Post on 25-Dec-2015
transcript
• Business Continuity Management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
1 ISO/IEC 22301:2012 (replacement of BS-25999:2007) Societal Security - Business Continuity Management
Systems - Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
1 BS 25999-1:2006 Business Continuity Management Part 1:
Code of practice
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery Further reading
1 BS 25999-2:2007 Business Continuity Management Part 2:
Specification
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief governance officer
1 The heads of several governance-related functions may report to the CGO,
including community relations / public affairs, corporate strategy, business continuity management, business
performance management, compliance management / internal controls,
corporate communication, corporate philanthropy, enterprise risk
management, ethics management, internal audit, investor relations, legal
services, stakeholder management and sustainability management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Deloitte - Services
1 Audit and Enterprise Risk Services: Provides the organization's traditional accounting and audit services, as well
as offerings in enterprise risk management, information security
and privacy, data quality and integrity, project risk, business
continuity management, internal auditing and IT control assurance.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27002 - Outline for ISO27002:2013
1 Information security aspects of business continuity management - Information security continuity and
Redundancies
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27002 - Outline for ISO27002:2005
1 14. Business continuity management – protecting, maintaining and recovering business-critical
processes and systems
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2013 - Structure of the standard
1 This structure mirrors the structure of other new management standards
such as ISO 22301 (business continuity management); this helps
organisations who aim to comply with multiple standards, to improve their IT from different perspectives.
Annexes B and C of 27001:2005 have been removed.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2013 - Controls
1 A.17: Information security aspects of business continuity
management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 27001:2005
1 Business continuity management - protecting, maintaining and recovering business-critical
processes and systems
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT risk - ISO
1 Topic: Standard containing generally accepted guidelines and general
principles for initiating, implementing, maintaining, and improving information security
management in an organization, including business continuity
management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT risk - BSI
1 The standard is intended as a code of practice for business continuity
management, and will be extended by a second part that should permit accreditation for adherence with the
standard
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning
1 In 2007, the BSI published BS 25999-2 "Specification for Business
Continuity Management", which specifies requirements for
implementing, operating and improving a documented business
continuity management system (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning
1 BS 25999-2:2007 business continuity management is the British Standard for business continuity management
across all organizations
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Notes
1 Jump up ^ British Standards Institution (2006). Business
continuity management-Part 1: Code of practice :London
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Notes
1 Jump up ^ British Standards Institution (2012). Societal security –
Business continuity management Systems – Requirements: London
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - International Organization for Standardization
1 ISO 22301:2012 Societal security - Business continuity management systems -
Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - International Organization for Standardization
1 ISO 22313:2012 Societal security - Business continuity management systems - Guidance
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity planning - Others
1 Exercising for Excellence (Delivering successful business continuity
management exercises) by Crisis Solutions
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1 ISO - On 15 May 2012, ISO published the International Standard ISO
22301:2012, "Societal security -- Business continuity management
systems --- Requirements". A second International Standard ISO 22313,
"Societal security -- Business continuity management systems – Guidance", is
in the Draft International Standard (DIS) phase and is expected to be
published in late 2012 or early 2013.https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1 In 2011, ISO published the International Standard ISO/IEC 27031:2011, Information security - Security
techniques — Guidelines for information and communication technology [ICT]
readiness for business continuity." This provides guidance for organization's implementing the ICT component of
business continuity management. It also provides guidance in support of the business continuity elements of the
information security standards, ISO/IEC 27001 and ISO/IEC 2002.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1 The second, “BS 25999-2:2007 Specification for Business Continuity
Management”, specifies requirements for implementing, operating and
improving a documented business continuity management system
(BCMS), describing only requirements that can be objectively and
independently audited
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Standards
1 Australia – Published by Standards Australia HB 292-2006 : A practitioners
guide to business continuity management HB 293-2006 : Executive
guide to business continuity management In 2010, Standards
Australia introduced their Standard AS/NZS 5050 that connects far more
closely with traditional risk management practices. This interpretation is designed
to be used in conjunction with AS/NZS 31000 covering risk management.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Procedures
1 British Standard 25999-2 and other standards identified above provide a
specification for implementing a business continuity management
system within an organization.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business continuity - Planning
1 Planning, prevention, and preparation are a key part of any business continuity
management system and have direct read across from civil contingencies planning. The activity begins with
understanding the business to identify potential risks and threats to critical
business activities both internally and from the external environment. It is also advisable to examine the resilience of
suppliers.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Institute of Internal Auditors - Practice guides
1 GTAG 10: Business Continuity Management (BCM)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Cyber security standards - ISO 27001
1 The ISO/IEC 27002 standard is arranged into eleven control areas; security
policy, organizing information security, asset management, human resources security, physical and environmental
security, communication and operations, access controls, information
systems acquisition/development/maintenance, incident handling, business continuity
management, compliancehttps://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chartered Quality Institute - IRCA
1 IRCA offers certification programmes that recognise the competence of
auditors who audit quality, software development, aerospace, maritime safety, pharmaceutical, food safety, environmental, information security,
information technology service, occupational health and safety,
social systems and business continuity management systems.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business process outsourcing - Threats
1 Risks and threats of outsourcing must therefore be managed, to achieve any benefits. In order to
manage outsourcing in a structured way, maximizing positive outcome, minimizing risks and avoiding any
threats, a Business continuity management (BCM) model is set up.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business process outsourcing - Threats
1 A framework for business continuity management, International Journal of
Information Management 26- 2 (2006): 128- 141
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Framework Programmes for Research and Technological Development - TIMBUS Project
1 TIMBUS aligns digital preservation with well-established methods for enterprise risk management (ERM)
and business continuity management (BCM).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Threat (computer) - Threat management
1 Very large organizations tend to adopt business continuity management plans
in order to protect, maintain and recover business-critical processes and systems. Some of these plans foreseen to set up 'computer security incident response team' (CSIRT) or 'computer
emergency response team' (Computer emergency response team|CERT)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business impact analysis
1 In 2007, the BSI published BS 25999-2 Specification for Business
Continuity Management, which specifies requirements for
implementing, operating and improving a documented business
continuity management system (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Business impact analysis
1 This document was superseded in November 2012 by the British
standard BS ISO22301:2012. (British Standards Institution, 2012) British
Standards Institution (2012). Societal security – Business continuity
management Systems – Requirements: London
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Crisis management - Business continuity planning
1 Business Management: Top tips for effective, real-world Business Continuity Management)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Enterprise relationship management - Velox framework
1 Velox ERM is a product of Technology Partnerz.[
http://www.technologypartnerz.com/eng/erm.asp ERM - Enterprise Relationship Management - Technology Partnerz Ltd] It integrates ONA -
organizational network analysis,[ http://www.orgnet.com/orgnetmap.pdf
Organizational Network Mapping] process re-design, IS/IT strategy, change management, supplier relationship management, customer
relationship management, and risk and business continuity management into a
comprehensive and simple framework that supports people and organizations in
repeatably/consistently:https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief information security officer
1 * Disaster recovery and business
continuity management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Civil Contingencies Act 2004 - Part 1: Local Arrangements for Civil Protection
1 Part 1 of the Act places a legal obligation upon emergency services
and local authorities (defined as Category 1 responders under the
Act) to assess the risk of, plan, and exercise for emergencies, as well as
undertaking Business continuity Management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Emergency management - As a profession
1 Professional emergency managers can focus on government and
community preparedness (Continuity of Operations/Continuity of
Government Planning), or private business preparedness (Business
continuity planning|Business Continuity Management Planning)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 17799 - Outline for ISO27002:2013
1 #Information security aspects of business continuity management - Information security continuity and
Redundancies
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO/IEC 17799 - Outline for ISO27002:2005
1 14. Business continuity planning|Business continuity management –
protecting, maintaining and recovering business-critical
processes and systems
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Information security policies - Risk management
1 *business continuity management, and
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT baseline protection - IT Baseline Protection Catalog and standards
1 It contains elements from BS 25999, ITIL Service Continuity Management
combined with the relevant IT Baseline Protection Catalog
components, and essential aspects for appropriate Business continuity
planning|Business Continuity Management (BCM)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Dynamic infrastructure - Benefits of having dynamic infrastructures
1 – Source: Gartner – Predicts 2009: Business Continuity Management Juggles Standardization, Cost and
Outsourcing Risk). / Roberta J Witty, John P Morency, Dave Russell, Donna
Scott, Rober Desisto / 28 January 2009
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BSI Group - Standards
1 BSI produces standards on a wide range of products, services and
processes; from nuts and bolts to sustainability, risk, business continuity management and
nanotechnology.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
List of International Organization for Standardization standards - ISO 20000 – ISO 29999
1 * ISO 22301:2012 Societal security – Business continuity management systems –
Requirements
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Certified Internal Auditor - Practice guides
1 :*'GTAG 10:' Business Continuity Management (BCM)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT service continuity - Background
1 At the same time the need for business continuity management
(BCM), including incident preparedness, disaster recovery
planning, and emergency response and management, has become
steadily more prevalent in developed and developing economies.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
IT service continuity - Background
1 IT Service Continuity is essential for many organizations in the implementation of Business Continuity Management and
Information Security Management and as part of the implementation and operation information security management as well as business continuity management as specified in ISO/IEC 27001:2013 and ISO 22301:2012 respectively, it is critical to
develop and implement continuity for the ICT services to help ensure business
continuity.https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Disaster recovery plan - Off-the-shelf DRP software
1 SunGard provides a product called Continuity Management Solution that
automates the disaster recovery planning process.[
http://www.sungardas.com/Solutions/DisasterRecovery/PlanningAndSoftware/
Pages/PlanningAndSoftware.aspx Planning Software: The tools you need to minimize risk and ensure continuity,
Business Continuity Management Software.] SunGard Availability Services
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BCM
1 *Business Continuity Management, an interdisciplinary peer mentoring methodology used to create a plan
for recovery of a business after disaster or disruption
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Publicly Available Specification - PAS
1 * PAS 56: Business Continuity Management System (2003)
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999
1 'BS 25999' was BSI Group|BSI's standard in the field of Business
continuity planning|Business Continuity Management (BCM). It was withdrawn in 2012 (part 2) and 2013 (part 1) following
the publication of the international standards ISO 22301 - ″Societal Security
— Business continuity management systems — Requirements″ and ISO 22313 - ″Societal Security — Business continuity
management systems — Guidance″
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
1 BS 25999 was a Business Continuity Management (BCM) standard
published by the British Standards Institution (BSI).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
1 * Part 1, BS 25999-1:2006 Business Continuity Management. Code of Practice, took the form of general
guidance on the processes, principles and terminology recommended for
BCM.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Structure
1 * Part 2, BS 25999-2:2007 Specification for Business Continuity
Management, specified a set of requirements for implementing, operating and improving a BCM
System (BCMS).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
BS 25999 - Other related standards
1 ASIS/BSI BCM.01:2010 Business Continuity Management Systems:
Requirements with Guidance for Use. Published in December 2010 and
developed jointly between ASIS and BSI for North America
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Deloitte & Touche - Services
1 * Audit and risk management|Enterprise Risk Services: Provides the organization's
traditional accounting and audit services, as well as offerings in enterprise risk
management, information security|information security and privacy, data
quality and integrity, project risk, business continuity management, internal auditing
and IT control assurance.[https://www2.deloitte.com/global/en/services/audit.html Assurance Advisory
services]
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO 27001:2005
1 # Business continuity management - protecting, maintaining and recovering business-critical
processes and systems
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
ISO 27001:2005 - How the standard works
1 * Business continuity management
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Certified Business Continuity Professional
1 'Certified Business Continuity Professional' ('CBCPDisaster Recovery Institute International. Certification CBCP.
https://www.drii.org/certification/cbcp.php (accessed June 3, 2011).') is internationally recognized professional certification issued
by the Disaster Recovery Institute for Business continuity planning|business
continuity management. A certified expert must pass a detailed exam consisting of
ten domains and prove his/hers experience in at least five domains for minimum two
years.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Chief governance officer
1 The heads of several governance-related functions may report to the CGO, including
community relations / public affairs, corporate strategy, business continuity management, business performance
management, compliance management[http://www.lumigent.com/executive_commentaries/189-c-suite-shoot-out-
chief-compliance-officer-v-chief-governance-officer.html Capobianco, JH.
(2010)https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Peter Power (crisis management specialist) - Achievements
1 He is quoted in the UK government guide, A Guide to GIS Applications in Integrated Emergency Management
[http://www.cabinetoffice.gov.uk/media/132769/gis_guide_acro6.pdf A Guide to GIS Applications in Integrated
Emergency Management] and he is the author of many other advice guidebooks including the original UK
government (Department of Trade and Industry) booklet Business Continuity Management - Preventing Chaos in
a Crisis.[http://webarchive.nationalarchives.gov.uk/tna/+/h
ttp://www.dti.gov.uk/mbp/bpgt/m9ba91001/m9ba91001.pdf Business Continuity Management -
Preventing Chaos in a Crisis] On 23 November 1984 Power was trapped with others on the London
Underground during a serious Oxford Circus fire that started at that station and spread along the Victoria line
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Maximum Tolerable Period of Disruption - Definition
1 The MTPOD is also known as maximum acceptable outage
[http://www.riskythinking.com/glossary/maximum_acceptable_outage.php
Definition of Maximum Acceptable Outage in riskythinking.com] and
maximum allowable outage,[http://www.driecentral.org/biains
tructions.pdf Paper on BUSINESS CONTINUITY MANAGEMENT WORKSHOP
at Disaster Recovery Information Exchange (DRIE) Central] in both cases the corresponding acronym is 'MAO'.
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
Singapore Expo - Facilities
1 Singex Venues, the management company of Singapore EXPO, is the only MICE company in the world to have dual certification in Business
Continuity Management (awarded by the British and Singapore standards).
https://store.theartofservice.com/the-business-continuity-management-toolkit.html
For More Information, Visit:
• https://store.theartofservice.com/the-business-continuity-management-toolkit.html
The Art of Servicehttps://store.theartofservice.com