropriate to the nature and scale of any organization. The biorisk management system is built on the concept of continual improvement through a cycle of planning, implementing, reviewing, and improving the processes and actions that an organization undertakes to meet its goals. This is known as the Plan-Do-Check-Act (PDCA) principle:

The PDCA model is an iterative process used by organizations to achieve continual improvement of processes and products. It can be applied to a biorisk management system, and to each of its individual elements, as follows:

•  Plan: establish objectives, programmes, and processes necessary to deliver results in accordance with the organization’s biorisk management policy;
• Do: implement the processes as planned;
• Check: monitor and measure activities and processes with regard to the biorisk management policy and objectives, and report the results;
• Act: take actions to continually improve the biorisk management performance to achieve the intended outcomes.