Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Document

advertisement 
• Business Continuity Management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
1
ISO/IEC 22301:2012 (replacement of BS25999:2007) Societal Security - Business
Continuity Management Systems Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
1
BS 25999-1:2006 Business
Continuity Management
Part 1: Code of practice
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
BS 25999-2:2007
Business Continuity
Management Part 2:
Specification
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief governance officer
The heads of several governance-related
functions may report to the CGO, including
community relations / public affairs, corporate
strategy, business continuity management,
business performance management,
compliance management / internal controls,
corporate communication, corporate
philanthropy, enterprise risk management,
ethics management, internal audit, investor
relations, legal services, stakeholder
management and sustainability management
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Deloitte - Services
Audit and Enterprise Risk Services:
Provides the organization's traditional
accounting and audit services, as well
as offerings in enterprise risk
management, information security
and privacy, data quality and
integrity, project risk, business
continuity management, internal
auditing and IT control assurance.
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27002 - Outline for ISO27002:2013
1
Information security aspects of business
continuity management - Information
security continuity and Redundancies
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27002 - Outline for ISO27002:2005
1
14. Business continuity management –
protecting, maintaining and recovering
business-critical processes and systems
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2013 - Structure of the standard
1
This structure mirrors the structure of other
new management standards such as ISO
22301 (business continuity management);
this helps organisations who aim to
comply with multiple standards, to improve
their IT from different perspectives.
Annexes B and C of 27001:2005 have
been removed.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2013 - Controls
1
A.17: Information security aspects
of business continuity management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2005
Business continuity management protecting, maintaining and recovering
business-critical processes and systems
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT risk - ISO
1
Topic: Standard containing generally
accepted guidelines and general
principles for initiating, implementing,
maintaining, and improving information
security management in an
organization, including business
continuity management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT risk - BSI
1
The standard is intended as a code of
practice for business continuity
management, and will be extended by a
second part that should permit
accreditation for adherence with the
standard
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning
1
In 2007, the BSI published BS 25999-2
"Specification for Business Continuity
Management", which specifies
requirements for implementing,
operating and improving a documented
business continuity management
system (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning
1
BS 25999-2:2007 business continuity
management is the British Standard
for business continuity management
across all organizations
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Notes
Jump up ^ British Standards Institution
(2006). Business continuity managementPart 1: Code of practice :London
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Notes
Jump up ^ British Standards
Institution (2012). Societal security –
Business continuity management
Systems – Requirements: London
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - International Organization for Standardization
1
ISO 22301:2012 Societal security - Business
continuity management systems - Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - International Organization for Standardization
1
ISO 22313:2012 Societal security - Business
continuity management systems - Guidance
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Others
1
Exercising for Excellence (Delivering
successful business continuity
management exercises) by Crisis
Solutions
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1
ISO - On 15 May 2012, ISO published
the International Standard ISO
22301:2012, "Societal security -Business continuity management
systems --- Requirements". A second
International Standard ISO 22313,
"Societal security -- Business
continuity management systems –
Guidance", is in the Draft
International Standard (DIS) phase
and is expected to be published in late
2012 or early 2013.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
In 2011, ISO published the International
Standard ISO/IEC 27031:2011, Information
security - Security techniques — Guidelines
for information and communication
technology [ICT] readiness for business
continuity." This provides guidance for
organization's implementing the ICT
component of business continuity
management. It also provides guidance in
support of the business continuity elements
of the information security standards,
ISO/IEC 27001 and ISO/IEC 2002.
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
The second, “BS 25999-2:2007
Specification for Business Continuity
Management”, specifies requirements for
implementing, operating and improving a
documented business continuity
management system (BCMS), describing
only requirements that can be objectively
and independently audited
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1
Australia – Published by Standards Australia
HB 292-2006 : A practitioners guide to
business continuity management HB 2932006 : Executive guide to business continuity
management In 2010, Standards Australia
introduced their Standard AS/NZS 5050 that
connects far more closely with traditional risk
management practices. This interpretation is
designed to be used in conjunction with
AS/NZS 31000 covering risk management.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Procedures
British Standard 25999-2 and other
standards identified above provide a
specification for implementing a business
continuity management system within an
organization.
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Planning
1
Planning, prevention, and preparation are
a key part of any business continuity
management system and have direct read
across from civil contingencies planning.
The activity begins with understanding the
business to identify potential risks and
threats to critical business activities both
internally and from the external
environment. It is also advisable to
examine the resilience of suppliers.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Institute of Internal Auditors - Practice guides
1
GTAG 10: Business Continuity
Management (BCM)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Cyber security standards - ISO 27001
1
The ISO/IEC 27002 standard is arranged
into eleven control areas; security
policy, organizing information security,
asset management, human resources
security, physical and environmental
security, communication and
operations, access controls,
information systems
acquisition/development/maintenance,
incident handling, business continuity
management, compliance
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chartered Quality Institute - IRCA
1
IRCA offers certification programmes
that recognise the competence of
auditors who audit quality, software
development, aerospace, maritime
safety, pharmaceutical, food safety,
environmental, information security,
information technology service,
occupational health and safety, social
systems and business continuity
management systems.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business process outsourcing - Threats
1
Risks and threats of outsourcing must
therefore be managed, to achieve any
benefits. In order to manage
outsourcing in a structured way,
maximizing positive outcome,
minimizing risks and avoiding any
threats, a Business continuity
management (BCM) model is set up.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business process outsourcing - Threats
1
A framework for business continuity
management, International Journal of
Information Management 26- 2 (2006):
128- 141
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Framework Programmes for Research and Technological Development - TIMBUS Project
1
TIMBUS aligns digital preservation with
well-established methods for enterprise
risk management (ERM) and business
continuity management (BCM).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Threat (computer) - Threat management
1
Very large organizations tend to adopt
business continuity management
plans in order to protect, maintain and
recover business-critical processes
and systems. Some of these plans
foreseen to set up 'computer security
incident response team' (CSIRT) or
'computer emergency response team'
(Computer emergency response
team|CERT)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business impact analysis
1
In 2007, the BSI published BS 25999-2
Specification for Business Continuity
Management, which specifies
requirements for implementing,
operating and improving a
documented business continuity
management system (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business impact analysis
This document was superseded in
November 2012 by the British standard
BS ISO22301:2012. (British Standards
Institution, 2012) British Standards
Institution (2012). Societal security –
Business continuity management
Systems – Requirements: London
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Crisis management - Business continuity planning
1
Business Management: Top tips for effective, realworld Business Continuity Management)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Enterprise relationship management - Velox framework
1
Velox ERM is a product of Technology Partnerz.[
http://www.technologypartnerz.com/eng/erm.asp
ERM - Enterprise Relationship Management Technology Partnerz Ltd] It integrates ONA organizational network analysis,[
http://www.orgnet.com/orgnetmap.pdf
Organizational Network Mapping] process redesign, IS/IT strategy, change management,
supplier relationship management, customer
relationship management, and risk and business
continuity management into a comprehensive and
simple framework that supports people and
organizations in repeatably/consistently:
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief information security officer
1
* Disaster recovery and
business continuity
management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Civil Contingencies Act 2004 - Part 1: Local Arrangements for Civil Protection
Part 1 of the Act places a legal
obligation upon emergency services
and local authorities (defined as
Category 1 responders under the Act)
to assess the risk of, plan, and
exercise for emergencies, as well as
undertaking Business continuity
Management
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Emergency management - As a profession
Professional emergency managers can
focus on government and community
preparedness (Continuity of
Operations/Continuity of Government
Planning), or private business
preparedness (Business continuity
planning|Business Continuity Management
Planning)
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 17799 - Outline for ISO27002:2013
1
#Information security aspects of business
continuity management - Information
security continuity and Redundancies
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 17799 - Outline for ISO27002:2005
14. Business continuity
planning|Business continuity
management – protecting,
maintaining and recovering businesscritical processes and systems
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Information security policies - Risk management
1
*business continuity management,
and
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT baseline protection - IT Baseline Protection Catalog and standards
It contains elements from BS 25999,
ITIL Service Continuity Management
combined with the relevant IT Baseline
Protection Catalog components, and
essential aspects for appropriate
Business continuity planning|Business
Continuity Management (BCM)
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Dynamic infrastructure - Benefits of having dynamic infrastructures
– Source: Gartner – Predicts 2009:
Business Continuity Management
Juggles Standardization, Cost and
Outsourcing Risk). / Roberta J Witty,
John P Morency, Dave Russell, Donna
Scott, Rober Desisto / 28 January 2009
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BSI Group - Standards
1
BSI produces standards on a wide
range of products, services and
processes; from nuts and bolts to
sustainability, risk, business
continuity management and
nanotechnology.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
List of International Organization for Standardization standards - ISO 20000 – ISO 29999
1
* ISO 22301:2012 Societal security – Business
continuity management systems – Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Certified Internal Auditor - Practice guides
:*'GTAG 10:'
Business Continuity
Management (BCM)
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT service continuity - Background
1
At the same time the need for business
continuity management (BCM),
including incident preparedness,
disaster recovery planning, and
emergency response and
management, has become steadily
more prevalent in developed and
developing economies.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT service continuity - Background
IT Service Continuity is essential for
many organizations in the
implementation of Business Continuity
Management and Information Security
Management and as part of the
implementation and operation
information security management as
well as business continuity
management as specified in ISO/IEC
27001:2013 and ISO 22301:2012
respectively, it is critical to develop and
implement continuity for the ICT
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery plan - Off-the-shelf DRP software
SunGard provides a product called
Continuity Management Solution that
automates the disaster recovery
planning process.[
http://www.sungardas.com/Solutions
/DisasterRecovery/PlanningAndSoftw
are/Pages/PlanningAndSoftware.aspx
Planning Software: The tools you need
to minimize risk and ensure
continuity, Business Continuity
Management Software.] SunGard
Availability Services
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BCM
1
*Business Continuity Management, an
interdisciplinary peer mentoring
methodology used to create a plan for
recovery of a business after disaster or
disruption
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Publicly Available Specification - PAS
1
* PAS 56: Business Continuity
Management System (2003)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999
'BS 25999' was BSI Group|BSI's
standard in the field of Business
continuity planning|Business
Continuity Management (BCM). It was
withdrawn in 2012 (part 2) and 2013
(part 1) following the publication of
the international standards ISO 22301
- ″Societal Security — Business
continuity management systems —
Requirements″ and ISO 22313 ″Societal Security — Business
continuity management systems —
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
BS 25999 was a Business Continuity
Management (BCM) standard published
by the British Standards Institution
(BSI).
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
* Part 1, BS 25999-1:2006 Business
Continuity Management. Code of
Practice, took the form of general
guidance on the processes, principles
and terminology recommended for
BCM.
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
1
* Part 2, BS 25999-2:2007 Specification
for Business Continuity Management,
specified a set of requirements for
implementing, operating and improving a
BCM System (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Other related standards
ASIS/BSI BCM.01:2010 Business
Continuity Management Systems:
Requirements with Guidance for Use.
Published in December 2010 and
developed jointly between ASIS and BSI
for North America
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Deloitte & Touche - Services
1
* Audit and risk management|Enterprise Risk
Services: Provides the organization's
traditional accounting and audit services, as
well as offerings in enterprise risk
management, information
security|information security and privacy, data
quality and integrity, project risk, business
continuity management, internal auditing and
IT control
assurance.[https://www2.deloitte.com/global/
en/services/audit.html Assurance Advisory
services]
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO 27001:2005
# Business continuity management protecting, maintaining and recovering
business-critical processes and systems
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO 27001:2005 - How the standard works
1
* Business continuity
management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Certified Business Continuity Professional
1
'Certified Business Continuity Professional'
('CBCPDisaster Recovery Institute
International. Certification CBCP.
https://www.drii.org/certification/cbcp.php
(accessed June 3, 2011).') is internationally
recognized professional certification issued
by the Disaster Recovery Institute for
Business continuity planning|business
continuity management. A certified expert
must pass a detailed exam consisting of ten
domains and prove his/hers experience in at
least five domains for minimum two years.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief governance officer
The heads of several governance-related
functions may report to the CGO, including
community relations / public affairs, corporate
strategy, business continuity management,
business performance management,
compliance
management[http://www.lumigent.com/execut
ive_commentaries/189-c-suite-shoot-outchief-compliance-officer-v-chief-governanceofficer.html Capobianco, JH.(2010)
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Peter Power (crisis management specialist) - Achievements
1
He is quoted in the UK government guide, A Guide to GIS
Applications in Integrated Emergency Management
[http://www.cabinetoffice.gov.uk/media/132769/gis_guide_acr
o6.pdf A Guide to GIS Applications in Integrated Emergency
Management] and he is the author of many other advice
guidebooks including the original UK government
(Department of Trade and Industry) booklet Business
Continuity Management - Preventing Chaos in a
Crisis.[http://webarchive.nationalarchives.gov.uk/tna/+/http://w
ww.dti.gov.uk/mbp/bpgt/m9ba91001/m9ba91001.pdf Business
Continuity Management - Preventing Chaos in a Crisis] On
23 November 1984 Power was trapped with others on the
London Underground during a serious Oxford Circus fire that
started at that station and spread along the Victoria line
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Maximum Tolerable Period of Disruption - Definition
The MTPOD is also known as maximum
acceptable outage
[http://www.riskythinking.com/glossary/maxim
um_acceptable_outage.php Definition of
Maximum Acceptable Outage in
riskythinking.com] and maximum allowable
outage,[http://www.driecentral.org/biainstructi
ons.pdf Paper on BUSINESS CONTINUITY
MANAGEMENT WORKSHOP at Disaster
Recovery Information Exchange (DRIE)
Central] in both cases the corresponding
acronym is 'MAO'.
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Singapore Expo - Facilities
Singex Venues, the management
company of Singapore EXPO, is the
only MICE company in the world to
have dual certification in Business
Continuity Management (awarded by
the British and Singapore standards).
1
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
For More Information, Visit:
• https://store.theartofservice.com/th
e-business-continuitymanagement-toolkit.html
The Art of Service
https://store.theartofservice.com
Related documents
Unit 10: Course Summary and Final Exam
Unit 10: Course Summary and Final Exam
Continuity Formal Approach
Continuity Formal Approach
Lecture 7 - mh-lectures.co.uk
Lecture 7 - mh-lectures.co.uk
Continuity of Operations Planning Training Recommendations Lee
Continuity of Operations Planning Training Recommendations Lee
Battle Box - ABC Solutions
Battle Box - ABC Solutions
Foundations of Analysis Syllabus
Foundations of Analysis Syllabus
Business Continuity Management
Business Continuity Management
Download
advertisement