Release: 1. BSBCON601B Develop and maintain business continuity plans

Similar documents
BSBCCO501B Develop business continuity strategy

ICAICT704A Direct ICT in a supply chain

BSBMKG610A Develop, implement and monitor a marketing campaign

BSBINM501A Manage an information or knowledge management system

Release: 1. ICAPMG601A Establish IT project governance

Release: 1. BSBPMG509A Manage project procurement

BSBCUS501C Manage quality customer service

ICASAS505A Review and update disaster recovery and contingency plans

Revision Number: 1. BSBADM307B Organise schedules

Release: 1. BSBPMG503A Manage project time

BSBGOV403A Analyse financial reports and budgets

Release 1. ICAICT814A Develop cloud computing strategies for a business

BSBMKG506B Plan market research

Release: 1. BSBPMG510A Manage projects

Release: 1. BSBPMG606A Direct human resources management of a project program

Release: 1. BSBPMG607A Direct communications management of a project program

PSPPROC506A Plan to manage a contract

Release 1. BSBPMG415A Apply project risk-management techniques

Release 1. BSBPMG410A Apply project time-management techniques

BSBCOM402B Implement processes for the management of a breach in compliance requirements

Release: 1. FNSILF302A Process a life insurance application

Release: 1. BSBMKG510A Plan e-marketing communications

BSBCOM401B Organise and monitor the operation of compliance management system

Release 1. BSBPMG412A Apply project cost-management techniques

PMAOMIR418B Coordinate incident response

SITXOHS003B Identify hazards, and assess and control safety risks

Release: 1. BSBCOM603C Plan and establish compliance management systems

BSBMED301B Interpret and apply medical terminology appropriately

BSBMKG508A Plan direct marketing activities

PSPSOHS606A Develop and implement crisis management processes

CPPSEC4016A Install networked security system

BSBLEG515A Apply legal principles in wills and probate matters

Revision Number: 1. BSBFIA302A Process payroll

FNSRSK601A Develop and implement risk mitigation plan

Release: 1. RIIBEF602A Establish and evaluate operational performance management systems

BSBMGT515A Manage operational plan

BSBHRM502A Manage human resources management information systems

Release: 1. ICADBS603A Determine suitability of database functionality and scalability

PSPWPR401A Process incoming workplace relations enquiries

ICANWK616A Manage security, privacy and compliance of cloud service deployment

SIRXCCS408 Build retail relationships and sustain customer loyalty

Release: 1. ICTPMG4152A Manage the delivery of network infrastructure

How To Manage A Disruption Event

Revision Number: 1. BSBCOM603B Plan and establish compliance management systems

LMFFDT4012A Produce ideation drawings

PSPSOHS602A Develop OHS information and data analysis and reporting and recording processes

How To Manage A Store Security Unit

CPPSEC4017A Determine security system configurations

Release: 1. CPPDSM4055A Maintain asset management system

LMTCL4002A Assemble and fit commercially tailored or bespoke garments

Release 1. BSBWHS508A Manage WHS hazards associated with plant

ICTTEN5204A Produce technical solutions from business specifications

BSBHRM507A Manage separation or termination

Release: 1. BSBHRM506A Manage recruitment selection and induction processes

PSPCRT409B Administer court fines and debt management

BSBHRM403A Support performance management process

LMFGN3002B Estimate and cost job

Release: 1. CPPDSM5032A Market the agency

FNSACC611A Implement an insolvency program

PRSTS301A Identify technical security requirements

BSBADM406B Organise business travel

Release: 1. MSS405062A Develop a documentation control strategy for an organisation

FNSIBK605A Manage insurance brokerage service performance

Release: 1. CPPDSM4080A Work in the real estate industry

How To Write A Life Insurance Claim

Release: 1. ICAICT604A Identify and implement business innovation

CUSIND301B Work effectively in the music industry

Release: 1. ICAPRG426A Prepare software development review

CSCSAS401A Monitor and review security systems

BSBFIA303A Process accounts payable and receivable

Revision Number: 1. BSBADV603B Manage advertising production

MSS405030A Optimise cost of a product or service

BSBADV509A Create mass print media advertisements

Release: 1. ICADBS502A Design a database

MSACMT260A Use planning software systems in manufacturing

BSBMKG409A Design direct response offers

AHCPCM601A Develop and implement a plant health management strategy

LGAGOVA610B Implement computerised asset management systems

ICTTEN2209A Build and maintain a secure network

SIRXSLS008A Develop a sales strategy

Release: 1. BSBFIM501A Manage budgets and financial plans

Release: 1. CPPSEC4015A Maintain networked security system

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

Transcription:

Release: 1 BSBCON601B Develop and maintain business continuity plans

BSBCON601B Develop and maintain business continuity plans Modification History Release Release 1 Comments This version first released with BSB07 Business Training Package version 6.0. Revised unit. Required knowledge updated to incorporate current Australian Standards. Replaces BSBCON601A Develop and maintain business continuity plans Unit Descriptor This unit describes the performance outcomes, skills and knowledge required to work within the business continuity framework to develop and implement business continuity plans in order for an organisation to manage risk and ensure business resilience when faced with a disruptive event. Application of the Unit This unit is for individuals working in positions of authority who are approved to implement change across the division, business area, program area or project area. This unit addresses the knowledge and processes necessary to develop and maintain business continuity requirements. Business continuity awareness and planning help the organisation to identify barriers and/or interruptions, and to determine how the organisation will achieve critical business objectives (even at diminished capacity) until full functionality is restored. The focus is on risk and vulnerability assessment, business impact assessments, and business continuity and communication plans. Licensing/Regulatory Information No licensing, legislative, regulatory or certification requirements apply to this unit at the time of endorsement. Pre-Requisites Not applicable. Approved Page 2 of 13

Employability Skills Information This unit contains employability skills. Elements and Performance Criteria Pre-Content Element Elements describe the essential outcomes of a unit of competency. Performance Criteria Performance criteria describe the performance needed to demonstrate achievement of the element. Where bold italicised text is used, further information is detailed in the required skills and knowledge section and the range statement. Assessment of performance is to be consistent with the evidence guide. Approved Page 3 of 13

Elements and Performance Criteria 1. Conduct risk and vulnerability assessments 1.1 Identify the relationship between corporate risk and the organisation s business continuity management framework 1.2 Analyse and determine internal and external risk context by collecting information that relates to the organisation s priorities, operations and environment 1.3 Analyse and identify potential internal and external sources of disruption to the organisation s priorities, operations and environment 2. Develop and report on the business impact assessment/s 3. Develop, implement and report on risk treatments 4. Determine interdependencies and develop response strategies 5. Establish the business continuity plan 2.1 Identify the organisation s critical business functions and their dependencies and interdependencies, and analyse and evaluate risks through the business impact assessment/s 2.2 Develop risk and disruption scenarios through the business impact assessment/s 2.3 Validate risk and disruption scenarios through the business impact assessment/s 2.4 Analyse, validate and report on the outcomes of the business impact assessment/s to management 3.1 Develop and implement risk treatments 3.2 Participate in risk treatment review 3.3 Report on risk treatment review to management and relevant appropriate personnel 3.4 Update risk treatment review in line with feedback provided by relevant personnel 4.1 Develop the organisation s emergency response, continuity and recovery strategies 4.2 Consult and seek endorsement on the organisation s emergency response, continuity and recovery strategies from management and other appropriate personnel 4.3 Identify and manage synergies and conflicts in resource availability and access in conjunction with management 4.4 Coordinate the organisation s emergency response, continuity and recovery strategies 5.1 Consult relevant personnel and seek support for the development of the organisation s business continuity plan/s 5.2 Ensure content of business continuity plan is comprehensive and meets, where applicable, the requirements of regulations, standards, industry practice and geographical dispersion Approved Page 4 of 13

5.3 Document and analyse feedback received through consultation and finalise business continuity plan 5.4 Demonstrate accountability for the organisation s business continuity plan/s 6. Establish the communication plan within the organisation s planning framework 7. Deliver business continuity professional development activities 6.1 Identify stakeholders and determine objective and scope of communication plan for periods before, during and after disruptions occur 6.2 Determine organisation s communication capabilities in line with objectives and scope, and identify gaps and options for meeting shortfalls 6.3 Develop and implement across the organisation, appropriate risk and incident monitoring, reporting and escalation processes 7.1 Promote the application of the business continuity management framework and plan to all relevant personnel on an ongoing basis 7.2 Provide staff with appropriate information relating to the cyclical review process of the business continuity management plan 7.3 Conduct business continuity management plan exercises in line with the organisation s policies and procedures 7.4 Conduct post exercise debriefs, complete post exercise reviews and update business continuity strategies and plans as required 7.5 Manage and record staff learning and development in relation to the business continuity management framework in accordance with organisational requirements, and framework policies and procedures 7.6 Report on the outcomes of staff learning and development, and business continuity framework exercises to relevant personnel Approved Page 5 of 13

Required Skills and Knowledge This section describes the skills and knowledge required for this unit. Required skills analytical skills to analyse relevant workplace information and data, and to make observations and connections between workplace tasks and interactions in relation to people, activities, equipment, environment and systems communication, teamwork and leadership skills to: read and interpret an organisation s reports, policies and procedures in order to develop business continuity management plan/s effectively communicate and work with a diverse range of individuals at all levels during and after a disruptive event effectively negotiate the trust and confidence of colleagues and stakeholders effectively undertake detailed business impact assessment activities across the spectrum of the organisation s stakeholders information technology skills to effectively respond to information technology issues initiative and enterprise skills to generate a range of options in response to a disruptive event planning and organisational skills to participate in or to establish the organisation s improvement and planning processes presentation skills to develop and present reports or presentations that deal with complex ideas and concepts, and to articulate information and ideas clearly research skills to undertake the necessary background research for risk and vulnerability assessment, business impact assessment and business continuity plan risk management and project planning skills to effectively develop and execute potentially complex business continuity planning strategies and plans stress management skills to work effectively and positively under the pressure of a major incident or situation within the workplace. Required knowledge AS/NZS ISO 31000:2009 Risk Management - Principles and Guidelines Australian/New Zealand Standard Handbook AS/NZS 50:50 2010 Business Continuity: managing disruption related risk organisation s policies and procedures, including business continuity strategies overall operations of the organisation, including existing data and information systems, paper and digital recordkeeping systems past and current internal, external and industry disruptions relevant legislation and regulations that impact on business continuity, such as OHS, environment, duty of care, contract, company, freedom of information, industrial relations, emergency management, privacy and confidentiality, due diligence, records management types of available insurance, what is required and insurance providers in relation to business continuity planning types of available recoverable services. Approved Page 6 of 13

Evidence Guide The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package. Critical aspects for assessment and evidence required to demonstrate competency in this unit Context of and specific resources for assessment Method of assessment Guidance information for assessment Evidence of the following is essential: knowledge of the organisation s overall business continuity framework and how it interrelates with the critical business functions development and implementation of a business continuity plan that includes appropriate links to emergency response, disaster recovery plans and detailed continuity and recovery strategies effective management of the communication and staff development activities relating to business continuity risk and vulnerability assessment. Assessment must ensure: access to workplace business continuity documentation access to feedback from teams and management. A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit: direct questioning combined with review of portfolios of evidence and third party workplace reports of on-the-job performance by the participant work based projects or case studies observation of presentations oral or written questioning to assess knowledge of business continuity management framework and business continuity plans review of documented critical success factors, and goals or objectives for area review of risks prioritised for risk treatment and disruption scenarios evaluation of business impact assessment evaluation of business continuity and communication strategies and plans. Holistic assessment with other units relevant to the industry sector, workplace and job role is recommended. Approved Page 7 of 13

Range Statement The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included. Corporate risk may include: electronic information security espionage/commercial confidence/sensitivity breach governance insolvency major fraud professional negligence threat of major legal action against directors. Organisations may include: commercial enterprises community government non-commercial enterprises not-for-profit religious organisations. Risk may include: aeronautical armed hold-up biological chemical civil disturbance disability/death of key person economic electronic erosion explosion fire fraud hazardous materials industrial accident infrastructure failure market failure natural disaster operational collapse insolvency pandemic pollution privacy and confidentiality Approved Page 8 of 13

Critical business functions may include: radiological/nuclear robbery and/or major vandalism sabotage structure failure terrorism transport accident war water weather/climate change. business objectives customer service functions financial systems human resource functions management OHS organisational structure payroll records management. Dependencies may include: office furniture office supplies personnel support activities systems and applications vital records. Interdependencies may include: Business impact assessment/s may include: Disruption scenarios may include: communications outsourcer and third party suppliers power sanitation security transport water. breach/reduction of customer service standards cost/impact on existing and/or increased finance escalating losses over time impact of loss of business/resources loss of revenue potential fines/penalties/litigation costs reputation/brand damage statutory/regulatory breaches. damage to/loss of critical infrastructure information and intelligence unavailable Approved Page 9 of 13

equipment and other assets unavailable litigation loss of access to building loss of access to precinct loss of access to records and organisational information systems loss of building loss of communications voice loss of communications data loss of distribution chain loss of information technology systems loss of number and availability of staff, including key staff not meeting legal and business requirements partnership dependencies denial of access to goods and services from suppliers, outsourcers. Management may include: chief executive officer company board delegated business continuity management director/officer department managers directors supervisors. Risk treatment may include: Emergency response strategies may include: Continuity strategies may include: activating evacuation plan activating lockdown procedures activating workplace emergency management plan personnel working from home relocation of facilities temporarily suspending activities transferring activities. contact lists to report incident/s documentation/reporting/recording procedures evacuation plan location of evacuation assembly point lock down procedures names and responsibilities of wardens personnel instructions for evacuation process for accounting personnel workplace emergency management plan. action required to resume critical business activities to pre-disruption capacity contact lists of critical personnel and stakeholders Approved Page 10 of 13

Recovery strategies may include: counselling critical business activities and prioritisation of when they can/need to resume list of resources relocation to alternative worksite resource replacement treatment for critical business activities. customer confidence/relationship management damage assessment market re-establishment process for assessing loss and filing insurance claims relocation of business to original location salvage and restoration of records, infrastructure and premises. Resources may include: critical written and/or electronic records emergency services facilities and/or accommodation finances information technology infrastructure and applications management insurance personnel plant and equipment premises telecommunications. Business continuity plan/s may include: introduction organisational details objectives purpose critical business functions assumptions processes activation and stand down responsibility version control and maintenance operational requirements critical success factors interdependencies outage times compliance people structure Approved Page 11 of 13

roles and responsibilities contact details continuity arrangements accommodation resources workarounds and alternate solutions continuity management tasks communications other plans checklists maps and drawings. Stakeholders may include: chief executive officer company board customers directors families/next-of-kin funders local community media personnel professional bodies shareholders relevant government minister/s and department/s regulators sponsors suppliers. Communication plan may include: Exercises may include: drills discussion exercises accessibility assumptions audience boundaries business continuity terminology capability equipment hierarchical organisational chart of internal and external emergency services personnel/delegates mode monitoring procedures radio silence reporting and recording procedures sensitivities. Approved Page 12 of 13

modelling planned walkthroughs scenario planning and exercising simulated exercises testing. Unit Sector(s) Industry Capability Continuity Approved Page 13 of 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information