Business Continuity Management (BCM) is an elaborate exercise which ensures the continuance of mission critical business processes in spite of interruptions. In line with BCM, BS 25999-1 is a formal standard (code of practice) released by the British Standards Institute. It provides guidelines on the system, response strategies, maintenance, improvements, and implementation of business continuity plans. BS 25999-2 provides the requirements for a Business Continuity Management System (BCMS) based on BCM best practice.
new Consulting provides services to plan, design, implement, and test business continuity plans. NII follows a phased approach to design a Business Continuity Management System (BCMS) as per BS 25999 for an organization.
Benefits of Implementing Business Continuity Management
Some of the benefits of implementing the BS 25999 standard are as follows:
- Provides stakeholders with assurance that risks from potential disasters have been reasonably mitigated
- Provides company personnel with proper procedures in case of disaster
- Ensures a faster and more effective recovery of business operations
- Reduces risk of business and infrastructure loss
- Provides insurance underwriters evidence that the company has properly assessed the risks of conducting business
- Attain the BS 25999 certification
- Ensure compliance with standards such as ISO 27001
NII follows a phased approach to design a Business Continuity Management System (BCMS) as per BS 25999 for an organization. The phases are outlined below.
- We begin with understanding the business and mission critical activities and single point of failures
- Next we carry out a Business Impact Analysis (BIA)
- We then carry out a Risk/Threat Analysis to identify single point of failures and critical dependencies
- Next comes identifying a suitable BCM strategy which can be implemented at various levels in the organization
- An integral part of the approach is the Response phase. Here, the new team will help develop and implement a business continuity management response based on the Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO)
- Next comes the BCM Training and Awareness session which will help all the employees to get aquainted to the BCM
- Finally, the whole BCP is put to test and different types of walkthroughs and simulations are conducted. The BCM is evaluated and improved upon on the basis of the results from these tests/audits