Business Continuity Management

Business Continuity Management: Choosing to Survive

ABDULLAH AL HOUR
Copyright Date: 2012
Published by: IT Governance Publishing
Pages: 384
https://www.jstor.org/stable/j.ctt5hh69k
  • Cite this Item
  • Book Info
    Business Continuity Management
    Book Description:

    Business Continuity Management: Choosing to survive shows you how to systematically prepare your business, not only for the unthinkable, but also for smaller incidents which, if left unattended, could well lead to major disasters. A business continuity management (BCM) program is critical for every business today, and this book will enable you to develop and implement yours to maximum effect. An effective BCM program will enable you to carry on ‘business as usual’ in the event of an incident. It will also have a positive impact on the day-to-day running of your business. You will see improved organizational performance, experience improved stakeholder confidence, benefit from competitive advantages, realize financial savings and enjoy increased profits.With specific reference to ISO22301, ANSI/ASIS SPC.1-2009, ISO27031 and ISO/IEC 24762, this up-to-date, practical resource will guide you through all the elements of a BCM program, plans and implementations. It covers all the critical elements of your business, from people and premises to technology and facilities management.

    eISBN: 978-1-84928-299-4
    Subjects: Technology

Table of Contents

  1. Front Matter
    (pp. 1-4)
  2. PREFACE
    (pp. 5-6)
  3. ABOUT THE AUTHOR
    (pp. 7-7)
  4. ACKNOWLEDGEMENTS
    (pp. 8-8)
  5. Table of Contents
    (pp. 9-14)
  6. CHAPTER 1: INTRODUCTION
    (pp. 15-28)

    The world is now witnessing continuous advancement and progress in all aspects of life. The formulation of the global economy and global supply chain are among the characteristics of this era as well as part of our modern lives. In order for such advancement and progress to continue and be fruitful, the world needs to provide adequate stability as well as careful planning to achieve prosperity.

    Unfortunately, things do not always go as smoothly as we expect them to. Being inherent to people’s presence and activities, failures, incidents, risks, disasters, and crises are taking place more and more across the...

  7. CHAPTER 2: SETTING UP THE BCM PROGRAM
    (pp. 29-50)

    BCM is now an important feature of successful organizations, where it is recognized as a program that is ongoing, maintained, and progressively enhanced. BCM is not a one-shot project. It is also not a piece of documentation that you download off the Internet and fill in its fields, then present to the auditors and regulators once or twice a year, and then return to a dusty shelf. BCM is not rocket science, yet it is not a simple checklist task. It needs careful setup and solid foundations in order to succeed and deliver its goals and objectives.

    The setup of...

  8. CHAPTER 3: RUNNING THE BCM LIFE CYCLE
    (pp. 51-97)

    BCM implementations follow a logical sequence of activities by which information flow and analysis are conducted. These activities and implementations are grouped in phases or stages, where each phase or stage makes use of the others. The progressive, continuous sequence of these phases or stages is called the BCM life cycle.

    I find the term “life cycle” very descriptive and fit for the overall BCM purpose and concept. The first word “life” indicates progression, development, growth, and maturity.

    The second word “cycle” indicates continuity, iteration, and persistence. Both provide strong indicators to many of the features that successful BCM programs...

  9. CHAPTER 4: BCM STANDARDS
    (pp. 98-112)

    Throughout the history of BCM, there have been noticeable variances in terms of understanding, implementations, and requirements across the world. These were caused by a local and isolated approach towards BCM, neglecting the international and cross-border effects. As the world effectively moved closer together, the BCM industry needed a push towards standardization. In 2003, the British Standards Institute (BSI) took a major step forward and issued a publicly available specification (PAS), which was given the code 56, addressing the subject of business continuity management. PAS 56 remained in circulation until December 2006, when the BSI issued the first British, intended...

  10. CHAPTER 5: TECHNOLOGY CONTINUITY
    (pp. 113-147)

    No one can argue the importance and significance of technology within organizations. When we say technology, we don’t only mean IT. We refer to all automation and processing functions within an organization. IT may form the biggest part of technology yet it is not the whole.

    The role of technology within organizations has been continuously evolving from being a support function to the rest of the organization, to being an enabler to the business, to being a revenue-generating line of business by itself. Dependence on technology to achieve operational and strategic goals and targets in modern organizations has reached unprecedented...

  11. CHAPTER 6: TECHNOLOGY CONTINUITY STANDARDS
    (pp. 148-159)

    Similar and relevant to BCM, technology continuity and readiness have gone through an interesting journey in standardization. The list of major stops within this journey continues to grow. The two most recent stops were in 2008 and 2011, when the BSI issued the first to-be-global Standard governing technology’s role in BCM and the ISO issued the first global technology continuity and readiness Standard, respectively.

    The ISO issued this Standard with one obvious goal in mind: integration between BCM and technology. The title gives a strong impression. Instead of ICT continuity, which implied parallelism, readiness for business continuity is used. It...

  12. CHAPTER 7: FACILITIES MANAGEMENT AND PHYSICAL SECURITY
    (pp. 160-181)

    Organizations across all industries and types need controlled environments that have specific conditions in order to properly operate and achieve their strategic goals. Such environments are contained and provided within specific facilities that have a unique and complex integration and interaction of logical, or intangible, environments and arrangements with physical, or tangible, ones. In this chapter, we will specifically discuss the issues related to the physical and tangible parts and the aspects related to facilities.

    Being used interchangeably, facilities, premises, locations, and buildings are all at the heart of this subject. With regard to BCM, facilities are critical to the...

  13. CHAPTER 8: EVACUATION PLANS
    (pp. 182-191)

    There are many incidents that go beyond affecting the technology and physical components of the organization to actually posing a serious threat to human life and the safety of people located within the premises and buildings of the organization.

    In order to ensure proper protection of human life against such serious threats, effective evacuation plans need to be in place to move people out of the building and threat perimeter away to safe areas. Naturally, evacuation plans need to fulfill this requirement in a safe manner. In other words, evacuation plans need to be safe to implement and must not...

  14. CHAPTER 9: PEOPLE AND BCM
    (pp. 192-204)

    Quite simply, people are the most important element in business continuity. By using the term people, the scope should not be restricted exclusively to the staff and employees of the organization. There are other stakeholders whom the organization is required, by law and ethics, to protect and produce proper plans for.

    BCM programs should be focused around people. First, they are the critical success factor for the BCM plans and they can also be the most vulnerable and prone to impacts and events during disasters. Fatalities, injuries, traumas, fear, demoralization, income loss, etc. are all examples of serious effects that...

  15. CHAPTER 10: BCM SOFTWARE
    (pp. 205-218)

    Implementing BCM within different types of organization is not an easy task. It never has been and never will be. The complexity of organizations, the internal and external environments, and the threat and risk topologies among other factors contribute to BCM becoming more important and more complex. A lot depends on it and the various stakeholders keep raising their requirements and expectations related to BCM programs.

    As the shape and features of organization-wide BCM disciplines started to formalize, the BCM industry was creative in designing solutions to help organizations manage their BCM demands. Among these creations was specialized BCM software,...

  16. APPENDIX 1: BCM POLICY
    (pp. 219-225)
  17. APPENDIX 2: BIA QUESTIONNAIRE
    (pp. 226-239)
  18. APPENDIX 3: BIA REPORT
    (pp. 240-266)
  19. APPENDIX 4: RISK ASSESSMENT QUESTIONNAIRE
    (pp. 267-300)
  20. APPENDIX 5: RISK ASSESSMENT REPORT
    (pp. 301-312)
  21. APPENDIX 6: BCM STRATEGY REPORT
    (pp. 313-323)
  22. APPENDIX 7: BCM PLAN
    (pp. 324-342)
  23. APPENDIX 8: ITDR PLAN
    (pp. 343-361)
  24. APPENDIX 9: EVACUATION PLAN
    (pp. 362-367)
  25. APPENDIX 10: TEST PLANS AND FORMS
    (pp. 368-380)
  26. ITG RESOURCES
    (pp. 381-384)