From Wikipedia, the free encyclopedia
(Redirected from Business continuity management)
Jump to: navigation, search
Business continuity planning life cycle
Business continuity planning (BCP) is “planning which identifies the organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effectiveprevention and recovery for the organization, whilst maintaining competitive advantage and value system integrity”. It is also called Business continuity & Resilency planning (BCRP). The logistical plan used in BCP is called a business continuity plan. The intended effect of BCP is to ensure business continuity, which is an ongoing state or methodology governing how business is conducted.
Inplain language, BCP is working out how to stay in business in the event of disaster. Incidents include local incidents like building fires, regional incidents like earthquakes, or national incidents like pandemic illnesses.
BCP may be a part of an organizational learning effort that helps reduce operational risk associated with lax information management controls. This process may be integratedwith improving information security and corporate reputation risk management practices.
In December 2006, the British Standards Institution (BSI) released a new independent standard for BCP — BS 25999-1. Prior to the introduction of BS 25999, BCP professionals relied on BSI information security standard BS 7799, which only peripherally addressed BCP to improve an organization's informationsecurity compliance. BS 25999's applicability extends to organizations of all types, sizes, and missions whether governmental or private, profit or non-profit, large or small, or industry sector.
In 2007, the BSI published the second part, BS 25999-2 "Specification for Business Continuity Management", that specifies requirements for implementing, operating and improving a documented BusinessContinuity Management System (BCMS).
In 2004, the United Kingdom enacted the Civil Contingencies Act 2004, a statute that instructs all emergency services and local authorities to actively prepare and plan for emergencies. Local authorities also have the legal obligation under this act to actively lead promotion of business continuity practices in their respective geographical areas.|Contents |
|1 Introduction |
|2.1 Impact analysis (Business Impact Analysis, BIA) |
|2.2 Threat analysis |
|2.3 Definition of impact scenarios|
|2.4 Recovery requirement documentation |
|3 Solution design |
|4 Implementation |
|5 Testing andorganizational acceptance |
|6 Maintenance |
|6.1 Information update and testing |
|6.2 Testing and verification of technical solutions...