Presentation is loading. Please wait.

Presentation is loading. Please wait.

Business Continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html.

Similar presentations


Presentation on theme: "Business Continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html."— Presentation transcript:

1 Business Continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

2 Disaster recovery Further reading 1 ISO/IEC 22301:2012 (replacement of BS- 25999:2007) Societal Security - Business Continuity Management Systems - Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

3 Disaster recovery Further reading 1 BS 25999-1:2006 Business Continuity Management Part 1: Code of practice https://store.theartofservice.com/the-business-continuity-management-toolkit.html

4 Disaster recovery Further reading 1 BS 25999-2:2007 Business Continuity Management Part 2: Specification https://store.theartofservice.com/the-business-continuity-management-toolkit.html

5 Chief governance officer 1 The heads of several governance-related functions may report to the CGO, including community relations / public affairs, corporate strategy, business continuity management, business performance management, compliance management / internal controls, corporate communication, corporate philanthropy, enterprise risk management, ethics management, internal audit, investor relations, legal services, stakeholder management and sustainability management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

6 Deloitte - Services 1 Audit and Enterprise Risk Services: Provides the organization's traditional accounting and audit services, as well as offerings in enterprise risk management, information security and privacy, data quality and integrity, project risk, business continuity management, internal auditing and IT control assurance. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

7 ISO/IEC 27002 - Outline for ISO27002:2013 1 Information security aspects of business continuity management - Information security continuity and Redundancies https://store.theartofservice.com/the-business-continuity-management-toolkit.html

8 ISO/IEC 27002 - Outline for ISO27002:2005 1 14. Business continuity management – protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

9 ISO/IEC 27001:2013 - Structure of the standard 1 This structure mirrors the structure of other new management standards such as ISO 22301 (business continuity management); this helps organisations who aim to comply with multiple standards, to improve their IT from different perspectives. Annexes B and C of 27001:2005 have been removed. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

10 ISO/IEC 27001:2013 - Controls 1 A.17: Information security aspects of business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

11 ISO/IEC 27001:2005 1 Business continuity management - protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

12 IT risk - ISO 1 Topic: Standard containing generally accepted guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization, including business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

13 IT risk - BSI 1 The standard is intended as a code of practice for business continuity management, and will be extended by a second part that should permit accreditation for adherence with the standard https://store.theartofservice.com/the-business-continuity-management-toolkit.html

14 Business continuity planning 1 In 2007, the BSI published BS 25999-2 "Specification for Business Continuity Management", which specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

15 Business continuity planning 1 BS 25999-2:2007 business continuity management is the British Standard for business continuity management across all organizations https://store.theartofservice.com/the-business-continuity-management-toolkit.html

16 Business continuity planning - Notes 1 Jump up ^ British Standards Institution (2006). Business continuity management- Part 1: Code of practice :London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

17 Business continuity planning - Notes 1 Jump up ^ British Standards Institution (2012). Societal security – Business continuity management Systems – Requirements: London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

18 Business continuity planning - International Organization for Standardization 1 ISO 22301:2012 Societal security - Business continuity management systems - Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

19 Business continuity planning - International Organization for Standardization 1 ISO 22313:2012 Societal security - Business continuity management systems - Guidance https://store.theartofservice.com/the-business-continuity-management-toolkit.html

20 Business continuity planning - Others 1 Exercising for Excellence (Delivering successful business continuity management exercises) by Crisis Solutions https://store.theartofservice.com/the-business-continuity-management-toolkit.html

21 Business continuity - Standards 1 ISO - On 15 May 2012, ISO published the International Standard ISO 22301:2012, "Societal security -- Business continuity management systems --- Requirements". A second International Standard ISO 22313, "Societal security -- Business continuity management systems – Guidance", is in the Draft International Standard (DIS) phase and is expected to be published in late 2012 or early 2013. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

22 Business continuity - Standards 1 In 2011, ISO published the International Standard ISO/IEC 27031:2011, Information security - Security techniques — Guidelines for information and communication technology [ICT] readiness for business continuity." This provides guidance for organization's implementing the ICT component of business continuity management. It also provides guidance in support of the business continuity elements of the information security standards, ISO/IEC 27001 and ISO/IEC 2002. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

23 Business continuity - Standards 1 The second, “BS 25999-2:2007 Specification for Business Continuity Management”, specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS), describing only requirements that can be objectively and independently audited https://store.theartofservice.com/the-business-continuity-management-toolkit.html

24 Business continuity - Standards 1 Australia – Published by Standards Australia HB 292-2006 : A practitioners guide to business continuity management HB 293- 2006 : Executive guide to business continuity management In 2010, Standards Australia introduced their Standard AS/NZS 5050 that connects far more closely with traditional risk management practices. This interpretation is designed to be used in conjunction with AS/NZS 31000 covering risk management. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

25 Business continuity - Procedures 1 British Standard 25999-2 and other standards identified above provide a specification for implementing a business continuity management system within an organization. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

26 Business continuity - Planning 1 Planning, prevention, and preparation are a key part of any business continuity management system and have direct read across from civil contingencies planning. The activity begins with understanding the business to identify potential risks and threats to critical business activities both internally and from the external environment. It is also advisable to examine the resilience of suppliers. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

27 Institute of Internal Auditors - Practice guides 1 GTAG 10: Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

28 Cyber security standards - ISO 27001 1 The ISO/IEC 27002 standard is arranged into eleven control areas; security policy, organizing information security, asset management, human resources security, physical and environmental security, communication and operations, access controls, information systems acquisition/development/maintenance, incident handling, business continuity management, compliance https://store.theartofservice.com/the-business-continuity-management-toolkit.html

29 Chartered Quality Institute - IRCA 1 IRCA offers certification programmes that recognise the competence of auditors who audit quality, software development, aerospace, maritime safety, pharmaceutical, food safety, environmental, information security, information technology service, occupational health and safety, social systems and business continuity management systems. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

30 Business process outsourcing - Threats 1 Risks and threats of outsourcing must therefore be managed, to achieve any benefits. In order to manage outsourcing in a structured way, maximizing positive outcome, minimizing risks and avoiding any threats, a Business continuity management (BCM) model is set up. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

31 Business process outsourcing - Threats 1 A framework for business continuity management, International Journal of Information Management 26- 2 (2006): 128- 141 https://store.theartofservice.com/the-business-continuity-management-toolkit.html

32 Framework Programmes for Research and Technological Development - TIMBUS Project 1 TIMBUS aligns digital preservation with well-established methods for enterprise risk management (ERM) and business continuity management (BCM). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

33 Threat (computer) - Threat management 1 Very large organizations tend to adopt business continuity management plans in order to protect, maintain and recover business-critical processes and systems. Some of these plans foreseen to set up 'computer security incident response team' (CSIRT) or 'computer emergency response team' (Computer emergency response team|CERT) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

34 Business impact analysis 1 In 2007, the BSI published BS 25999-2 Specification for Business Continuity Management, which specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

35 Business impact analysis 1 This document was superseded in November 2012 by the British standard BS ISO22301:2012. (British Standards Institution, 2012) British Standards Institution (2012). Societal security – Business continuity management Systems – Requirements: London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

36 Crisis management - Business continuity planning 1 Business Management: Top tips for effective, real- world Business Continuity Management) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

37 Enterprise relationship management - Velox framework 1 Velox ERM is a product of Technology Partnerz.[ http://www.technologypartnerz.com/eng/erm.asp ERM - Enterprise Relationship Management - Technology Partnerz Ltd] It integrates ONA - organizational network analysis,[ http://www.orgnet.com/orgnetmap.pdf Organizational Network Mapping] process re- design, IS/IT strategy, change management, supplier relationship management, customer relationship management, and risk and business continuity management into a comprehensive and simple framework that supports people and organizations in repeatably/consistently: https://store.theartofservice.com/the-business-continuity-management-toolkit.html

38 Chief information security officer 1 * Disaster recovery and business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

39 Civil Contingencies Act 2004 - Part 1: Local Arrangements for Civil Protection 1 Part 1 of the Act places a legal obligation upon emergency services and local authorities (defined as Category 1 responders under the Act) to assess the risk of, plan, and exercise for emergencies, as well as undertaking Business continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

40 Emergency management - As a profession 1 Professional emergency managers can focus on government and community preparedness (Continuity of Operations/Continuity of Government Planning), or private business preparedness (Business continuity planning|Business Continuity Management Planning) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

41 ISO/IEC 17799 - Outline for ISO27002:2013 1 #Information security aspects of business continuity management - Information security continuity and Redundancies https://store.theartofservice.com/the-business-continuity-management-toolkit.html

42 ISO/IEC 17799 - Outline for ISO27002:2005 1 14. Business continuity planning|Business continuity management – protecting, maintaining and recovering business- critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

43 Information security policies - Risk management 1 *business continuity management, and https://store.theartofservice.com/the-business-continuity-management-toolkit.html

44 IT baseline protection - IT Baseline Protection Catalog and standards 1 It contains elements from BS 25999, ITIL Service Continuity Management combined with the relevant IT Baseline Protection Catalog components, and essential aspects for appropriate Business continuity planning|Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

45 Dynamic infrastructure - Benefits of having dynamic infrastructures 1 – Source: Gartner – Predicts 2009: Business Continuity Management Juggles Standardization, Cost and Outsourcing Risk). / Roberta J Witty, John P Morency, Dave Russell, Donna Scott, Rober Desisto / 28 January 2009 https://store.theartofservice.com/the-business-continuity-management-toolkit.html

46 BSI Group - Standards 1 BSI produces standards on a wide range of products, services and processes; from nuts and bolts to sustainability, risk, business continuity management and nanotechnology. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

47 List of International Organization for Standardization standards - ISO 20000 – ISO 29999 1 * ISO 22301:2012 Societal security – Business continuity management systems – Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

48 Certified Internal Auditor - Practice guides 1 :*'GTAG 10:' Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

49 IT service continuity - Background 1 At the same time the need for business continuity management (BCM), including incident preparedness, disaster recovery planning, and emergency response and management, has become steadily more prevalent in developed and developing economies. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

50 IT service continuity - Background 1 IT Service Continuity is essential for many organizations in the implementation of Business Continuity Management and Information Security Management and as part of the implementation and operation information security management as well as business continuity management as specified in ISO/IEC 27001:2013 and ISO 22301:2012 respectively, it is critical to develop and implement continuity for the ICT services to help ensure business continuity. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

51 Disaster recovery plan - Off-the-shelf DRP software 1 SunGard provides a product called Continuity Management Solution that automates the disaster recovery planning process.[ http://www.sungardas.com/Solutions/Disas terRecovery/PlanningAndSoftware/Pages/ PlanningAndSoftware.aspx Planning Software: The tools you need to minimize risk and ensure continuity, Business Continuity Management Software.] SunGard Availability Services https://store.theartofservice.com/the-business-continuity-management-toolkit.html

52 BCM 1 *Business Continuity Management, an interdisciplinary peer mentoring methodology used to create a plan for recovery of a business after disaster or disruption https://store.theartofservice.com/the-business-continuity-management-toolkit.html

53 Publicly Available Specification - PAS 1 * PAS 56: Business Continuity Management System (2003) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

54 BS 25999 1 'BS 25999' was BSI Group|BSI's standard in the field of Business continuity planning|Business Continuity Management (BCM). It was withdrawn in 2012 (part 2) and 2013 (part 1) following the publication of the international standards ISO 22301 - ″Societal Security — Business continuity management systems — Requirements″ and ISO 22313 - ″Societal Security — Business continuity management systems — Guidance″ https://store.theartofservice.com/the-business-continuity-management-toolkit.html

55 BS 25999 - Structure 1 BS 25999 was a Business Continuity Management (BCM) standard published by the British Standards Institution (BSI). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

56 BS 25999 - Structure 1 * Part 1, BS 25999-1:2006 Business Continuity Management. Code of Practice, took the form of general guidance on the processes, principles and terminology recommended for BCM. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

57 BS 25999 - Structure 1 * Part 2, BS 25999-2:2007 Specification for Business Continuity Management, specified a set of requirements for implementing, operating and improving a BCM System (BCMS). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

58 BS 25999 - Other related standards 1 ASIS/BSI BCM.01:2010 Business Continuity Management Systems: Requirements with Guidance for Use. Published in December 2010 and developed jointly between ASIS and BSI for North America https://store.theartofservice.com/the-business-continuity-management-toolkit.html

59 Deloitte & Touche - Services 1 * Audit and risk management|Enterprise Risk Services: Provides the organization's traditional accounting and audit services, as well as offerings in enterprise risk management, information security|information security and privacy, data quality and integrity, project risk, business continuity management, internal auditing and IT control assurance.[https://www2.deloitte.com/global/ en/services/audit.html Assurance Advisory services] https://store.theartofservice.com/the-business-continuity-management-toolkit.html

60 ISO 27001:2005 1 # Business continuity management - protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

61 ISO 27001:2005 - How the standard works 1 * Business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

62 Certified Business Continuity Professional 1 'Certified Business Continuity Professional' ('CBCPDisaster Recovery Institute International. Certification CBCP. https://www.drii.org/certification/cbcp.php (accessed June 3, 2011).') is internationally recognized professional certification issued by the Disaster Recovery Institute for Business continuity planning|business continuity management. A certified expert must pass a detailed exam consisting of ten domains and prove his/hers experience in at least five domains for minimum two years. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

63 Chief governance officer 1 The heads of several governance-related functions may report to the CGO, including community relations / public affairs, corporate strategy, business continuity management, business performance management, compliance management[http://www.lumigent.com/execut ive_commentaries/189-c-suite-shoot-out- chief-compliance-officer-v-chief-governance- officer.html Capobianco, JH.(2010) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

64 Peter Power (crisis management specialist) - Achievements 1 He is quoted in the UK government guide, A Guide to GIS Applications in Integrated Emergency Management [http://www.cabinetoffice.gov.uk/media/132769/gis_guide_acr o6.pdf A Guide to GIS Applications in Integrated Emergency Management] and he is the author of many other advice guidebooks including the original UK government (Department of Trade and Industry) booklet Business Continuity Management - Preventing Chaos in a Crisis.[http://webarchive.nationalarchives.gov.uk/tna/+/http://w ww.dti.gov.uk/mbp/bpgt/m9ba91001/m9ba91001.pdf Business Continuity Management - Preventing Chaos in a Crisis] On 23 November 1984 Power was trapped with others on the London Underground during a serious Oxford Circus fire that started at that station and spread along the Victoria line https://store.theartofservice.com/the-business-continuity-management-toolkit.html

65 Maximum Tolerable Period of Disruption - Definition 1 The MTPOD is also known as maximum acceptable outage [http://www.riskythinking.com/glossary/maxim um_acceptable_outage.php Definition of Maximum Acceptable Outage in riskythinking.com] and maximum allowable outage,[http://www.driecentral.org/biainstructi ons.pdf Paper on BUSINESS CONTINUITY MANAGEMENT WORKSHOP at Disaster Recovery Information Exchange (DRIE) Central] in both cases the corresponding acronym is 'MAO'. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

66 Singapore Expo - Facilities 1 Singex Venues, the management company of Singapore EXPO, is the only MICE company in the world to have dual certification in Business Continuity Management (awarded by the British and Singapore standards). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

67 For More Information, Visit: https://store.theartofservice.com/th e-business-continuity- management-toolkit.html https://store.theartofservice.com/th e-business-continuity- management-toolkit.html The Art of Service https://store.theartofservice.com


Download ppt "Business Continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html."

Similar presentations


Ads by Google