eBook - ePub
Business Continuity Management Systems
Implementation and certification to ISO 22301
Hilary Estall
This is a test
Share book
- 128 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Business Continuity Management Systems
Implementation and certification to ISO 22301
Hilary Estall
Book details
Book preview
Table of contents
Citations
About This Book
This practical guide is written for organisations that are implementing a business continuity management system and certification in line with ISO 22301. The development of a BCMS requires commitment, time, resourcefulness and management support. This book will fully equip those new to business continuity management or to management systems with survival skills for the ups and downs of the journey. Enriched with checklists, worksheets and invaluable top tips.
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Business Continuity Management Systems an online PDF/ePUB?
Yes, you can access Business Continuity Management Systems by Hilary Estall in PDF and/or ePUB format, as well as other popular books in Ciencia de la computación & Aplicaciones empresariales. We have over one million books available in our catalogue for you to explore.
Information
Subtopic
Aplicaciones empresariales1 INTRODUCTION
WHO SHOULD READ THIS BOOK?
Implementing a business continuity management system (BCMS) requires commitment, time, resourcefulness and plenty of support from your management team. Whatever the drivers behind the journey you are about to embark on, you need to be well equipped to survive the ups and downs that will occur along the way. If you can answer ‘yes’ to any of the following statements, this book is written with you in mind and will provide you with practical and straight forward advice:
- Your organisation is seeking formal certification to ISO 22301.
- Your organisation is seeking alignment to ISO 22301.
- Your organisation is considering whether to become certified and wishes to understand what is involved before committing resource.
- Your organisation is working towards, or has already achieved, certification to BS 25999-2 and wishes to understand what is involved in moving from one standard to another.
- You wish to develop your own understanding of what is required to implement an effective BCMS.
- You are looking for a practical support mechanism to guide you through the implementation stages of your BCMS.
The need for this handbook became clear to me during my own personal journey through BCMSs. Auditing numerous BS 25999 management systems has shown me time and time again that there are three independent factions:
(1) Those who are existing BC professionals and are implementing a management system for the first time.
(2) Those who already have experience with implementing other management systems, but are new to BCM.
(3) Those who have no prior experience in either aspect.
I concluded that missing from the raft of technical publications already available is a practical guide that bridges the two subject areas and helps manage expectations along the way.
To emphasise the importance of particular BCMS requirements you will notice a degree of repetition in the book. This is intentional and will hopefully reinforce the messages!
THE OBJECTIVE OF THIS BOOK
Management systems, if not implemented properly, can be seen as the proverbial millstone around an organisation’s neck. This book aims to focus on what is significant about management systems and how best to achieve intended results. By concentrating on what is most important, the organisation will enjoy the benefits of a management system which has been developed to meet its specific needs.
READER BEWARE!
This handbook is not aimed at providing you with detailed instructions on how to implement BCM. There are several publications that will offer you advice, for example, on how to undertake a business impact analysis, carry out a risk assessment or write a BC plan and you should refer to those if you are seeking that level of support.
HOW TO USE THIS BOOK
The aim of this handbook is that it becomes your BCMS best friend! It is a tool that should be used when required rather than read from cover to cover and then set aside.
It is set out in four parts. Two focus on management systems themselves and the certification process, and the remaining two look at BCM and the requirements of ISO 22301, translating them into user friendly guidance notes.
Checklists are available for you to self assess your progress with a particular requirement, and action sheets are included to encourage you to develop your BCMS as you progress through the handbook. Do not be afraid to write in the space provided. As you read, thoughts will come into your head. These initial thoughts will often prove to be the most important and you should capture them before they are lost.
All action sheets can be downloaded from here.
You will find ‘Top Tips’ throughout the book, which may prove useful to you during your BCMS journey. These tips have been gathered from my own experience and individuals who have been involved in the audit process in some way. My thanks to all those who have contributed their great ideas. You know who you are!
I wish you well with your journey into business continuity management systems and hope this handbook provides the support and guidance that you are looking for in order to achieve your BCMS objectives.
2 MANAGEMENT SYSTEMS UNCOVERED
PURPOSE AND OBJECTIVE
The purpose of this chapter of the handbook is to explain what a management system is and its key components. We will look at how management systems have developed over time as well as consider planned developments for the future. You will learn that there are core requirements for every management system, including BCMSs.
The objective is to provide guidance and support to both those looking to implement a BCMS for the first time and those who wish to take this opportunity to review their existing system and consider how it may be improved.
TERMS AND DEFINITIONS
For the purposes of this chapter of the handbook, and the broader consideration of what makes up a management system, the definitions provided in ISO 22301:2012 apply unless otherwise stated.
Competence: ability to apply knowledge and skills to achieve intended results
Continual Improvement: recurring activity to enhance performance (Source: ISO 22300)
Corrective Action: action to eliminate the cause of a nonconformity and to prevent recurrence1 (Source: ISO 22300)
Document: information and its supporting medium2
Effectiveness: extent to which planned activities are realised and planned results achieved (Source: ISO 22300)
Internal Audit: audit conducted by, or on behalf of, the organisation itself for management review and other internal purposes, and which might form the basis for an organisation’s self declaration of conformity3
Management System: set of interrelated or interacting elements of an organisation to establish policies and objectives, and processes to achieve those objectives4
Nonconformity: non-fulfilment of a requirement (Source: ISO 22300)
Policy: intentions and direction of an organisation as formally expressed by its top management
Procedure: specified way to carry out an activity or a process5 (Source: ISO 9000:2005)
Record: statement of results achieved or evidence of activities performed
Top Management: person or group of people who directs and controls an organisation at the highest level6
MANAGEMENT SYSTEMS EXPLAINED
In order to put management systems into context, we start with a brief look at how these systems came about. We will then take a more detailed look at the core requirements of a management system and provide you with a practical insight into the areas that require particular consideration. Everything written in this chapter is relevant to business continuity management systems and should be considered as part of your BCMS implementation programme.
Origins
Even if you have never been involved with management systems before, you have probably heard of BS 5750 or ISO 9001. BS 5750 was one of the first widely recognised quality management systems, introduced in 1979 and the forerunner to the better known and internationally applied ISO 9000 series of standards. The aim of these standards was to help organisations introduce consistent methods of delivering products and services in ways which would increase quality, accuracy and efficiency. It was later generally recognised to increase an organisation’s competitive edge.
Management principles
When the ISO 9000 standards were introduced, eight quality management principles were identified, which, when applied by top management, were perceived to help an organisation improve its performance.
1. Customer focus
Organisations depend on their customers and therefore should understand current and future customer needs, should meet customer requirements and strive to exceed customer expectations.
2. Leadership
Leaders establish unity of purpose and direction of the organisation. They should create and maintain the internal environment in which people can become fully involved in achieving the organisation’s objectives.
3. Involvement of people
People at all levels are the esse...