ISO 22379:2022

INTERNATIONAL ISO
STANDARD 22379
First edition
2022-09
Security and resilience — Guidelines
for hosting and organizing citywide or
regional events
Reference number
ISO 22379:2022(E)
© ISO 2022

---------------------- Page: 1 ----------------------
ISO 22379:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO 22379:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Responsible entities and key areas . 3
4.1 General . 3
4.2 Administration and management. 4
4.3 Facilities and locations . 4
4.4 Critical infrastructure and communication . 5
4.5 Safety and security . 5
4.6 Information security and privacy management . 6
4.7 Business and service continuity . 6
4.8 Transportation and supply . 7
4.9 Information and support . 8
4.10 Marketing and promotion. 8
4.11 Environment and heritage sites . 9
4.12 Event legacy development . 9
4.13 Re-establishment and normalization . 10
4.14 Cost and funding . 10
5 Hosting and organizing process .10
5.1 General . 10
5.2 Identification .12
5.2.1 General .12
5.2.2 Host and organizer entities .12
5.2.3 Event content and extent .12
5.2.4 Requirements and specifications . 13
5.2.5 Experiences and lessons identified . 13
5.2.6 Applications and permissions . 13
5.2.7 Responsibilities and necessities . 14
5.2.8 Interested parties and partners . 15
5.2.9 Decision criteria . 15
5.3 Pre-study . 17
5.3.1 General . 17
5.3.2 Event description . 17
5.3.3 Event agreement . 17
5.3.4 Preliminary management plans . 18
5.3.5 Assessment of requirements . 19
5.3.6 Capability assessment . 19
5.3.7 Preliminary risk assessments . 20
5.3.8 Assessment of information activities . 22
5.3.9 Assessment of dissolutions activities . 22
5.3.10 Assessment of added value. 23
5.3.11 Assessment of financial impact . 23
5.3.12 Endorsement of interested parties . 24
5.4 Decision . 24
5.4.1 General . 24
5.4.2 Decision-making authority . 25
5.4.3 Decision-making documentation . 25
5.4.4 Documentation of decision . 25
5.4.5 Funding and insurances. 25
5.4.6 Allocated responsibilities . 26
iii
© ISO 2022 – All rights reserved

---------------------- Page: 3 ----------------------
ISO 22379:2022(E)
5.4.7 Applications and permissions . 26
5.4.8 Information and requests. 26
5.5 Planning . 26
5.5.1 General . 26
5.5.2 Management plans .26
5.5.3 Detailed assessments .28
5.5.4 Detailed plans .28
5.5.5 Interdisciplinary cooperation .29
5.5.6 Training . 29
6 Execution .30
7 Post-event evaluation .30
7.1 General .30
7.2 Information gathering .30
7.3 Assessments . .30
7.4 Lessons identified . 30
7.5 Documentation . 31
7.6 Research . 31
8 Event legacy development .31
8.1 General . 31
8.2 Tangible event legacy . 31
8.3 Intangible event legacy . 32
Bibliography .34
iv
  © ISO 2022 – All rights reserved

---------------------- Page: 4 ----------------------
ISO 22379:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 292, Security and resilience.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO 2022 – All rights reserved

---------------------- Page: 5 ----------------------
ISO 22379:2022(E)
Introduction
Cities, regions and countries support the hosting of high-profile public events as a means of attracting
national and international attention to opportunities for business, citywide or regional development,
population growth and tourism.
Large events, such as national or international sporting championships, cultural or societal
arrangements, conferences and exhibitions, or entertainment concerts, deliver significant direct and
indirect economic benefits to the host city, region or country, when effectively arranged.
Commensurate with the opportunities for development and growth, the demands of hosting extensive
events are accompanied by a range of financial, commercial and operational risks to the city, region or
country, which need to be responsibly managed.
The nature of extensive and complex events is such that the overall level of risk of the city or region will
be influenced prior to the event, during the event and post event. The level of risk to the city or region
from existing hazards and threats can be affected by the event, conversely, the city or regions current
level of risk can influence, either positively or negatively, the level of risk of the event activities.
Both the level of risk of the event and the level of risk of the host city, region or country, and their
interdependency, will need assessments to determine that the most effective risk management
strategies are implemented to execute a successful event.
This document has been developed as guidance for cities, regions and countries to manage large events
and minimize the impact on public finance, support infrastructure and community services in hosting
extensive events.
This document provides guidance to event hosts and organizers to identify, assess and evaluate
identified hazards and threats that can impact upon an event, and taken into consideration prior to
decisions being taken to host or organize an event, and how risks can be treated.
This document contains best practice initiatives for the delivery of safe, secure and sustainable events,
and provide a systematic process and framework for collaboration between an event host and an event
organizer in the preparation and realization of high-profile public events.
This document provides guidelines for any organization, public or private, responsible for hosting or
organizing a citywide or regional event and can be used by any organization engaged in the preparation
and realization of high-profile public events.
vi
  © ISO 2022 – All rights reserved

---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 22379:2022(E)
Security and resilience — Guidelines for hosting and
organizing citywide or regional events
1 Scope
This document gives guidance on hosting and organizing citywide or regional events.
It provides principles applicable to any host and organizer of citywide or regional events.
This document will help hosts and organizers to plan and execute a safe, secure and sustainable event
by:
— introducing a process for cooperation between the host and organizer;
— identifying and involving relevant interested parties;
— identifying the economic, environmental and societal impact caused by the event;
— establishing necessary measures to manage risks introduced by or affecting the event;
— establishing necessary measures to deliver the event;
— providing critical services to the public and to the event;
— providing interested parties and the public with information;
— providing future hosts and organizers of similar events with lessons identified;
— introducing an event legacy plan consistent with the long-term objectives for the city or region.
This document is general and strategic and does not include detailed descriptions or how to plan and
execute specific tasks.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 22300, Security and resilience — Vocabulary
ISO 31000, Risk management
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22300, ISO 31000 and the
following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
1
© ISO 2022 – All rights reserved

---------------------- Page: 7 ----------------------
ISO 22379:2022(E)
3.1
host
public entity or organization responsible to ensure that the event (3.5) is executed in surroundings
sufficiently prepared for the event as planned and in compliance with current legislations, guidelines
and agreements
3.2
hosting
official activities related to the event (3.5) performed by the host (3.1)
3.3
organizer
private or public entity or organization responsible to ensure that the event (3.5) is executed as planned
and in compliance with current legislations, guidelines and agreements
3.4
organizing
activities related to the event (3.5) performed by the organizer (3.3)
3.5
event
planned gathering with respect to time and a place where an experience is created and/or a message is
communicated
[SOURCE: ISO 20121:2012, 3.8]
3.6
citywide event
event (3.5) in one or several locations within a single jurisdiction which impacts (3.8) city infrastructure
and citizens
3.7
regional event
event (3.5) in one or several locations throughout multiple jurisdictions which impacts (3.8)
infrastructures and citizens
3.8
impact
positive or negative change to society, economy or the environment, wholly or partially resulting from
past and present decisions and activities
Note 1 to entry: For the purpose of this document, the term “impact” refers to negative change and positive
change is referred to as added value.
[SOURCE: ISO 20121:2012, 3.44, modified — Note 1 to entry has been added.]
3.9
event rights holder
legal entity either holding or authorized to use one or more intellectual property rights
[SOURCE: ISO 22300:2021, 3.214, modified — “event” has been added to the term.]
3.10
contingency
preparation for and handling of unwanted situations
Note 1 to entry: Unwanted situations in this context are situations where remedial actions are considered
implemented or implemented
Note 2 to entry: Remedial actions relate to extraordinary response and do not include activities and actions
which are part of a daily operational follow-up, e.g. daily non-conformance handling.
2
  © ISO 2022 – All rights reserved

---------------------- Page: 8 ----------------------
ISO 22379:2022(E)
4 Responsible entities and key areas
4.1 General
There are two responsible entities in the preparation and realization of an event:
— the host;
— the organizer.
The host and the organizer should be mutually responsible to ensure the planning and execution of the
event is in alignment with:
— human rights as determined by the United Nations;
— the United Nations Sustainable Development Goals;
— applicable working regulations;
— applicable anti-corruption regulations.
Both the host and the organizer should plan, document and communicate to the public how they ensure
alignment with these fundamental regulations in all parts of the preparation to and realization of the
event.
Only one public entity should be the responsible host.
When an event is hosted by several cities or regions, each city or region should appoint a responsible
host.
The host should be responsible for all other public or private entities involved in the hosting of the
event, and responsible towards any superior authorities who have interests involved in the event.
Only one entity should be the responsible organizer.
If the host city or region acts as both the host and the organizer, these roles should be separated and
handled by two different entities in alignment with this document.
When an event is organized in several cities or regions, each city or region should have an official
responsible organizer.
The organizer should be responsible for all its subcontractors and other entities involved in the
organizing of the event, and responsible towards any superior private or public entity who has interests
involved in the event.
EXAMPLE Superior or public entities who have interests in the event can be event rights holders or national
and/or international committees/federations/associations, etc.
The host and the organizer should be the responsible entities for all official mutual agreements
regarding the event.
Any agreements with an event rights holder which identifies rights or responsibilities should be
included in the official agreement between the host and the organizer.
Both the host and the organizer should consider the following key areas in accordance with this
document, to ensure the preparation and realization of a safe, secure and sustainable event:
— administration and management (see 4.2);
— facilities and locations (see 4.3);
— critical infrastructure and communication (see 4.4);
3
© ISO 2022 – All rights reserved

---------------------- Page: 9 ----------------------
ISO 22379:2022(E)
— safety and security (see 4.5);
— information security and privacy management (see 4.6);
— business and service continuity (see 4.7);
— transportation and supply (see 4.8);
— information and support (see 4.9);
— marketing and promotion (see 4.10);
— environment and heritage sites (see 4.11);
— event legacy development (see 4.12);
— re-establishment and normalization (see 4.13);
— cost and funding (see 4.14).
The host and the organizer should within their responsibilities assess and manage all risks related to
the key areas.
Both the host and the organizer should consider the key areas separately, to manage the influence on
their own responsibilities, and together, to identify, coordinate and manage how they influence and
depend on their mutual responsibilities.
4.2 Administration and management
The host and organizer should consider the key area “administration and management” in the
preparation and realization phase of the event, see Table 1 for requirements.
Table 1 — Requirements for administration and management
Host Organizer
For the host, administration and management, prior to, For the organizer, administration and management,
during and after the event, include: prior to, during and after the event, include:
a) establishing a robust and competent organization a) establishing a robust and competent organization
suitable to manage the host’s responsibilities; suitable to manage the organizer’s responsibilities;
b) ensuring necessary host interested parties b) ensuring necessary organizer interested parties
involvement; involvement;
c) activities to facilitate for the event; c) activities to facilitate for the event;
d) activities to perform in compliance with the host’s d) activities to perform in compliance with the
responsibilities; organizer’s responsibilities;
e) host hospitality activities. e) organizer hospitality activities.
4.3 Facilities and locations
The host and organizer should consider the key area “facilities and locations” in the preparation and
realization phase of the event, see Table 2 for requirements.
4
  © ISO 2022 – All rights reserved

---------------------- Page: 10 ----------------------
ISO 22379:2022(E)
Table 2 — Requirements for facilities and locations
Host Organizer
For the host, facilities and locations, to be used prior to For the organizer, facilities and locations, to be used
and during the event, include: prior to and during the event, include:
a) existing or new facilities and locations; a) existing or new venues and installations;
b) accommodation for human host resources; b) existing or new public arenas;
c) administrative facilities for the host organization. c) accommodation for participants, delegations,
visitors, media officials and human event
resources;
d) administrative facilities for the organizer
organization.
4.4 Critical infrastructure and communication
The host and organizer should consider the key area “critical infrastructure and communication” in the
preparation and realization phase of the event, see Table 3 for requirements.
Table 3 — Requirements for critical infrastructure and communication
Host Organizer
For the host, critical infrastructure and communica- For the or
...