Business Continuity Plan (BCP) is a very important topic any organization or company need to consider seriously. During 2007, the first international regulation was presented in which it is indicated that aspects must be taken into account when creating and implementing a Business Continuity Plan (BCP) in an organization. This regulation was called BS 25999. During 2012, ISO 22301:2012 replaced BS 25999-2. These 2 standards are quite similar, but the ISO 22301: 2012 standard can be considered as an update to BS 25999-2. “ISO 22301 Societal security – Business continuity management systems – Requirements”. This standard was created by leading experts in this area to provide theRead More →

Business Continuity Plan (BCP) is a very important topic any organization or company need to consider seriously. A BCP defines how to operate during an interruption of the disaster business (it is like the ‘Front end’ of the Business Continuity Management System called also BCMS). It focuses on “how to operate while we are in contingency”. I created 2 presentations about Business Continuity Plan; this is the first of these 2 documents. This presentation incluse all these topics: 1. Contingencies and organizational resilience 2. DRP and BCP 3. Business Continuity Plan: General principles 4. Structure and phases of a Business Continuity Plan 5. Business Impact Analysis (BIA)Read More →

The ISO 22301 Societal security – Business continuity management systems – Requirements is the standard created by leading experts on this area to provide the best framework for business continuity management in an organization. ISO 22301 is not that different from BS 25999-2 in most business continuity areas like business impact analysis, strategy or planning; the biggest changes are in the management part of the standard. Object: ISO 22301:2012 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when theyRead More →

In this post I will briefly introduce aspects of conducting a BIA (Business Impact Analysis), first a definition of what we mean by BIA: A BIA is a process of analyzing business functions and the effect that a break in the business could in such functions. The organization shall determine and document the impact of a break in activities that support key products and services. In a BIA criticism for achieving organizational areas and the potential magnitude of the operational and financial impacts are identified. Each activity that supports a key product or service, the organization must: a) Evaluate the impacts that would occur withRead More →