Business Continuity, Disaster Recovery and ISO 22301

BCM (business continuity management) is accepted as the most comprehensive approach to organisational resilience.

BCM involves managing risks to ensure that mission-critical functions continue to provide an acceptable level of service, even in the event of a major disaster.

Effective business continuity can be attained by implementing a BCMS (business continuity management system)

 

Speak to an expert

Please contact us for business continuity management advice or to speak to an expert.

Contact us

 

What is the purpose of business continuity management?

BCM involves planning for any potential disaster by identifying potential threats to an organisation and analysing their impact on its day-to-day operations.

Effective BCM ensures the business is able to provide a minimum acceptable service in the event of a disaster, and helps preserve corporate reputation, image and revenue.

A growing body of legislation requires businesses in essential areas to implement effective business continuity arrangements. Globally, corporate governance regulations require directors to “exercise reasonable care, skill and diligence” to mitigate risks facing the organisation.

Organisations operating in critical infrastructure industries will soon be required to implement incident response capabilities in line with the requirements of the Directive on security of network and information systems (NIS Directive). BCM provides best practice to effectively manage business interruptions and incidents, and to support organisations in meeting the Directive’s requirements.

The current cyber threat landscape has made business leaders more aware of the risks of cyber attacks and the importance of being able to respond to and recover from such attacks.

Effective BCM, based on international best-practice standards such as ISO 22301, can protect organisations from widespread business disruption in the event of a successful cyber attack.

Read about the benefits of effective BCM >>>

 

The business continuity management lifecycle

Effective BCM is centred around the stages of the BCM lifecycle, and involves identifying threats, performing a business impact analysis (BIA), designing and implementing a business continuity plan, compiling documentation, measuring and testing performance and conducting maintenance and continual improvement work.

 

Business continuity planning

Business continuity planning (BCP) involves the processes and procedures for the development, testing and maintenance of business continuity plans that will enable an organisation to continue operating during and after a disaster. BCP is an essential element of a BCMS.

Plans typically detail how to manage incidents that affect all the organisation’s business-critical processes and activities, from failure of a single server all the way through to complete loss of a major facility. BCP is a response to an enterprise-level risk assessment. Best practice for BCP is set out in ISO/IEC 22301.

 

Disaster recovery planning

Disaster recovery planning (DRP) usually takes place within the BCP framework. Disaster recovery plans are often relatively technical and will focus on the recovery of specific operations, functions, sites, services or applications. A single business continuity plan might contain or refer to a number of disaster recovery plans. Best practice for disaster recovery is set out in ISO/IEC 22301.

 

ISO 27031 – ICT continuity best practice

ISO 27031 provides recommendations specifically for information and communications technology (ICT) continuity management within the overall business continuity framework provided by ISO 22301. ISO 27031 makes ISO 22301 relevant to ICT but can also be used on a standalone basis should an organisation wish to tackle ICT continuity management specifically. Purchase the ISO 27031 standard here >>

 

Let’s get started on your business continuity management project

IT Governance has the widest range of affordable solutions that are easy to use and ready to deploy.

 

Business continuity management/ ISO 23301 resources

 

Speak to an expert

Please contact us for business continuity management advice or to speak to an expert.

Contact us

 

arriba