Business continuity maturity model

Solo disponible en BuenasTareas
  • Páginas : 6 (1300 palabras )
  • Descarga(s) : 0
  • Publicado : 7 de marzo de 2012
Leer documento completo
Vista previa del texto
Business Continuity Maturity Model

14th May 2009 Neil O’Connor

Introduction
• The Cabinet Office has issued an IA Maturity Model (IAMM) for public sector bodies to assess the maturity of their Information Assurance (IA) management. This addresses key IA concerns such as the confidentiality of information, and in particular the protection of personal information, but does not addressBusiness Continuity in sufficient depth. • The Business Continuity Maturity Model (BCMM) addresses this, and provides a means to assess the development of Business Continuity Planning (BCP) within an organisation.

Introduction
• It is based upon:
• The Cabinet Office IA Maturity Model (IAMM) • BS 25999-1:2006 Business Continuity Management Part 1 Code of Practice • BIP 2143:2008 Exercising forExcellence: Delivering a Successful Business Continuity Management Exercise

• It allows an organisation both to choose a target level of maturity and to assess its progress to achieving it

IA Maturity Model Processes

Embedding Information Risk Management Culture Within Organisation

Implementing Best Practice IA Measures

Effective Compliance

• Leadership & Governance • Training,Education & Awareness • Information Risk Management

• Through-Life IA Measures • Assured Information Sharing

• Compliance

IA Maturity Model Levels
Level 1 - Initial

• Awareness of the Criticality of IA to the Business and Legal Requirements • IA Processes are Institutionalised • IA Processes are implemented in Critical Areas of the Business • The Number of Corporate Exceptions toImplementing IA Processes is Known and Reported • Responsive IA Processes are integrated as Part of Normal Business

Level 2 – Established

Level 3 – Business Enabling

Level 4 – Quantitatively Managed

Level 5 – Optimised

BC Maturity Model Processes

Embedding Business Continuity Management Culture Within Organisation

Implementing Best Practice BC Measures

Effective Compliance

•Leadership & Governance • Training, Education & Awareness • Business Continuity Management

• Developing and Implementing a BCM Response • Exercising, Maintaining and Reviewing BCM

• Compliance

BC Maturity Model Levels
Level 1 - Initial

• Awareness of the Criticality of BC to the Business and Legal Requirements • BC Processes are Institutionalised • BC Processes are implemented inCritical Areas of the Business • The Number of Corporate Exceptions to Implementing BC Processes is Known and Reported • Responsive BC Processes are integrated as Part of Normal Business

Level 2 – Established

Level 3 – Business Enabling

Level 4 – Quantitatively Managed

Level 5 – Optimised

BC Leadership and Governance
Level 1 - Initial

• Main board recognition that BC is anintegral requirement of corporate governance • Main board commitment to effective BC promulgated in a top level policy statement • Main board member responsible for Business Continuity Management (BCM) • Each business area has a person responsible for BCM

Level 2 – Established

• Main board members understand and accept their responsibility for the effective implementation of BCM across theorganisation • Endorsed BC Strategy • Effective Business Continuity Management regime established

Level 3 – Business Enabling

• Main board exercising due diligence with regard to the effective discharge of BCM within the organisation • Main board members are proactively engaged in leading and championing BCM within the organisation

Level 4 – Quantitatively Managed

• Main board monitorsprogress towards embedding BC policy within the organisation

• The need to assure continuity of the business is fully embedded within the organisational culture and is subject to a regime of improvement
Level 5 – Optimised

BC Training, Education and Awareness
• There is a programme of annual BC awareness training
Level 1 - Initial

Level 2 – Established

• All staff undergo annual BC...
tracking img