Business Continuity Management Systems
eBook - ePub

Business Continuity Management Systems

Implementation and certification to ISO 22301

  1. 128 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Business Continuity Management Systems

Implementation and certification to ISO 22301

About this book

This practical guide is written for organisations that are implementing a business continuity management system and certification in line with ISO 22301. The development of a BCMS requires commitment, time, resourcefulness and management support. This book will fully equip those new to business continuity management or to management systems with survival skills for the ups and downs of the journey. Enriched with checklists, worksheets and invaluable top tips.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere ā€” even offline. Perfect for commutes or when youā€™re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Business Continuity Management Systems by Hilary Estall in PDF and/or ePUB format, as well as other popular books in Computer Science & Business Strategy. We have over one million books available in our catalogue for you to explore.
1 INTRODUCTION
WHO SHOULD READ THIS BOOK?
Implementing a business continuity management system (BCMS) requires commitment, time, resourcefulness and plenty of support from your management team. Whatever the drivers behind the journey you are about to embark on, you need to be well equipped to survive the ups and downs that will occur along the way. If you can answer ā€˜yesā€™ to any of the following statements, this book is written with you in mind and will provide you with practical and straight forward advice:
  • Your organisation is seeking formal certification to ISO 22301.
  • Your organisation is seeking alignment to ISO 22301.
  • Your organisation is considering whether to become certified and wishes to understand what is involved before committing resource.
  • Your organisation is working towards, or has already achieved, certification to BS 25999-2 and wishes to understand what is involved in moving from one standard to another.
  • You wish to develop your own understanding of what is required to implement an effective BCMS.
  • You are looking for a practical support mechanism to guide you through the implementation stages of your BCMS.
The need for this handbook became clear to me during my own personal journey through BCMSs. Auditing numerous BS 25999 management systems has shown me time and time again that there are three independent factions:
(1) Those who are existing BC professionals and are implementing a management system for the first time.
(2) Those who already have experience with implementing other management systems, but are new to BCM.
(3) Those who have no prior experience in either aspect.
I concluded that missing from the raft of technical publications already available is a practical guide that bridges the two subject areas and helps manage expectations along the way.
To emphasise the importance of particular BCMS requirements you will notice a degree of repetition in the book. This is intentional and will hopefully reinforce the messages!
THE OBJECTIVE OF THIS BOOK
Management systems, if not implemented properly, can be seen as the proverbial millstone around an organisationā€™s neck. This book aims to focus on what is significant about management systems and how best to achieve intended results. By concentrating on what is most important, the organisation will enjoy the benefits of a management system which has been developed to meet its specific needs.
READER BEWARE!
This handbook is not aimed at providing you with detailed instructions on how to implement BCM. There are several publications that will offer you advice, for example, on how to undertake a business impact analysis, carry out a risk assessment or write a BC plan and you should refer to those if you are seeking that level of support.
HOW TO USE THIS BOOK
The aim of this handbook is that it becomes your BCMS best friend! It is a tool that should be used when required rather than read from cover to cover and then set aside.
It is set out in four parts. Two focus on management systems themselves and the certification process, and the remaining two look at BCM and the requirements of ISO 22301, translating them into user friendly guidance notes.
Checklists are available for you to self assess your progress with a particular requirement, and action sheets are included to encourage you to develop your BCMS as you progress through the handbook. Do not be afraid to write in the space provided. As you read, thoughts will come into your head. These initial thoughts will often prove to be the most important and you should capture them before they are lost.
All action sheets can be downloaded from here.
You will find ā€˜Top Tipsā€™ throughout the book, which may prove useful to you during your BCMS journey. These tips have been gathered from my own experience and individuals who have been involved in the audit process in some way. My thanks to all those who have contributed their great ideas. You know who you are!
I wish you well with your journey into business continuity management systems and hope this handbook provides the support and guidance that you are looking for in order to achieve your BCMS objectives.
2 MANAGEMENT SYSTEMS UNCOVERED
PURPOSE AND OBJECTIVE
The purpose of this chapter of the handbook is to explain what a management system is and its key components. We will look at how management systems have developed over time as well as consider planned developments for the future. You will learn that there are core requirements for every management system, including BCMSs.
The objective is to provide guidance and support to both those looking to implement a BCMS for the first time and those who wish to take this opportunity to review their existing system and consider how it may be improved.
TERMS AND DEFINITIONS
For the purposes of this chapter of the handbook, and the broader consideration of what makes up a management system, the definitions provided in ISO 22301:2012 apply unless otherwise stated.
Competence: ability to apply knowledge and skills to achieve intended results
Continual Improvement: recurring activity to enhance performance (Source: ISO 22300)
Corrective Action: action to eliminate the cause of a nonconformity and to prevent recurrence1 (Source: ISO 22300)
Document: information and its supporting medium2
Effectiveness: extent to which planned activities are realised and planned results achieved (Source: ISO 22300)
Internal Audit: audit conducted by, or on behalf of, the organisation itself for management review and other internal purposes, and which might form the basis for an organisationā€™s self declaration of conformity3
Management System: set of interrelated or interacting elements of an organisation to establish policies and objectives, and processes to achieve those objectives4
Nonconformity: non-fulfilment of a requirement (Source: ISO 22300)
Policy: intentions and direction of an organisation as formally expressed by its top management
Procedure: specified way to carry out an activity or a process5 (Source: ISO 9000:2005)
Record: statement of results achieved or evidence of activities performed
Top Management: person or group of people who directs and controls an organisation at the highest level6
MANAGEMENT SYSTEMS EXPLAINED
In order to put management systems into context, we start with a brief look at how these systems came about. We will then take a more detailed look at the core requirements of a management system and provide you with a practical insight into the areas that require particular consideration. Everything written in this chapter is relevant to business continuity management systems and should be considered as part of your BCMS implementation programme.
Origins
Even if you have never been involved with management systems before, you have probably heard of BS 5750 or ISO 9001. BS 5750 was one of the first widely recognised quality management systems, introduced in 1979 and the forerunner to the better known and internationally applied ISO 9000 series of standards. The aim of these standards was to help organisations introduce consistent methods of delivering products and services in ways which would increase quality, accuracy and efficiency. It was later generally recognised to increase an organisationā€™s competitive edge.
Management principles
When the ISO 9000 standards were introduced, eight quality management principles were identified, which, when applied by top management, were perceived to help an organisation improve its performance.
1. Customer focus
Organisations depend on their customers and therefore should understand current and future customer needs, should meet customer requirements and strive to exceed customer expectations.
2. Leadership
Leaders establish unity of purpose and direction of the organisation. They should create and maintain the internal environment in which people can become fully involved in achieving the organisationā€™s objectives.
3. Involvement of people
People at all levels are the esse...

Table of contents

  1. FRONT COVER
  2. HALF TITLE PAGE
  3. BCS, THE CHARTERED INSTITUTE FOR IT
  4. TITLE PAGE
  5. COPYRIGHT PAGE
  6. CONTENTS
  7. LIST OF FIGURES AND TABLES
  8. AUTHOR
  9. FOREWORD
  10. ACKNOWLEDGEMENTS
  11. ABBREVIATIONS
  12. 1 INTRODUCTION
  13. 2 MANAGEMENT SYSTEMS UNCOVERED
  14. 3 BUSINESS CONTINUITY FROM A MANAGEMENT SYSTEM PERSPECTIVE
  15. 4 COMPARING ISO 22301 WITH BS 25999 AND UNDERSTANDING THE DIFFERENCES
  16. 5 THE CERTIFICATION PROCESS
  17. APPENDIX A
  18. APPENDIX B
  19. REFERENCES
  20. SOURCES OF FURTHER INFORMATION
  21. NOTES
  22. BACK COVER