Ensuring operational continuity

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Ensuring operational continuity"

Transcription

1 Certification of BCMS (Business Continuity Management Systems) Standard BS

2 Certification of BCMS (Business Continuity Management System Ensuring operational continuity in the event of interruptions, whether these are due to serious incidents or minor setbacks, is a fundamental requirement of any organisation operating in today s local and international context.

3 s) Standard BS Continuity in the provision of services or the delivery of products is an asset with an economic value and must thus be adequately protected from a wide range of threats so as to ensure that company activities are carried out normally, while minimizing the damage to the company (financial and/or image) and maximizing the returns on investment. Ensuring operational continuity requires the existence of an appropriate set of measures, including policies, operating practices and organisational structures that will allow a company to fulfil its business continuity objectives. An evaluation of the effects on operations is the ideal point from which to start to determine the solutions which most effectively meet the needs of each individual company. The new-economy and globalisation have resulted in a significant improvement of electronical transactions (typical examples can be found in the banking, insurance and financial sectors) while rendering organisations increasingly interdependent (in particular insofar as the critical infrastructures are concerned, these including Energy, ICT, Finance and Transportation among others) while dependence on outsourcers for processes that are vital to the organization has increased. This situation coupled with specific sectorial requests (for example the guidelines issued by the Bank of Italy on business continuity) and the proposal for a European Directive on Critical Infrastructures, have made it necessary to develop business continuity management systems that will guarantee survival of organisations in the event of an interruption in operations while ensuring the recovery of critical activities within predetermined times and through the use of specific procedures. In addition to the perceived value, auditing by a third party is one of the advantages of having a certified Business Continuity Management System (BCMS). Indeed, unlike other management systems (qualitative, environmental, safety, etc.), such an audit includes a documentary and operational structure which is tested through exercises that allow for validation of the system being certified. The regulatory and legislative framework for operational continuity Banking regulations Basel Accord II International Convergence of Capital Measurement and Capital Standards Revised Framework June 2004; Bank for International Settlements: Basel Committee on Banking Supervision Sound Practices for the Management and Supervision of Operational Risk Bank for International Settlements ; Guidelines of the Bank of Italy for the continuity of services in wholesale markets and support systems, October 2004; Supervisory Provisions of the Bank of Italy of 21 March 2007 (published in the Supervisory Bulletin issue n. 7, July 2004, pages 7-13) Specific requirements for operational continuity in systemically relevant processes.

4 Certification of Business Continuity Management Systems (BCM - Business Continuity Management) - Standard BS Fiscal regulations DMEF (Decree of the Minister of Economy and Finance) of 23 January 2004 (Official Gazette issue 27 of 3 February 2004) Procedures for fulfilling fiscal obligations relating to electronic documents and their reproduction in different support media; Circular of the Italian Inland Revenue Service of 6 December 2006 n.36/e Ministerial Decree of 23 January Procedures for fulfilling fiscal obligations relating to electronic documents and their reproduction in different support media; Legislative Decree n. 52 of 20 February 2004 (Official Gazette issue 49 of 28 February 2004) Enactment of Directive 2001/115/EC which simplifies and harmonises invoicing procedures pertaining to V.A.T.; Circular of the Italian Inland Revenue Service of 19 October 2005 n.45/e Legislative Decree n. 52 of 20 February 2004 Enactment of Directive 2001/115/EC which simplifies and harmonises invoicing procedures pertaining to V.A.T. Regulations in the field of critical infrastructures Decree of the Ministry of the Interior of 9 January 2008 (Official journal no. 101 of 30 April 2008) Identification of critical IT infrastructures of national interest; Directive on the identification and designation of critical European infrastructures and on the evaluation of the need to improve their protection, text approved on 5 June 2008 by the Justice and Home Affairs Council of the European Union. Other applicable regulations Legislative Decree no. 196 of 30 June 2003 (Official journal no. 174 of 29 July 2003) Personal data protection code; Prime Ministerial Decree of 13 January 2004 (Official journal no. 98 of 27 April 2004) Technical specifications for the creation, transfer, storage, duplication, reproduction, and validation, including by time-stamp, of electronic documents; Legislative Decree of 2 November 2005 (Official journal no. 266 of 15 November 2005) Technical specifications for the creation, transfer and validation, including by time-stamp, of certified ; Resolution no. 4, 17 February 2005 of the National Centre for IT in Public Administrations (Official journal no. 51 of 3 March 2005) Rules for the recognition and verification of the electronic document Voluntary regulations: BS Business continuity management Part 2: Specification BS Business continuity management Part 1: Code of practice CSQ-BCM certification Thanks to the great levels of experience CSQ has gained through his work in major areas of production, he is able to offer services to companies that wish to compare their methods with BS , which is the new standard of reference on business continuity. BS 25999, the world s first standard on business continuity management, was developed by British standardisation

5 body BSI to reduce the risk of such interruptions to a minimum, this being a priority of many companies. CSQ has developed the CSQ-BCM scheme for issuing of BS certification. CSQ-BCM allows organisations to certify their own Operational Continuity System (OCS), through assessment of: The scope of the BCMS The Business Continuity Policy BIA Business Impact Analysis Risk Assessment Risk handling choices The existence of an organisation dedicated to the management of incidents and operational continuity Implementation of the provisions set up for operational continuity Procedures for the management of operational continuity Assessment and periodic review of the BCMS adopted The certification process This generally takes place in at least two phases, both of which aim to identify compliance with BS Phase 1: Audit on documentation. Assessment of the documentation supporting the BCMS, from the business continuity management manual to the document on business impact analysis and risk assessment. This can be carried out within the organization and involves all the major documents pertaining to the Business Continuity Management System. Phase 2: Audit on organization On site visit for interviews, examination of documents, comparisons of formal procedures and operating practices. The goal is to ensure that the organisation adheres to its own policies, objectives and procedures and that the OCS is efficiently imple-

6 Certification of Business Continuity Management Systems (BCM - Business Continuity Management) - Standard BS mented, maintained and improved. The objectives To provide a consistent infrastructure that is based on the best international practices with which to manage operational continuity. To identify any impacts that could threaten the organisation and provide a model to ensure resilience and the ability to react in a feasible manner so as to safeguard the interests of the main stakeholders, the reputation, brand and the activities that create added value. To proactively improve resilience in case of interruption, so as to ensure that key objectives are reached. To provide an effective method for recovering the capacity to deliver critical products and services at a predefined level and within a specified time following an interruption. To offer an appropriate response for managing an interruption. To provide a clear comprehension of how the entire organisation operates and to identify opportunities for improvement. To make it possible to reduce the insurance premium for the interruption of operations. IMQ accreditations 1. IMQ is accredited by SINCERT to issue certifications that comply with the ISO/IEC standard in all sectors included in the international EA (European Cooperation for Accreditation) classification. 2. IMQ's Security Testing Laboratory assesses IT security according to the ITSEC and Common Criteria (ISO/IEC 15408) standards. The laboratory is accredited by National Schemes for the Evaluation and Certification of the Security of ICT Systems and Products. Advantages of CSQ-BCM certification Certifying a business continuity management system makes it possible to: ensure adherence to contractual and legislative requirements; strengthen a company s credibility and visibility while safeguarding its image and assets and facilitating recovery from interruptions; reduce the cost of incidents; efficiently finalise the investments used to implement the incident management and operational continuity plans; ensure and prove to stakeholders that all instruments and technical and organisational measures are in place to ensure the delivery of critical products and services.

7 Ensuring continuity of transactions; Ensuring data protection and recovery; Recovering critical services within established time. The banking sector and by extension its strategic partners can use the certification of their own BCMS to provide objective evidence of compliance with the directives of the Bank of Italy so as to ensure the continuity of operations. Certification of Operational Continuity Systems: Major industrial sectors and areas covered The need to guarantee that products and/or services continue to be delivered even in the case of serious incidents of any type (such as natural disasters, breakdowns, strikes, acts of terrorism or vandalism, etc.) is now a requirement of all organisations. Indeed, we note that in such a context, business continuity in a general sense cannot be ensured solely by the introduction of technical elements, as it requires appropriate organisation and procedures. Furthermore, the management of operational continuity is strongly based on the participation of all key personnel and in certain cases of suppliers, clients and other stakeholders. Organisations must therefore identify specific critical areas depending on the sector they operate in. Financial Sector Financial services are carried out throughout different sectors ranging from banks to insurance companies, all of which share the need to utilise network systems for data and funds transactions. In this sector, the following are important: The Utilities Sector Suppliers of energy, telecommunications, transportation, etc. are among Italy s critical infrastructures. The transposition of European Directives in this area results in the implementation of plans guaranteeing the continuity of supply and services and BCMS certification will be the natural way to ensure that the emergency management system is updated, appropriate and in a state of continual improvement. Industry and Sales The Industry and Sales sectors must guarantee production or the provision of services in the advent of a disaster, by anticipating possible scenarios and being prepared and trained to ensure survival of the organisation while ascertaining that its own critical suppliers are equally prepared to do so. It does not suffice to be optimistic that such a thing will not occur, while it is always best to be prepared for the worst. Certification of a company s BCMS also provides the advantage of a better image and more opportunities compared to the competitors. The Public Sector The Public Sector includes many different areas, for which the issue of operational continuity is of fundamental importance; in particular, this involves public administration (PA), defence, health and the provision of services to citizens. Understanding an organisation s particular situation and the threats that it may be subject to, analyzing the possible scenarios and the impacts to services and infrastructures, planning ahead to reduce the impact of these disastrous events, managing incidents and having plans in place that will allow for recovery of operations should be the duty of any good public administration. Certifying an operational continuity system means ensuring that what has been planned is consistent, updated, efficient and tested, while it is periodically reviewed and improved.

8 ABOUT US The IMQ group is Italy's leading organisation in conformity assessment (certifications, tests, verifications and inspections). With the synergies of its companies, its prestige gained from more than 50 years of experience and a complete range of services, the IMQ Group is the partner of choice for companies who are committed to safety and quality. The IMQ group operates in numerous sectors, from the electro-technical and electronics industries to telecommunications, the automotive industry, the gas sector, plant engineering, construction products and the food and agricultural industry. The IMQ group can provide general or targeted services for each product category, based on needs, including product certification, certification for EC directives, company management system certification, inspections of systems and property, laboratory tests, international type tests, assistance with exports, surveillance of manufacturing abroad, as well as assistance with technical formalities and training. The comprehensive range of services is delivered through the expertise gained in numerous product categories from IMQ group companies: IMQ S.p.A., CSI S.p.A., IMQ Primacontrol S.r.l., IMQ Clima S.p.A., ICILA S.r.l., IMQ Iberica SL, IMQ Kraków R.O., IMQ Shanghai R.O. (Representative Office in China). The IMQ Group also has a holding in Istituto Giordano S.p.A., in CISQCERT S.p.A. and in Icube S.A. (Argentina). mod.1131/0/e- 2009/1 -Med. 250 MILAN - ROME - BARCELONA - MADRID - KRAKÓW - SHANGHAI - BUENOS AIRES

Reputation. Further excellence. business continuity. risk management. Data security

Reputation. Further excellence. business continuity. risk management. Data security Reputation competitive advantage speed to market safety Further excellence trust Data security risk management business continuity HOW CAN YOU CREATE AND SECURE SUSTAINABLE BUSINESS? SOLUTIONS FOR MANAGING

More information

BS 25999 BUSINESS CONTINUITY MANAGEMENT

BS 25999 BUSINESS CONTINUITY MANAGEMENT BS 25999 BUSINESS CONTINUITY MANAGEMENT AUDIT, CERTIFICATION & training services HOW CAN YOU ENSURE BUSINESS CONTINUITY? BS 25999 AUDITS & CERTIFICATION FROM SGS Most organisations will, at some point,

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not

More information

Company Management System. Business Continuity in SIA

Company Management System. Business Continuity in SIA Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT

More information

HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING

HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYSTEMS Most organisations will, at some point, be faced with having to respond

More information

Proposal for Business Continuity Plan and Management Review 6 August 2008

Proposal for Business Continuity Plan and Management Review 6 August 2008 Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.

More information

Business Continuity in SIA

Business Continuity in SIA Aim of the document: This document describes how SIA develops, implements and maintains its business continuity management system, applying what is stated in the company Business Continuity Guidelines,

More information

Independent third-party company specialized in second and third-party audits

Independent third-party company specialized in second and third-party audits Independent third-party company specialized in second and third-party audits SOCIETY PRESENTATION From several years, AUDIT S.r.l. deals with second and third-party audit services for verification of compliance

More information

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd

By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd BS 25999 Business Continuity Management By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd 1 Contents slide BSI British Standards 2006 BS 25999(Business Continuity) 2002 BS 15000

More information

BANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS

BANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS BANK OF RUSSIA RECOMMENDATIONS ON STANDARDISATION RS BR IBBS-2.1-2007 MAINTENANCE OF INFORMATION SECURITY OF THE RUSSIAN BANKING SYSTEM ORGANISATIONS GUIDELINES FOR SELF-ASSESSMENT OF CONFORMITY OF INFORMATION

More information

BELAC ACTIVITIES : DESCRIPTION AND CRITERIA FOR SELECTION

BELAC ACTIVITIES : DESCRIPTION AND CRITERIA FOR SELECTION BELAC 1-03 Rev 4-2016 BELAC ACTIVITIES : DESCRIPTION AND CRITERIA FOR SELECTION The only valid versions of the documents of the BELAC management system are those available from the internet website (www.belac.fgov.be).

More information

Principles for BCM requirements for the Dutch financial sector and its providers.

Principles for BCM requirements for the Dutch financial sector and its providers. Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011

More information

SUPERVISORY AND REGULATORY GUIDELINES: PU19-0406 BUSINESS CONTINUITY GUIDELINES

SUPERVISORY AND REGULATORY GUIDELINES: PU19-0406 BUSINESS CONTINUITY GUIDELINES SUPERVISORY AND REGULATORY GUIDELINES: PU19-0406 Business Continuity Issued: 1 st May, 2007 Revised: 14 th October 2008 BUSINESS CONTINUITY GUIDELINES I. INTRODUCTION The Central Bank of The Bahamas (

More information

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA 1 Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012 To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached

More information

August 2013 Recommendations for Business Continuity Management (BCM)

August 2013 Recommendations for Business Continuity Management (BCM) August 2013 Recommendations for Business Continuity Management (BCM) 1 Background and objectives... 2 2 Principles... 3 3 Scope of application and threats... 4 4 Recommendations... 6 4.1 Definition and

More information

BCP and DR. P K Patel AGM, MoF

BCP and DR. P K Patel AGM, MoF BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management

More information

ISO The Route Map to Business Continuity Management

ISO The Route Map to Business Continuity Management ISO 22301- The Route Map to Business Continuity Management John A. DiMaria; CSSBB, HISP, MHISP, AMBCI ISO Product Manager; BSI Group Americas Inc. Agenda A basic understanding of ISO 22301:2012 How identifying

More information

De Nederlandsche Bank N.V. May 2011. Assessment Framework for Financial Core Infrastructure Business Continuity Management

De Nederlandsche Bank N.V. May 2011. Assessment Framework for Financial Core Infrastructure Business Continuity Management De Nederlandsche Bank N.V. May 2011 Assessment Framework for Financial Core Infrastructure Business Continuity Management Contents INTRODUCTION... 3 BUSINESS CONTINUITY MANAGEMENT STANDARDS... 5 1. STRATEGY

More information

November 2007 Recommendations for Business Continuity Management (BCM)

November 2007 Recommendations for Business Continuity Management (BCM) November 2007 Recommendations for Business Continuity Management (BCM) Recommendations for Business Continuity Management (BCM) Contents 1. Background and objectives...2 2. Link with the BCP Swiss Financial

More information

BS a framework for resilience and success. Robert Whitcher BCI Webinar June, 2009

BS a framework for resilience and success. Robert Whitcher BCI Webinar June, 2009 BS 25999 a framework for resilience and success Robert Whitcher BCI Webinar June, 2009 2 Scope of Presentation The Standards process Drivers for BCM and BS 25999 BS 25999 development Overview of BS 25999

More information

Accreditation in Europe

Accreditation in Europe Accreditation in Europe Facilitating regulatory compliance and international trade ACCREDITATION INSPECTION TESTING CALIBRATION EXAMINATION VERIFICATION CERTIFICATION About the EA The EA is appointed by

More information

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT

CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14

More information

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY

NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY AUTHOR/ APPROVAL DETAILS Document Author Written By: Human Resources Authorised Signature Authorised By: Helen Shields Date: 20

More information

Advisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities

Advisory Guidelines of the Financial Supervision Authority. Requirements for Organising the Business Continuity Process of Supervised Entities Advisory Guidelines of the Financial Supervision Authority Requirements for Organising the Business Continuity Process of Supervised Entities These advisory guidelines were established by Resolution No

More information

PRODUCT CONFORMITY ASSESSMENT

PRODUCT CONFORMITY ASSESSMENT PRODUCT CONFORMITY ASSESSMENT ENHANCING INTERNATIONAL TRADE IN TODAY S GLOBALIZED MARKETS AND FAST GROWING ECONOMY, THE INCREASING VOLUMES OF GOODS TRADED BETWEEN COUNTRIES IS NOT ONLY THE SIGN OF MUTUAL

More information

Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems

Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems Business Continuity Management and BS 25999 by Steve Chan, Head of Training - HK, BSI Management Systems 9 April, 2008 2 Presentation content Drivers for Business Continuity Standards and definitions.

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective

More information

Business Continuity Management Policy

Business Continuity Management Policy Business Continuity Management Policy Business Continuity Policy Version 1.0 1 Version control Version Date Changes Author 0.1 April 13 1 st draft PH 0.2 June 13 Amendments in line with guidance PH 0.3

More information

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK

BUSINESS CONTINUITY MANAGEMENT FRAMEWORK BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business

More information

Business Continuity Planning. A guide to loss prevention

Business Continuity Planning. A guide to loss prevention Business Continuity Planning A guide to loss prevention There are many statistics quoted about the effect that a lack of planning for a disaster has on a business. What s certain is that any unplanned

More information

BUSINESS CONTINUITY FRAMEWORK

BUSINESS CONTINUITY FRAMEWORK BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational

More information

Coping with a major business disruption. Some practical advice

Coping with a major business disruption. Some practical advice Coping with a major business disruption Some practical advice Coping with a major business disruption What is business continuity? Business continuity planning (BCP) is a management process that helps

More information

Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità

Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Massimo Cacciotti Business Services Manager BSI Group Italia Agenda BSI: Introduction 1. Why we need BCM? 2. Benefits of BCM

More information

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.

Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management

More information

HKCS RESPONSE COMMONLY ACCEPTED AUDIT OR ASSESSMENT MECHANISM TO CERTIFY INFORMATION SECURITY STANDARDS

HKCS RESPONSE COMMONLY ACCEPTED AUDIT OR ASSESSMENT MECHANISM TO CERTIFY INFORMATION SECURITY STANDARDS Hong Kong Computer Society Room 1915, 19/F, China Merchants Tower, Shun Tak Centre, 168 Connaught Road Central, Hong Kong Tel: 2834 2228 Fax: 2834 3003 URL: http://www.hkcs.org.hk Email: hkcs@hkcs.org.hk

More information

Business Risk Consulting Group. Strengthening Business Resilience

Business Risk Consulting Group. Strengthening Business Resilience Business Risk Consulting Group Strengthening Business Resilience From our board of directors viewpoint on corporate governance, the business impact analysis allowed us to demonstrate that we had considered,

More information

National Security Auditing Criteria (KATAKRI) version II, 2011

National Security Auditing Criteria (KATAKRI) version II, 2011 FINNISH NATIONAL SECURITY AUTHORITY National Security Auditing Criteria (KATAKRI) version II, 2011 This translation of the Finnish KATAKRI criteria has been slightly modified from the national version

More information

Business Continuity Management Policy

Business Continuity Management Policy Governance: Business Committee Policy Owner: Chief Superintendent, Corporate Services Department: Corporate Services Policy Number: 002 Version: 3.0 Policy Writer: Business Continuity Co-ordinator Effective

More information

Business Continuity Policy and Business Continuity Management System

Business Continuity Policy and Business Continuity Management System Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain

More information

Audit of the control body through the monitoring of compliance with control plan. Measures for the irregularities

Audit of the control body through the monitoring of compliance with control plan. Measures for the irregularities Workshop on verification of compliance with product specification for PDO, PGI and TSG Audit of the control body through the monitoring of compliance with control plan Measures for the irregularities Viktorija

More information

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan? Business Continuity Is your Business Prepared for the worse? Major emergencies can develop suddenly without warning. Situations can threaten and disrupt your business and impact upon you and your staff.

More information

Global Statement of Business Continuity

Global Statement of Business Continuity Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.

More information

West Sussex County Council Resilience Policy

West Sussex County Council Resilience Policy West Sussex County Council Resilience Policy INDEX page 2 Policy Statement page 3 Vision Statement,Values and General Principles page 4 Introduction and purpose page 4 Scope of the Policy page 4 The Council

More information

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015

Business Continuity Management Governance. Frank Higgins Abu Dhabi March 2015 Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity

More information

Table of Contents... 1

Table of Contents... 1 ... 1 Chapter 1 Introduction... 4 1.1 Executive Summary... 4 1.2 Goals and Objectives... 5 1.3 Senior Management and Board of Directors Responsibilities... 5 1.4 Business Continuity Planning Processes...

More information

Business Continuity Standards A Primer

Business Continuity Standards A Primer INTELLIGENT NOTIFICATION Alphabet Soup: Making Sense of BC/DR Standards Part 1: Business Continuity Standards A Primer Why all the attention now? One of the hottest topics in BC/DR these days is standards.

More information

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy

WEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy WEST YORKSHIRE FIRE & RESCUE SERVICE Business Continuity Management Strategy Date Issued: 12 November 2012 Review Date: 12 November 2015 Version Control Version Number Date Author Comment 0.1 June 2011

More information

DIRECT REGISTRATION OF NON-RESIDENT SUBJECTS FOR VAT PURPOSES DECLARATION FOR DIRECT REGISTRATION, CHANGE OR DETAILS OR CESSATION OF ACTIVITY

DIRECT REGISTRATION OF NON-RESIDENT SUBJECTS FOR VAT PURPOSES DECLARATION FOR DIRECT REGISTRATION, CHANGE OR DETAILS OR CESSATION OF ACTIVITY Form ANR/3 Revenue Agency DIRECT REGISTRATION OF NON-RESIDENT SUBJECTS FOR VAT PURPOSES DECLARATION FOR DIRECT REGISTRATION, CHANGE OR DETAILS OR CESSATION OF ACTIVITY COMPLETION INSTRUCTIONS (unless otherwise

More information

ISO & Business Continuity Management System Standards and Application for Incident Communication Plans

ISO & Business Continuity Management System Standards and Application for Incident Communication Plans ISO 22301 & 22313 Business Continuity Management System Standards and Application for Incident Communication Plans ISO 22301 & 22313: Business Continuity Management System Standards and Application for

More information

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT

Introduction UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT INFORMATION SECURITY: UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT FACTSHEET This factsheet will introduce you to Business Continuity Management (BCM), which is a process developed to counteract systems

More information

Cyber Security solutions

Cyber Security solutions Cyber Security solutions The scenario IT security has become a highly critical issue for all businesses as a result of the growing pervasiveness and diffusion of ICT technology. Risks can arise both inside

More information

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES

Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES Monetary Authority of Singapore BUSINESS CONTINUITY MANAGEMENT GUIDELINES June 2003 TABLE OF CONTENTS 1.0 INTRODUCTION... 1 1.1 READINESS IS YOUR ONLY PROTECTION... 1 1.2 APPLICATION OF THE GUIDELINES...

More information

Moving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide

Moving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide Transition Guide Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems Extract from The Route Map to Business Continuity Management: Meeting the

More information

Business Continuity Plan Toolkit

Business Continuity Plan Toolkit Business Continuity Plan Toolkit March 2015 1 Contents The Template instructions for use... 2 Introduction... 3 What is the purpose of this toolkit?... 3 Why do you need a Business Continuity Plan?...

More information

GUIDANCE DOCUMENT FOR COMPLETION OF RESIDENTIAL CARE ESTABLISHMENTS BUSINESS CONTINUITY PLAN TEMPLATE WEST MIDLANDS

GUIDANCE DOCUMENT FOR COMPLETION OF RESIDENTIAL CARE ESTABLISHMENTS BUSINESS CONTINUITY PLAN TEMPLATE WEST MIDLANDS GUIDANCE DOCUMENT FOR COMPLETION OF RESIDENTIAL CARE ESTABLISHMENTS BUSINESS CONTINUITY PLAN TEMPLATE WEST MIDLANDS 1 st EDITION Page 1 of 18 INTRODUCTION This document is to be used in conjunction with

More information

Certified Once Accepted Everywhere. How does Accredited Certification benefit Regulators?

Certified Once Accepted Everywhere. How does Accredited Certification benefit Regulators? Certified Once Accepted Everywhere How does Accredited Certification benefit Regulators? How does Accredited Certification benefit Regulators? Government bodies and regulators are constantly called upon

More information

Business Continuity Management Framework 2014 2017

Business Continuity Management Framework 2014 2017 Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity

More information

BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS

BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3

More information

Business Continuity Planning

Business Continuity Planning Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why

More information

Disaster Management and Business Continuity Plan for Bankers

Disaster Management and Business Continuity Plan for Bankers Introduction Business interruptions can occur anywhere, anytime. Massive hurricanes, tsunamis, power outages, terrorist bombings and more have made recent headlines. It is impossible to predict what may

More information

Overview of GFSI and Accredited Certification

Overview of GFSI and Accredited Certification Overview of GFSI and Accredited Certification Overview of GFSI and Accredited Certification Introduction Global food trade is expanding and providing consumers with access to a wider variety of foods all

More information

Domain 3 Business Continuity and Disaster Recovery Planning

Domain 3 Business Continuity and Disaster Recovery Planning Domain 3 Business Continuity and Disaster Recovery Planning Steps (ISC) 2 steps [Har10] Project initiation Business Impact Analysis (BIA) Recovery strategy Plan design and development Implementation Testing

More information

DRAFT Revised Guide to the National CDEM Plan 2015 July 2015

DRAFT Revised Guide to the National CDEM Plan 2015 July 2015 19. Planning Summary Planning involves the proactive coordination of CDEM Group and agency activities in the medium to long term, with the intention of achieving a unified effort that works towards a common

More information

RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief

RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief INTRODUCTION Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet

More information

Act. on the Type Approval of Certain Construction Products. Issued in Helsinki 21 December 2012

Act. on the Type Approval of Certain Construction Products. Issued in Helsinki 21 December 2012 NB: Unofficial translation; legally binding texts are those in Finnish and Swedish Act on the Type Approval of Certain Construction Products Issued in Helsinki 21 December 2012 In accordance with the decision

More information

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini Personal data and cloud computing, the cloud now has a standard by Luca Bolognini Lawyer, President of the Italian Institute for Privacy and Data Valorization, founding partner ICT Legal Consulting Last

More information

Business Continuity Business Continuity Management Policy

Business Continuity Business Continuity Management Policy Business Continuity Business Continuity Management Policy : Date of Issue: 28 January 2009 Version no: 1.1 Review Date: January 2010 Document Owner: Patricia Hughes Document Authoriser: Tony Curtis 1 Version

More information

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745

Institute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745 ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan

More information

Standards and accreditation. Tools for delivering better regulation

Standards and accreditation. Tools for delivering better regulation Standards and accreditation Tools for delivering better regulation Introduction Standards and accreditation are marketbased tools that can be used by Government policy makers to deliver better regulation.

More information

Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council

Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council Introduction to Business Continuity Management (BCM) Andy Fyfe MBCI Resilience Manager Buckinghamshire County Council Aim To provide an introduction to Business Continuity Management (BCM). Objectives

More information

Risk Management Guidelines

Risk Management Guidelines Business Continuity Management Understanding Risk We live in an unpredictable world. No matter how effectively a business protects itself through insurance, there are some risks that cannot be anticipated,

More information

Foreword 2 STO BR IBBS-1.1-2007

Foreword 2 STO BR IBBS-1.1-2007 BANK OF RUSSIA STANDARD STO BR IBBS-1.1-2007 INFORMATION SECURITY OF RUSSIAN BANKING INSTITUTIONS INFORMATION SECURITY AUDIT* Date enacted: 1 May 2007 Moscow 2007 2 STO BR IBBS-1.1-2007 Foreword 1. ADOPTED

More information

Is securing personal information a priority? Reassure clients and achieve data protection compliance with BS 10012

Is securing personal information a priority? Reassure clients and achieve data protection compliance with BS 10012 Is securing personal information a priority? Reassure clients and achieve data protection compliance with BS 10012 Make protection of personal information your priority and safeguard your reputation. Comply

More information

Business Continuity (Policy & Procedure)

Business Continuity (Policy & Procedure) Business Continuity (Policy & Procedure) Publication Scheme Y/N Can be published on Force Website Department of Origin Force Operations Policy Holder Ch Supt Head of Force Ops Author Business Continuity

More information

Business Continuity Management. Christoph Stute Guatemala 28 29 March 2012

Business Continuity Management. Christoph Stute Guatemala 28 29 March 2012 Financial Risk Management and Business Continuity Management Christoph Stute Guatemala 28 29 March 2012 Financial Risk Management Christoph Stute Guatemala 28 29 March 2012 Risk Management in Banks Regulatory

More information

Emergency Response and Business Continuity Management Policy

Emergency Response and Business Continuity Management Policy Emergency Response and Business Continuity Management Policy Owner: John Duffy, Registrar & Secretary Last updated: September 2012 Version: 04 Document control Date Version Author Changes To be populated

More information

Regulations for the certification of environmental management systems in conformity with UNI EN ISO 14001:2004

Regulations for the certification of environmental management systems in conformity with UNI EN ISO 14001:2004 Regulations for the certification of environmental management systems in conformity with UNI EN ISO 14001:2004 00 24/04/2013 Annulla e sostituisce il documento Regulations for the certification of environmental

More information

Business Continuity Management. Policy Statement and Strategy

Business Continuity Management. Policy Statement and Strategy Business Continuity Management Policy Statement and Strategy November 2011 Title Business Continuity Management Policy & Strategy Date of Publication: Cabinet Council Published by Borough Council of King

More information

Corporate Information Security Policy

Corporate Information Security Policy Corporate Information Security Policy. A guide to the Council s approach to safeguarding information resources. September 2015 Contents Page 1. Introduction 1 2. Information Security Framework 2 3. Objectives

More information

Information and Communication Technology. Service Continuity Plan

Information and Communication Technology. Service Continuity Plan BELA-BELA LOCAL MUNICIPALITY Chris Hani Drive, Bela- Bela, Limpopo. Private Bag x 1609 BELA-BELA 0480 Tel: 014 736 8000 Fax: 014 736 3288 Website: www.belabela.gov.za OFFICE OF THE MUNICIPAL MANAGER Information

More information

GROUP POLICY TO COMBAT MONEY LAUNDERING AND TERRORIST FINANCING. Anti-Money Laundering Policy

GROUP POLICY TO COMBAT MONEY LAUNDERING AND TERRORIST FINANCING. Anti-Money Laundering Policy PAG. 1 DI 37 GROUP POLICY TO COMBAT MONEY LAUNDERING AND TERRORIST FINANCING Anti-Money Laundering Policy MACROPROCESS PROCESS TITLE DATE OF UPDATE PROTOCOL NO. 6 INTERNAL AND DEVELOPMENT PROCESSES 6.02

More information

5581/16 AD/NC/ra DGE 2

5581/16 AD/NC/ra DGE 2 Council of the European Union Brussels, 21 April 2016 (OR. en) Interinstitutional File: 2013/0027 (COD) 5581/16 LEGISLATIVE ACTS AND OTHER INSTRUMTS Subject: TELECOM 7 DATAPROTECT 6 CYBER 4 MI 37 CSC 15

More information

Business continuity management (BCM) for insurance companies in Switzerland minimum standards and recommendations

Business continuity management (BCM) for insurance companies in Switzerland minimum standards and recommendations Business continuity management (BCM) for insurance companies in Switzerland minimum standards and recommendations June 2015 2 Publication details Recipients: All insurance companies supervised by Finma

More information

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA

PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA Chapter-4: Business Continuity Planning and Disaster Recovery Planning PAPER-6 PART-5 OF 5 CA A.RAFEQ, FCA Learning Objectives 2 To understand the concept of Business Continuity Management To understand

More information

Memorandum of Understanding

Memorandum of Understanding Memorandum of Understanding between Department for Business, Innovation and Skills and United Kingdom Accreditation Service Page 1 of 13 Contents 1 Purpose... 3 2 Background... 3 3 Scope of activity...

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...

More information

Information Security: Business Assurance Guidelines

Information Security: Business Assurance Guidelines Information Security: Business Assurance Guidelines The DTI drives our ambition of prosperity for all by working to create the best environment for business success in the UK. We help people and companies

More information

Business Continuity Management Standard and Guide

Business Continuity Management Standard and Guide Business Continuity Management Standard and Guide AE/HSC/NCEMA 7000: 2012 Version 1 His Highness Sheikh Khalifa Bin Zayed Al Nahyan President of the United Arab Emirates Chairman of the Supreme Council

More information

Statement of Guidance

Statement of Guidance Statement of Guidance Business Continuity Management All Licensees 1. Statement of Objectives 1.1. To enhance the resilience of the financial sector and to minimise the potential impact of a major operational

More information

Regulations for certification of quality management systems

Regulations for certification of quality management systems Regulations for certification of quality management systems 00 24/04/2013 Annulla e sostituisce il documento Regulations for certification of quality management systems in rev. 14 SG DIR AD Rev. Data Descrizione

More information

ISO/IEC 27001:2013 Your implementation guide

ISO/IEC 27001:2013 Your implementation guide ISO/IEC 27001:2013 Your implementation guide What is ISO/IEC 27001? Successful businesses understand the value of timely, accurate information, good communications and confidentiality. Information security

More information

Guidelines on business continuity for market infrastructures

Guidelines on business continuity for market infrastructures 1. Introduction Guidelines on business continuity for market infrastructures In July 2013 the Banca d Italia issued a set of requirements for business continuity for banks (Annex A). The increasing complexity

More information

Business continuity management policy

Business continuity management policy Business continuity management policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSADPN001b S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review

More information

HEALTH AND SOCIAL CARE BOARD POLICY ON BUSINESS CONTINUITY MANAGEMENT

HEALTH AND SOCIAL CARE BOARD POLICY ON BUSINESS CONTINUITY MANAGEMENT HEALTH AND SOCIAL CARE BOARD POLICY ON BUSINESS CONTINUITY MANAGEMENT February 2012 1 Role of the Health and Social Care Board The role of the Health and Social Care Board (the Board) is broadly contained

More information

Prudential Practice Guide

Prudential Practice Guide Prudential Practice Guide LPG 232 Business Continuity Management March 2007 www.apra.gov.au Australian Prudential Regulation Authority Disclaimer and copyright This prudential practice guide is not legal

More information

Revenue s Data Strategy

Revenue s Data Strategy Revenue s Data Strategy April 2010 1. Introduction. Data /Statistics Strategy for Revenue Commissioners 1.1 This Data/Statistics Strategy ( Data Strategy ) has been developed in accordance with a Government

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 2.0 Date: April 2015 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 POLICY STATEMENT... 4 Core

More information

Risk Management How to manage your brand & build business resilience to improve your bottom line

Risk Management How to manage your brand & build business resilience to improve your bottom line 2010 RMIA Members Forum Primary focus for RMIA in 2011 Risk Management How to manage your brand & build business resilience to improve your bottom line Grant Whitehorn RMIA Chief Executive Officer CPA

More information