eBook - ePub
Business Continuity Management System
A Complete Guide to Implementing ISO 22301
Wei Ning Zechariah Wong, Jianping Shi
This is a test
Partager le livre
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Business Continuity Management System
A Complete Guide to Implementing ISO 22301
Wei Ning Zechariah Wong, Jianping Shi
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
A business continuity management system (BCMS) is a management framework that prepares the organization by developing business continuity strategies to meet its business and statutory obligations during an incident. It is about optimizing service availability and preserving business performance to secure future growth in the market.
Business Continuity Management System offers a complete guide to establishing a fit-for-purpose business continuity capability in your organization. Structured in line with the principles of ISO22301 (the International Standard for business continuity management) and with current best practice, this user-friendly book covers the whole life cycle of developing, establishing, operating and evaluating a BCMS initiative. It is aimed at new and seasoned business continuity practitioners involved in business continuity activities in their organizations, whatever the size and sector. It includes proven techniques and easy-to-use methodologies that specifically support the implementation of those requirements specified in ISO 22301. Pragmatic approaches supported by in-depth explanations guide you to assess and improve your organization's BCMS performance. This is the first book to offer an end-to-end solution that addresses all aspects of implementing an effective BCMS.
Business Continuity Management System is intended to act as a catalyst to accelerate progress on the journey from business continuity management and risk management to the creation and implementation of a business continuity management system, both by enhancing the BCM and risk competence of individual readers and by contributing to shared knowledge in implementing ISO 22301 in organizations.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Business Continuity Management System est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Business Continuity Management System par Wei Ning Zechariah Wong, Jianping Shi en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Commerce et Management. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
141
07
Operation
OVERVIEW
âą This chapter first outlines the essential attributes of understanding the organization.
âą It then explains the key characteristics and concepts of a business impact analysis and how to undertake the activity.
âą Next, it discusses the key characteristics and concepts of a risk assessment and its key approaches.
âą The chapter goes on to introduce business continuity strategy selection and development, and explains the stages, approaches and key resources of establishing appropriate BCM strategies.
âą Furthermore, it explains how to establish the business continuity capability, which includes developing the incident management structure and plans.
âą Finally, the chapter highlights the different levels of validating the organizationâs business continuity capability and explains the key roles in the exercise planning team and exercise programme.
Background
A fit-for-purpose business continuity capability is based on an in-depth review of the organization and its activities. It entails assessment of the impacts to the organization of a loss of its critical operations and determining the resources required to attain their recovery timescales. This is underpinned by a risk assessment that identifies priorities and mitigation strategies to safeguard the key operations.
142
In addition, there should be an appropriate form of corporate configuration for managing incidents, also known as the incident management structure (IMS), to execute command and control in the incident management process. This is to ensure that a coordinated approach is established for communication, decision-making and the implementation of responses during an incident. In its basic form, the IMS comprises strategic, tactical and operational teams, with each assigned to address different types of incidents. However, the exact composition of the corporate IMS is largely dependent on the type, size and complexity of the organization.
In order to provide greater assurance following an incident that critical operations will be recovered as required, there should be planned series of exercises to validate plans and team/individual skills. Broadly, there are two forms of exercise: discussion-based and operation-based, which can develop into five types of exercise, namely, orientation, desktop, drill, functional exercise and full-scale exercise. Each exercise is designed for different levels of BCM maturity and focuses on particular aspects of BCM. Nonetheless, as the exercise activity gains complexity, there should be risk controls to prevent probable threats from developing an exercise into a real incident. In essence, exercises provide the opportunity to identify areas of improvement, which help to drive the continual enhancement of the organizationâs business continuity capability.
Understanding the organization
Understanding the organization and its business forms the basis of developing a business-driven BCMS. It comprises the process of identifying the critical functions based on their impacts on the organizationâs ability to achieve its objectives and obligations. This is supported by a risk assessment, which ensures that the likelihood (frequency and probability) of critical functions being affected by probable threats is minimized. The findings are then used to determine the recovery priorities and formulate resilience measures to safeguard continuity.
In essence, understanding the organization comprises three interrelated activities:
âą Business impact analysis (BIA) â This consists of analytical methodologies that assess the functions whose failure would most immediately threaten product and service delivery and have significant impact on the organization.
143
âą Business continuity resource requirements analysis (BCRRA) â This activity forms an integral part of the BIA, which determines the level of resources that each critical function requires at both resumption and return to business-as-usual following a disruption.
âą Risk assessment (RA) â This activity identifies potential threats to critical functions and develops risk-mitigation measures to minimize their occurrence and impact.
It is important to note that the activities of understanding the organization is performed before setting the...