Extract from ‘The Route Map to Business Continuity Management: Meeting the british standard, BS and builds on the success and fundamentals of. It has been more than three years since BS part two was published and with a new International Standard (ISO) on the horizon; BSI’s scheme manager. BS • Code of practice for business continuity management. ▫ Establishes the BCM processes, principles and terminology. ▫ Provides a basis for.
|Genre:||Health and Food|
|Published (Last):||8 February 2017|
|PDF File Size:||2.17 Mb|
|ePub File Size:||14.35 Mb|
|Price:||Free* [*Free Regsitration Required]|
The following are some of the key procedures and documents required by BS No prior knowledge in information security and ISO standards is needed. The scope of the BCM The BCM policy Specific responsibilities for the BCM Procedures for managing documents and records, procedures for corrective and preventive actions Methodology for business impact analysis, and results of the analysis Risk assessment methodology Business continuity strategy Business continuity plan, which includes the incident response plan s and recovery plan s Records The amount of documentation depends on the number of critical activities in an organization — an organization with a small number of critical activities will also have a small amount of documentation related to business impact analysis, risk assessment and business continuity plans, while the documentation of larger organizations will be much more extensive.
Looking backwards, BS was the vanguard; a brave step outside the closeted, cosy world of BCM and into the realm of management system standards. Navigation menu Personal tools Log in Bs-25999 account. Just like ISOISOISO and other standards that define management systems, BS also defines a business continuity management system bz-25999 contains the same four management phases: Certification independent verification to this standard is available from certification bodies accredited by the United Kingdom Accreditation Service UKAS and is a multi stage process usually involving a number of assessment visits.
BS was a British standard issued inand quickly became the main standard for business continuity management — it was superseded by ISO in Maintenance of plans and system; improvement The standard stipulates the following: Understanding ISO can be difficult, so we have put together this straightforward, yet detailed explanation of ISO Ideally, BCM programmes will be audited, challenged and reviewed by organisational management. It has one aim in mind: If you would like to comment or if you require any more information please do get in touch with us directly here!
By continuing to access the site you are agreeing to their use.
ISO to be published Mid May – BS to be withdrawn
Both parts of the manzgement are likely to be revised and it may ultimately be incorporated into other national or international standards. What is BS ?
Sustainability of international supply is such a key risk for those who have extended supply chains; the ISO will help bridge the understanding of BCM and promote global acceptance of terms and indeed of expectations.
Pierre and Miquelon St.
BS 25999 and its Contribution to Business Continuity Management
Other useful standards are ISOwhich places business continuity in a broader context of information security, and ISOwhich gives a detailed description of the risk assessment process. A useful means of understanding the difference between the two is Part 1 is a guidance document and uses the term cintinuity, Part 2 is an independently verifiable specification that uses the word ‘shall’.
ISO Business Continuity Standard 22301 to replace BS 25999-2
My hope is that there will be widespread adoption of the ISO beyond that already achieved by BS and that this will help bolster BCM to become a managed system within organisations, mirroring the cry from professionals that it is not a project but an ongoing, managed programme of interconnected elements. BS provides end-to-end business continuity management guidance to organizations with aggressive risk management demands or international business interests by focusing on risk treatment, response and recovery.
Risk assessment is carried out to establish which disasters and other disruptions in business operations may occur and what their consequences are, but also which vulnerabilities and threats can lead to such business disruptions.
Without any stress, hassle or headaches. Have questions about any step? After initial maangement a number of surveillance visits are made as per a plan to ensure that the organization is still in compliance.
It also recognises that the detailed ISO Guidance Documents will not be available until early next year. Human resources management Business impact analysis and risk assessment Defining business continuity strategy Business continuity plans Maintenance of plans and systems; improvement Human resources management The standard states that it is essential to determine the necessary knowledge and skills, to identify the necessary training sessions, to conduct such training sessions, to check whether the required knowledge and skills have been achieved, and to keep records.
Chairman of the Continuity Forum, Russell Price said, “Once the ISO was published Majagement really had to be withdrawn, it really would have been completely untenable to have the two standards sitting on the shelf side by side, and it would have made the situation very difficult indeed for professionals and businesses.