Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Business Continuity Management (BCM)

advertisement 
Business Continuity Management (BCM)
Objective
The objective of business continuity management is to counteract interruptions to business
activities and to protect critical business processes from the effects of major failures or
disasters. A business continuity management process should be implemented - is actually
required to be implemented by ISO17799 - to reduce the disruption caused by disasters and
security failures (which may be the result of, for example, natural disasters, accidents,
equipment failures, and deliberate actions) to an acceptable level through a combination of
preventative and recovery controls. The consequences of disasters, security failures and loss
of service should be analysed. Contingency plans should be developed and implemented to
ensure that business processes can be restored within the required time-scales. Such plans
should be maintained and practised to become an integral part of all other management
processes. Business continuity management should include controls to identify and reduce
risks, limit the consequences of damaging incidents, and ensure the timely resumption of
essential operations.
Model Approach
Fig 1: BCI Model for Business Continuity Management
Business Continuity Management can be a complex process. This has been recognised by
the Business Continuity Instutitute who have established a 10 - point model (see Fig.1) for
developing effective business continuity management strategies:
1. Project Initiation and Management
To establish the need for a business continuity plan (BCP), including obtaining
management support and organising and managing the project to completion, within
agreed time and budget limits.
2. Risk Evaluation and Control
To determine the events and environmental surroundings that can adversely affect
the organisation and its facilities with disruption as well as disaster, the damage such
events can cause, and the controls needed to prevent or minimise the effects of
potential loss. Provide cost-benefit analysis to justify investment in controls to mitigate
risk.
3. Business Impact Analysis
To identify the impacts resulting from disruptions and disaster scenarios that can
effect the organisation and techniques that can be used to quantify and qualify such
impacts. Establish critical functions, their recovery priorities, and inter-dependencies
so that recovery time objectives can be set.
4. Developing Business Continuity Strategies
To determine and guide the selection of alternative business recovery operating
strategies for recovery of business functions and IT within the recovery time
objectives, while maintaining the organisation's critical functions.
5. Emergency Response and Operations
Develop and implement procedures for responding to and stabilising the situation
following an incident or event, including establishing and managing an Emergency
Operations Centre, to be used as a command centre during the emergency.
6. Developing and Implementing Business Continuity Plans
To design, develop and implement the BCP that provides recovery within the
recovery time objective.
7. Awareness and Training Programmes
To prepare a programme to create corporate awareness and enhance the skills
required to develop, implement, maintain and execute the BCP.
8. Maintaining and Exercising Business Continuity Plans
To pre-plan and co-ordinate plan exercises, and evaluate and document plan
exercise results. Develop processes to maintain the currency of continuity capabilities
and the plan document in accordance with the organisation's strategic direction.
Verify that the plan will prove effective by comparison with a suitable standard, and
report results in a clear and concise manner.
9. Public Relations and Crisis Co-ordination
To develop, co-ordinate, evaluate and exercise plans to handle the media during
crisis situations. To develop, co-ordinate, evaluate and exercise plans to
communicate with and, as appropriate, provide trauma counselling for employees and
their families, key customers, critical suppliers, owners/stockholders and corporate
management during crisis. Ensure all stakeholders are kept informed on an asneeded basis.
10. Co-ordination with Public Authorities
To establish applicable procedures and policies, for co-ordinating continuity and
restoration activities with local authorities while ensuring compliance with applicable
statutes or regulations.
Checklists
As a guide to progress of the BCM programme, and to ensure that each of the ten points of
the model have been comprehensively addressed, checklists have been produced for each
point, and these may be accessed by clicking on the appropriate heading below:
 Project Initiation and Management
Word (37kb)
PDF (181kb)
 Risk Evaluation and Control
Word (51kb)
PDF (219kb)
 Business Impact Analysis
Word (43kb)
PDF (255kb)
 Developing Business Continuity Strategies
Word (38kb)
PDF (174kb)
 Emergency Response and Operations
Word (41kb)
PDF (180kb)
 Developing and Implementing Business Continuity
Plans
Word (67kb)
PDF (294kb)
 Awareness and Training Programmes
Word (23kb)
PDF (104kb)
 Maintaining and Exercising Business Continuity Plans
Word (55kb)
PDF (314kb)
 Public Relations and Crisis Co-ordination
Word (26kb)
PDF (113kb)
 Co-ordination with Public Authorities
Word (26kb)
PDF (108kb)
Business Continuity Planning Manual
Organisations are invited to use the manual (which it represents a compilation of existing best
practice, guidance and standards)to assist them in developing and implementing Business
Continuity Plans ("buyer beware") and submit any comments they may have to the ISO17799
Project Team.
The document is available in both
PDF (349kb) and
RTF (Zipped) (145kb) formats.
BCM Evaluation Tool
The Business Continuity Institute (BCI) has developed a Business Continuity Evaluation Tool
which assists in measuring progress with respect to the development and implementation of
Business Continuity Plans. The tool may be downloaded from the "Evaluation Criteria" web
page . Planners will find this a most useful benchmarking aid
Training
A Business Continuity Management training package is currently being compiled by the Risk
Management Team
Links
Business Continuity Institute
Globalcontinuity.com provides updates and news relating to business continuity planning and
management.
Related documents
Unit 10: Course Summary and Final Exam
Unit 10: Course Summary and Final Exam
Continuity Formal Approach
Continuity Formal Approach
Battle Box - ABC Solutions
Battle Box - ABC Solutions
Lecture 7 - mh-lectures.co.uk
Lecture 7 - mh-lectures.co.uk
Business Continuity Management
Business Continuity Management
Continuity of Operations Planning Training Recommendations Lee
Continuity of Operations Planning Training Recommendations Lee
Get Your Company in this GUIDE! Act Now! Would you like to have
Get Your Company in this GUIDE! Act Now! Would you like to have
Digital Continuity Framework Supplier Project Assessment
Digital Continuity Framework Supplier Project Assessment
Spring Break Homework
Spring Break Homework
Scientific abstract
Scientific abstract
Download
advertisement