A Security Management Plan (SMP) is a widely used (often mandated) security document, that is an integral part to winning and maintaining government contracts. There are few new contracts or contract renewals being let today, that do not have this as a prerequisite.
These SMP’s can vary from very short, easily achieved documents, to quite complex pieces of work. Some of the factors that will shape the size of the document and the effort you need to put into producing one, will be dependent upon a number of different factors. These might be, the classiﬁcation of the task, the urgency of the task, the location of the task, the complexity of the task, having appropriately cleared staff, and its relative value in monetary terms.
For contract award you may also need Cyber Certiﬁcation such as Cyber Essentials, IASME Governance or ISO27001, plus appropriate staff recruitment processes in place, using schemes such as Baseline Personnel Security Standard (BPSS), appropriately cleared staff, and accredited systems and premises in place.
SMP Risk Managed partners have helped many companies overcome these contractual security hurdles and win successive contracts.