ISO 22301: Societal Security Terminology ISO 22313: BCMS Guidance ISO 22398: Exercises and Testing - Guidance
|
|
- Jennifer Sanders
- 8 years ago
- Views:
Transcription
1 The Impact of ISO Moving Your BCM Program to a Management System Implementing the Newly Approved International Business Continuity Management System Standard & Guidance Documents ISO 22301: Societal Security Terminology ISO 22313: BCMS Guidance ISO 22398: Exercises and Testing - Guidance We have all sat through presentations on How to Get and Keep Management Support for Your BCM Program. The problem is now solved. The new question becomes, How to Implement an Auditable and Internationally-Accepted Business Continuity Management System. Moving your business continuity program to a management system requires management commitment. It involves embedding business continuity management into the culture of the organization. It is the endgame. It is what we have been seeking. We finally have a standard method for BCM program development and improvement. We no longer need to rely on Consultant X s Patented Approach. We no longer have to discuss and argue about definitions. The vocabulary is defined. So how to you begin? 1. Learn about the standards. Buy them. Read them. Study them. Take classes on how to implement them. 2. Benchmark your current program against the requirements of the standards. What s missing? In what areas can you improve your program? 3. Use the guidance documents to guide you through the process (it s why they re there!) 4. Demonstrate to management how the implementation of the standard will increase the resilience of your organization. Learn About the Standards ISO 22301: Societal Security Business Continuity Management Systems Requirements is one standard that is part of a series of standards developed with the intention to, as defined in ISO 22312: Technical Specifications, work towards international standardization that provides protection from and response to risks of unintentionally, intentionally, and naturally-caused crises and disasters that disrupt and have consequences on societal functions. This series of standards address the public planning & response as well as private sector planning & response. The intent of ISO is to provide the structure for an organization to design a BCMS that is appropriate to its needs and that meets its interested parties requirements. Built upon the foundation of British Standard : 2007, it provides a framework for both BCM program development and improvement. If you are familiar with the requirements of BS you will note the following changes or modifications: New! Understanding of the Organization and its Context It is important for the cornerstone of the BCMS to be built upon an understanding of what internal and external factors should be taken into consideration when evaluating risk management and the requirements of interested parties. Terminology has been changed from key stakeholder to interested parties. Determining the Scope of the System Organizations must now document and explain exclusions from the scope of the BCMS.
2 Leadership & Support The standard is very specific on how management demonstrates is commitment. ISO includes the other requirements as well for competency of personnel and the required resources included in BS The Business Impact Analysis & Risk Assessment New Term! Minimum Business Continuity Objective (MBCO): Minimum level of services and/or products that is acceptable to the organization to achieve its business objectives during a disruption. Maximum Tolerable Period of Disruption (MTPD) and Maximum Acceptable Outage (MAO) have been redefined as, time it would take for adverse impacts, which might arise as a result of not providing a product/service or performing an activity, to become unacceptable. The combination of Recovery Time Objective (RTO) and MBCO and setting prioritized timeframes for recovery of activities at a minimum acceptable level taking into consideration the time within which the impacts of not resuming them would become unacceptable is new language regarding the Business Impact Analysis. Regarding Risk Management, ISO specifically points to ISO 31000: Risk Management Principles and Guidelines as a reference to how to manage risk. Just like in BS 25999, the scope of the risk assessment may be limited to the scope of the business continuity management system. It can also be enterprise risk management, but is not a requirement for ISO Business Continuity Strategy What is interesting about how ISO has worded this section of the standard is that it requires the organization to differentiate between how it is going to mitigate identified risks that require treatment and those activities and their dependencies that need to have strategies developed to stabilize, continue, resume, and recover their operation as well as mitigate, respond to, and manage impacts. ISO (Guidance) offers these examples of what this might include.
3 Establishing Resource Requirements ISO draws a direct connection between the outputs of the BIA and RA and the development of risk treatments, including strategies for continuity and recovery. Included in this step is the establishment of resource requirements with the specific types of resources to be considered (at a minimum) as illustrated in the graphic. Business Continuity Objectives & the Plans to Achieve Them, Implementing Business Continuity Procedures, and Communication This section of the Standard is where there have been significant changes in both the organization and framework. In BS , there was an incident response structure with incident management plan content as well as requirements for any types of plans. These requirements remain but have been expanded upon. Expanded Focus on Communication In ISO the focus is much larger in scope and in requirements. In addition to the required incident response structure, there is a focus on communication of business continuity requirements and objectives as well as a warning and communication structure that is to be used to detect an incident, to monitor an incident, to document an incident, and the means of communicating during and after an incident. Included also is the need to document what will be communicated, when to communicate, and to whom to communicate. The organization must also establish procedures for receiving communications from interested parties. ISO has included requirements of ASIS.SPC.1:2009 and NFPA 1600:2010 in this section. As part of the planning stage, the organization must document the following resource requirements:
4 The following sections included in ISO do not vary significantly in intent or requirements from BS although they may be found organized differently between the two standards: Legal and regulatory requirements Policy Documented information Awareness Exercising and Testing Performance Evaluation, Continuous Improvement, Audit with the exception that ISO does not include the requirement for preventive actions. Benchmark your current program against the requirements of the standards. What s missing? In what areas can you improve your program? This is where the real work begins. Certifying Bodies often report that 90% of the time and resources required for a certification audit is in the preparation for the audit and not the audit itself. Don t underestimate the time it will take to bring your organization into conformance with a standard. But the upside is, it gives you specific program improvement goals and objectives that should provide for an annual budget. Use the guidance documents to guide you through the process (it s why they re there!) Yes, each standard and the guidance documents cost money. You can find out the exact cost by visiting ISO 22300: Societal Security - Terminology: Use this as a reference for how the world is going to be using terms related to business continuity in the future. Consider the need to modify and update how your organization defines terms and the relevance of aligning to international standards (or not). ISO 22313: Societal Security Business Continuity Management Systems Guidance: A great resource for how to interpret the requirements of ISO Kind of like having a teacher s guide for the standard. This document is also utilized by Certifying Bodies as a reference document for understanding the requirements. ISO 22398: Societal Security Exercises and Testing - Guidance: Learn how to manage your testing and exercise program. Why are tests pass or fail and exercises a demonstration improvement of the system? Activities are organized as discussion-based or operationally-based. Includes great Annexes with examples of how to do everything from create a scenario to how to evaluate the exercise itself. Demonstrate to management how the implementation of the standard will increase the resilience of your organization This is really where the rubber meets the road or how you can gain traction. Sometimes program leadership is not interested in aligning their customized and internally created program to a management system. The argument is made that if they tell senior management that changes need to be made that they will question the quality of the current program.
5 Do you want management to believe that they have a state-of-the-art program only to discover later that it didn t meet the requirements of an international standard? A management system requires continual improvement. A management system involves management. It requires management to demonstrate commitment. The standard provides a baseline for what that commitment looks like and the requirements of the program leadership. A management system approach (versus the current often siloed approach) is more efficient and ties to other management systems often in place in the organization. It can eliminate waste and duplication of services. It embeds BCS into the culture of the organization versus maintaining ownership with a few individuals. A management system is a proven framework for managing and continually improving your organization s policies, procedures and processes. Business units work with a shared vision, with information sharing, benchmarking, and team work. Seeking Third-Party Certification? ISO is being considered for adoption by DHS/FEMA as an additional standard that can be used for PS-Prep certification. The addition of the international standard will allow organizations to concurrently fulfill the U.S. national interests for preparedness with international trade interests. Show your support for the adoption of ISO as a PS-Prep standard by writing a letter to FEMA/DHS Administrator W. Craig Fugate. For more information, contact Lynnda Nelson by at Lynnda@theicor.org.
Moving from BS 25999-2 to ISO 22301. The new international standard for business continuity management systems. Transition Guide
Transition Guide Moving from BS 25999-2 to ISO 22301 The new international standard for business continuity management systems Extract from The Route Map to Business Continuity Management: Meeting the
More informationISO 22301:2012 Societal Security Appendix B Business Continuity Management Systems Requirements 347
Appendix B Business Continuity Management Systems Requirements 347 B.3 Format and Structure ISO 22301 is the second published standard to adopt ISO s new high-level structure for management systems standards
More informationHOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING
HOW CAN YOU ENSURE BUSINESS CONTINUITY? ISO 22301 AUDITS, CERTIFICATION AND TRAINING ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYSTEMS Most organisations will, at some point, be faced with having to respond
More informationBusiness Continuity Management
Business Continuity Management Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland Freedom of Information Publication Scheme. It should not
More informationBusiness Continuity Standards A Primer
INTELLIGENT NOTIFICATION Alphabet Soup: Making Sense of BC/DR Standards Part 1: Business Continuity Standards A Primer Why all the attention now? One of the hottest topics in BC/DR these days is standards.
More informationBirmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy
Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author
More informationIs Business Continuity Certification Right for Your Organization?
2008-2013 AVALUTION CONSULTING, LLC ALL RIGHTS RESERVED i This white paper analyzes the business case for pursuing organizational business continuity certification, including what it takes to complete
More informationBy. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd
BS 25999 Business Continuity Management By. Mr. Chomnaphas Tangsook Business Director BSI Group ( Thailand) Co., Ltd 1 Contents slide BSI British Standards 2006 BS 25999(Business Continuity) 2002 BS 15000
More informationProposal for Business Continuity Plan and Management Review 6 August 2008
Proposal for Business Continuity Plan and Management Review 6 August 2008 2008/8/6 Contents About Newton IT / Quality of our services. BCM & BS25999 Overview 2. BCM Development in line with BS25999 3.
More informationBusiness Continuity Management Policy
Business Continuity Management Policy Business Continuity Policy Version 1.0 1 Version control Version Date Changes Author 0.1 April 13 1 st draft PH 0.2 June 13 Amendments in line with guidance PH 0.3
More informationIl nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità
Il nuovo standard ISO 22301 sulla Business Continuity Scenari ed opportunità Massimo Cacciotti Business Services Manager BSI Group Italia Agenda BSI: Introduction 1. Why we need BCM? 2. Benefits of BCM
More informationSolihull Clinical Commissioning Group
Solihull Clinical Commissioning Group Business Continuity Policy Version v1 Ratified by SMT Date ratified 24 February 2014 Name of originator / author CSU Corporate Services Review date Annual Target audience
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationBS 25999 BUSINESS CONTINUITY MANAGEMENT
BS 25999 BUSINESS CONTINUITY MANAGEMENT AUDIT, CERTIFICATION & training services HOW CAN YOU ENSURE BUSINESS CONTINUITY? BS 25999 AUDITS & CERTIFICATION FROM SGS Most organisations will, at some point,
More informationBusiness Continuity Policy
Business Continuity Policy St Mary Magdalene Academy V1.0 / September 2014 Document Control Document Details Document Title Document Type Business Continuity Policy Policy Version 2.0 Effective From 1st
More informationEPRR: Toolkit Facilitator Guide
NHS England Business Continuity Management EPRR: Toolkit Facilitator Guide APPENDIX 1 1 [Intentionally Blank] INTRODUCTION The document has been designed to assist you to deliver the outcomes of the workshop
More informationWhite Paper: ISO 22301 Business Continuity Management An Overview. ISO 22301 Business Continuity Management An Overview
White Paper: ISO 22301 Business Continuity Management An Overview ISO 22301 Business Continuity Management An Overview Introduction As incidents such as malicious activism, terrorist attacks and environmental
More informationBusiness Continuity Trends, Requirements and Expectations in 2009. Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting
Business Continuity Trends, Requirements and Expectations in 2009 Brian Zawada (MBCP) Director of Consulting Services Avalution Consulting Overview What Is Business Continuity? The Value Proposition What
More informationEssex Clinical Commissioning Groups. Business Continuity Management System. Scope and Policy
Essex Clinical Commissioning Groups Essex Clinical Commissioning Groups Business Continuity Management System Scope and Policy Policy Author: Daniel Hale - Head of Emergency Planning Version: 1.0 Date
More informationBCS Practitioner Certificate in Business Continuity Management Syllabus
BCS Practitioner Certificate in Business Continuity Management Syllabus Version 4.3 March 2015 Contents Change History... 4 Introduction... 5 Objectives... 5 Entry Criteria... 5 Examination Format and
More informationBusiness Continuity (Policy & Procedure)
Business Continuity (Policy & Procedure) Publication Scheme Y/N Can be published on Force Website Department of Origin Force Operations Policy Holder Ch Supt Head of Force Ops Author Business Continuity
More informationTemple university. Auditing a business continuity management BCM. November, 2015
Temple university Auditing a business continuity management BCM November, 2015 Auditing BCM Agenda 1. Introduction 2. Definitions 3. Standards 4. BCM key elements IT Governance class - IT audit program
More informationPrinciples for BCM requirements for the Dutch financial sector and its providers.
Principles for BCM requirements for the Dutch financial sector and its providers. Platform Business Continuity Vitale Infrastructuur Financiële sector (BC VIF) Werkgroep BCM requirements 21 September 2011
More informationChecklist of ISO 22301 Mandatory Documentation
Checklist of ISO 22301 Mandatory Documentation 1) Which documents and records are required? The list below shows the minimum set of documents and records required by ISO 22301:2012 (the standard refers
More informationBUSINESS CONTINUITY STRATEGY 2014-2017
BUSINESS CONTINUITY STRATEGY 2014-2017 This strategy covers the period 01 April 2014 31 March 2017 and was approved by the Major Incident Working Group 19.03.2014 Caroline Rushmer Major Incident and Business
More informationEssex Clinical Commissioning Groups. Business Continuity Management System. Business Impact Analysis Process
Essex Clinical Commissioning Groups Essex Clinical Commissioning Groups Business Continuity Management System Business Impact Analysis Process Policy Author: Daniel Hale - Head of Emergency Planning Version:
More informationShankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.
Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management
More informationHow to measure your business resiliency
How to measure your business resiliency Define the KPI s/kri s and scorecards to control your security and business continuity capabilities Krzysztof Pulkiewicz BCMLogic krzysztof.pulkiewicz@bcmlogic.com
More informationBusiness Continuity Management Standard and Guide
Business Continuity Management Standard and Guide AE/HSC/NCEMA 7000: 2012 Version 1 His Highness Sheikh Khalifa Bin Zayed Al Nahyan President of the United Arab Emirates Chairman of the Supreme Council
More informationBusiness Continuity Management
Business Continuity Management Version 1 approved by SMG December 2013 Business Continuity Policy Version 1 1 of 9 Business Continuity Management Summary description: This document provides the rationale
More informationSocietal security Business continuity management systems Guidance
DRAFT INTERNATIONAL STANDARD ISO/DIS 22313 ISO/TC 223 Secretariat: SIS Voting begins on Voting terminates on 2011-12-13 2012-05-13 INTERNATIONAL ORGANIZATION FOR STANDARDIZATION МЕЖДУНАРОДНАЯ ОРГАНИЗАЦИЯ
More informationBusiness Intelligence & Business Continuity
Business Intelligence & Business Continuity BCM Maturity Curve April 22, 2013 COOP Systems Briefing 2 Chris Alvord, CEO, COOP Systems CBCP, MBCI, Former DRII Certified Trainer OCEG GRC, ISO 22301 Lead
More informationExternal Supplier Control Requirements BCM
External Supplier Control Requirements BCM BCM Requirement Description BCM Tiers Recovery Time Objective Why this is important 1. Business Continuity Policy Supplier will have a documented Business Continuity
More informationABA Homeland Security Law Institute Panel. Two Ounces of Prevention: The SAFETY Act and PS Prep Voluntary Programs to Mitigate Liability
ABA Homeland Security Law Institute Panel Two Ounces of Prevention: The SAFETY Act and PS Prep Voluntary Programs to Mitigate Liability March 23, 2012 Remarks of Stephen Amitay, Counsel to ASIS International
More informationNHS Commissioning Board Business Continuity Management Framework (service resilience)
NHS Commissioning Board Business Continuity Management Framework (service resilience) 1 P a g e NHS Commissioning Board Business Continuity Management Framework Date 7 January 2013 Audience NHS Commissioning
More informationCouncil Policy Business Continuity Management
Policy Name: Business Continuity Management Council Policy Business Continuity Management ADOPTED BY COUNCIL: 19 th April 2016 DATE OF NEXT REVIEW: 18 th April 2020 RESPONSIBLE OFFICER: REFERENCES: Chief
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationwww.td.com.au Business Continuity - IT Disaster Recovery Discussion Paper - - Commercial in Confidence Version V2.0R Wednesday, 5 September 2012
Business Continuity - IT Disaster Recovery Discussion Paper - - Version V2.0R Wednesday, 5 September 2012 Commercial in Confidence Melbourne Sydney 79-81 Coppin St Level 2 Richmond VIC 3121 414 Kent St
More informationDisaster Recovery Journal Spring World 2014
Disaster Recovery Journal Spring World 2014 What works: Services and service supply chain business continuity risk management Don Hall, CBCP, Cisco Services Business Continuity Analyst Cisco Systems, Inc.
More informationNHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY
NHS ISLE OF WIGHT CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY POLICY AUTHOR/ APPROVAL DETAILS Document Author Written By: Human Resources Authorised Signature Authorised By: Helen Shields Date: 20
More informationCITY UNIVERSITY OF HONG KONG Business Continuity Management Standard
PUBLIC Version: 1.0 CITY UNIVERSITY OF HONG KONG Business Continuity Management Standard (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis (BIA) Page
More informationBUSINESS CONTINUITY MANAGEMENT FRAMEWORK
BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business
More informationHow To Manage A Disruption Event
BUSINESS CONTINUITY FRAMEWORK DOCUMENT INFORMATION DOCUMENT TYPE: DOCUMENT STATUS: POLICY OWNER POSITION: INTERNAL COMMITTEE ENDORSEMENT: APPROVED BY: Strategic document Approved Manager Organisational
More informationDRAFT BUSINESS CONTINUITY MANAGEMENT POLICY
DRAFT BUSINESS CONTINUITY MANAGEMENT POLICY This document outlines a set of policies and procedures for formalising a Business Continuity programme, and provides guidelines for developing, maintaining
More informationBusiness Continuity Management
Annex A Business Continuity Management Programme Business Continuity Management Policy 1. Introduction This Business Continuity Management (BCM) Policy defines the scope of the SPCB s ability to maintain
More informationwww.pwc.com Business Resiliency Business Continuity Management - January 14, 2014
www.pwc.com Business Resiliency Business Continuity Management - January 14, 2014 Agenda Key Definitions Risks Business Continuity Management Program BCM Capability Assessment Process BCM Value Proposition
More informationThe ABA s Path to Business Continuity Certification
The ABA s Path to Business Continuity Certification George Huff & Diana Gilbert A Business Case American Bar Association 2 / 9 /2013 This Business Case is authored by George Huff, a Member of the Special
More informationTime Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301
14th Annual Time Warner Cable s (TWC) Path to Declaring Conformity to ISO 22301 A BCM journey from variance to consistency The Road to Resilience Speaker Information Rachelle Loyear Enterprise Director
More informationWEST YORKSHIRE FIRE & RESCUE SERVICE. Business Continuity Management Strategy
WEST YORKSHIRE FIRE & RESCUE SERVICE Business Continuity Management Strategy Date Issued: 12 November 2012 Review Date: 12 November 2015 Version Control Version Number Date Author Comment 0.1 June 2011
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationNOT PROTECTIVELY MARKED BUSINESS CONTINUITY. Specialist Operations Contingency Planning Business Continuity Manager 17.09.12
POLICY BUSINESS CONTINUITY Policy owners Policy holder Author Head of Services Specialist Operations Contingency Planning Business Continuity Manager Policy No. 132 Approved by Legal Services 17.09.12
More informationInstitute for Business Continuity Training 1623 Military Road, # 377 Niagara Falls, NY 14304-1745
ECP - 601: Effective Business Continuity Management: ISO 22301 This 3-day course provides an intensive, hands-on workshop covering all major aspects for the design of an effective Business Continuity Plan
More informationISO 22301 BUSINESS CONTINUITY MANAGEMENT SYStEMS (BCMS) EXPERT IMPLEMENTER
ISO 22301 BUSINESS CONTINUITY MANAGEMENT SYStEMS (BCMS) EXPERT IMPLEMENTER COMPETENCY LEVEL COMPETENCY WHICH LEVEL SHOULD I BE STARTING MY BUSINESS CONTINUITY TRAINING? KNOW DO BCM-230 BCM-330 I am new
More informationPlan Development Getting from Principles to Paper
Plan Development Getting from Principles to Paper March 22, 2015 Table of Contents / Agenda Goals of the workshop Overview of relevant standards Industry standards Government regulations Company standards
More informationMHA Consulting. Business Continuity Management 101
0 MHA Consulting Business Continuity Management 101 Presented by: Michael Herrera Brandon Magestro MHA Consulting Agenda MHA Consulting Introduction Business Continuity Management (BCM) Defined 2013 Trends
More informationUpdate from the Business Continuity Working Group
23 June 2014 Performance and Resources Board 19 To note Update from the Business Continuity Working Group Issue 1 The Business Continuity Working Group oversees the development, maintenance and improvement
More informationNORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00)
NORTH HAMPSHIRE CLINICAL COMMISSIONING GROUP BUSINESS CONTINUITY MANAGEMENT POLICY AND PLAN (COR/017/V1.00) Subject and version number of document: Serial Number: Business Continuity Management Policy
More informationD2-02_01 Disaster Recovery in the modern EPU
CONSEIL INTERNATIONAL DES GRANDS RESEAUX ELECTRIQUES INTERNATIONAL COUNCIL ON LARGE ELECTRIC SYSTEMS http:d2cigre.org STUDY COMMITTEE D2 INFORMATION SYSTEMS AND TELECOMMUNICATION 2015 Colloquium October
More informationBusiness Continuity Policy and Business Continuity Management System
Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain
More information1.0 Policy Statement / Intentions (FOIA - Open)
Force Policy & Procedure Reference Number Business Continuity Management D269 Policy Version Date 23 July 2015 Review Date 23 July 2016 Policy Ownership Portfolio Holder Links or overlaps with other policies
More informationLoss Control Webcast. Disaster Recovery Planning we re not in Kansas anymore
Loss Control Webcast Disaster Recovery Planning we re not in Kansas anymore May 15, 2013 1 The information presented in this material has been developed from sources believed to be reliable. It is presented
More informationRSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief
RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief INTRODUCTION Now more than ever, organizations depend on services, business processes and technologies to generate revenue and meet
More informationBusiness Continuity Planning
Business Continuity Planning We believe all organisations recognise the importance of having a Business Continuity Plan, however we understand that it can be difficult to know where to start. That s why
More informationPrudential Standard CPS 232 Business Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard This Prudential Standard requires each regulated institution and Level 2 group to implement
More informationCSA Z1600 Emergency Management and Business Continuity Programs
CSA Z1600 Emergency Management and Business Continuity Programs Presented by: John Lindsay, Brandon University Department of Applied Disaster and Emergency Studies and Z1600 Technical Committee member
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Document Type Corporate Policy Unique Identifier CO-038 Document Purpose To provide a structure through which: i. A comprehensive business continuity management system (BCMS)
More informationBest Practices in Disaster Recovery Planning and Testing
Best Practices in Disaster Recovery Planning and Testing axcient.com 2015. Axcient, Inc. All Rights Reserved. 1 Best Practices in Disaster Recovery Planning and Testing Disaster Recovery plans are widely
More informationNeed to protect your business from potential disruption? Prepare for the unexpected with ISO 22301.
Need to protect your business from potential disruption? Prepare for the unexpected with. Why BSI? Keep your business running with and BSI. Our knowledge can transform your organization. For more than
More informationBusiness continuity management policy
Business continuity management policy health.wa.gov.au Effective: XXX Title: Business continuity management policy 1. Purpose All public sector bodies are required to establish, maintain and review business
More informationBUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS
BUSINESS CONTINUITY MANAGEMENT GUIDELINES FOR BANKS AND FINANCIAL INSTITUTIONS DIRECTORATE OF BANKING SUPERVISION AUGUST 2009 TABLE OF CONTENTS PAGE 1.0 INTRODUCTION..3 1.1 Background...3 1.2 Citation...3
More informationBusiness Continuity Policy
Business Continuity Policy 1 NHS England INFORMATION READER BOX Directorate Medical Commissioning Operations Patients and Information Nursing Trans. & Corp. Ops. Commissioning Strategy Finance Publications
More informationConsultative report. Committee on Payment and Settlement Systems. Board of the International Organization of Securities Commissions
Committee on Payment and Settlement Systems Board of the International Organization of Securities Commissions Consultative report Principles for financial market infrastructures: Assessment methodology
More informationNIST SP 800-34, Revision 1 Contingency Planning Guide for Federal Information Systems
NIST SP 800-34, Revision 1 Contingency Planning Guide for Federal Information Systems Marianne Swanson NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Table Of Contents Introduction to NIST SP 800-34
More informationHow To Assess A Critical Service Provider
Committee on Payments and Market Infrastructures Board of the International Organization of Securities Commissions Principles for financial market infrastructures: Assessment methodology for the oversight
More informationNHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy. Version 1.0
NHS Central Manchester Clinical Commissioning Group (CCG) Business Continuity Management (BCM) Policy Version 1.0 Document Control Title: Status: Version: 1.0 Issue date: May 2014 Document owner: (Name,
More informationBusiness Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard The ultimate responsibility for the business continuity of an APRA-regulated institution
More informationGuideline - Business Continuity Plan
Guideline - Business Continuity Plan 1. Introduction: The Business Continuity Plan is a component of the Risk and Business Management suite. This suite includes: Risk Management including risk registers
More informationUniversity of Michigan Disaster Recovery / Business Continuity Administrative Information Systems 4/6/2004 1
University of Michigan Disaster Recovery / Business Continuity Administrative Information Systems. 1 Michigan Administrative Information Services (MAIS) MAIS is responsible for the production support of
More information> State Street. Corporate Continuity Program. Continuity Organizational Structure. Program Oversight
> State Street An Integrated Approach to Continuity Metrics & Progress Reporting Presented to: Continuity Insights May 2007 Presented by: Chris Glebus Continuity Organizational Structure Executive Management
More informationDORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy
Not Protectively Marked Item 6 Appendix B DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Management Policy The Dorset & Wiltshire Fire and Rescue Authority () is the combined fire and rescue authority for
More informationBusiness Continuity Management Framework 2014 2017
Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity
More informationGetting Your Business Back
Getting Your Business Back Pulling Together Business Continuity, Crisis Management and Disaster Recovery Many organizations have a program (or programs) in place to keep operations going (or to resume
More informationINSURANCE REGULATORY AUTHORITY IRA/PG/ GUIDELINE TO THE INSURANCE INDUSTRY ON THE BUSINESS CONTINUITY MANAGEMENT
INSURANCE REGULATORY AUTHORITY IRA/PG/ GUIDELINE TO THE INSURANCE INDUSTRY ON THE BUSINESS CONTINUITY MANAGEMENT SEPTEMBER 2014 To Insurance Companies Reinsurance Companies GUIDELINEON BUSINESS CONTINUITY
More informationThe Weill Cornell Medical College and Graduate School of Medical Sciences. Responsible Department: Information Technologies and Services (ITS)
Information Technology Disaster Recovery Policy Policy Statement This policy defines acceptable methods for disaster recovery planning, preparedness, management and mitigation of IT systems and services
More informationTELUS Business Continuity Program past and future
TELUS Business Continuity Program past and future Presentation to EPICC 6 th Annual Seminar Victoria, BC September 17, 2010 John Yamniuk, MBCP Member of the TELUS team TELUS BCM Purpose To provide an overview
More informationBusiness Continuity Management
Prudential Standard CPS 232 Business Continuity Management Objective and key requirements of this Prudential Standard This Prudential Standard requires each APRA-regulated institution to implement a whole-of-business
More informationCONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT
CONTINUITY OF OPERATIONS AUDIT PROGRAM EVALUATION AND AUDIT April 16, 2014 INTRODUCTION Purpose The purpose of the audit is to give assurance that the development of the Metropolitan Council s Continuity
More informationBusiness Continuity for the New Professional. Britt Corra Enterprise BCM Erika Voss Senior BCM
Business Continuity for the New Professional Britt Corra Enterprise BCM Erika Voss Senior BCM New to Business Continuity? Agenda & Experience 3-5 years experience? Seasoned veteran? What is BCM Tool Kit?
More informationeet Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry Power and Utilities Fact Sheet
Power and Utilities Fact Sh Business continuity and disaster recovery Enhancing enterprise resiliency for the power and utilities industry A holistic approach to business resiliency and disaster recovery
More informationBusiness Continuity Management Planning Methodology
, pp.9-16 http://dx.doi.org/10.14257/ijdrbc.2015.6.02 Business Continuity Management Planning Methodology Dr. Goh Moh Heng, Ph.D., BCCLA, BCCE, CMCE, CCCE, DRCE President, BCM Institute moh_heng@bcm-institute.org
More informationHow prepared are you?
How prepared are you? Business Continuity Management Toolkit Version 1 Click on content to navigate What Is Business Continuity Management (BCM)? 3 About the Toolkit 4 1. BCM programme management 5 2.
More informationThe ABC s of BCP. Jeremy Sucharski Governance Risk and Compliance G31
The ABC s of BCP Jeremy Sucharski Governance Risk and Compliance G31 Jeremy Sucharski, CISA, CRISC Over 12 years of experience CISA and CRISC Certifications Governance, Risk and Compliance Practice Leader
More informationCENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT
CENTRAL BANK OF KENYA (CBK) PRUDENTIAL GUIDELINE ON BUSINESS CONTINUITY MANAGEMENT (BCM) FOR INSTITUTIONS LICENSED UNDER THE BANKING ACT JANUARY 2008 GUIDELINE ON BUSINESS CONTINUITY GUIDELINE CBK/PG/14
More informationPS 170 Business Continuity Management Policy
PS 170 Business Continuity Management Policy July 2013 Version 2 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010;
More informationBank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management
Bank of Papua New Guinea Prudential Standard BPS251: Business Continuity Management Issued under Section 27 of the Banks and Financial Institutions Act 2000 Overview and Key Requirements Business Continuity
More informationGlobal Statement of Business Continuity
Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.
More information