1 / 67

Business Continuity Management

Business Continuity Management. Disaster recovery Further reading. ISO/IEC 22301:2012 (replacement of BS-25999:2007) Societal Security - Business Continuity Management Systems - Requirements. Disaster recovery Further reading.

dotson
Download Presentation

Business Continuity Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Business Continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  2. Disaster recovery Further reading • ISO/IEC 22301:2012 (replacement of BS-25999:2007) Societal Security - Business Continuity Management Systems - Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  3. Disaster recovery Further reading • BS 25999-1:2006 Business Continuity Management Part 1: Code of practice https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  4. Disaster recovery Further reading • BS 25999-2:2007 Business Continuity Management Part 2: Specification https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  5. Chief governance officer • The heads of several governance-related functions may report to the CGO, including community relations / public affairs, corporate strategy, business continuity management, business performance management, compliance management / internal controls, corporate communication, corporate philanthropy, enterprise risk management, ethics management, internal audit, investor relations, legal services, stakeholder management and sustainability management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  6. Deloitte - Services • Audit and Enterprise Risk Services: Provides the organization's traditional accounting and audit services, as well as offerings in enterprise risk management, information security and privacy, data quality and integrity, project risk, business continuity management, internal auditing and IT control assurance. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  7. ISO/IEC 27002 - Outline for ISO27002:2013 • Information security aspects of business continuity management - Information security continuity and Redundancies https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  8. ISO/IEC 27002 - Outline for ISO27002:2005 • 14. Business continuity management – protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  9. ISO/IEC 27001:2013 - Structure of the standard • This structure mirrors the structure of other new management standards such as ISO 22301 (business continuity management); this helps organisations who aim to comply with multiple standards, to improve their IT from different perspectives. Annexes B and C of 27001:2005 have been removed. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  10. ISO/IEC 27001:2013 - Controls • A.17: Information security aspects of business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  11. ISO/IEC 27001:2005 • Business continuity management - protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  12. IT risk - ISO • Topic: Standard containing generally accepted guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization, including business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  13. IT risk - BSI • The standard is intended as a code of practice for business continuity management, and will be extended by a second part that should permit accreditation for adherence with the standard https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  14. Business continuity planning • In 2007, the BSI published BS 25999-2 "Specification for Business Continuity Management", which specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  15. Business continuity planning • BS 25999-2:2007 business continuity management is the British Standard for business continuity management across all organizations https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  16. Business continuity planning - Notes • Jump up ^ British Standards Institution (2006). Business continuity management-Part 1: Code of practice :London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  17. Business continuity planning - Notes • Jump up ^ British Standards Institution (2012). Societal security – Business continuity management Systems – Requirements: London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  18. Business continuity planning - International Organization for Standardization • ISO 22301:2012 Societal security - Business continuity management systems - Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  19. Business continuity planning - International Organization for Standardization • ISO 22313:2012 Societal security - Business continuity management systems - Guidance https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  20. Business continuity planning - Others • Exercising for Excellence (Delivering successful business continuity management exercises) by Crisis Solutions https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  21. Business continuity - Standards • ISO - On 15 May 2012, ISO published the International Standard ISO 22301:2012, "Societal security -- Business continuity management systems --- Requirements". A second International Standard ISO 22313, "Societal security -- Business continuity management systems – Guidance", is in the Draft International Standard (DIS) phase and is expected to be published in late 2012 or early 2013. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  22. Business continuity - Standards • In 2011, ISO published the International Standard ISO/IEC 27031:2011, Information security - Security techniques — Guidelines for information and communication technology [ICT] readiness for business continuity." This provides guidance for organization's implementing the ICT component of business continuity management. It also provides guidance in support of the business continuity elements of the information security standards, ISO/IEC 27001 and ISO/IEC 2002. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  23. Business continuity - Standards • The second, “BS 25999-2:2007 Specification for Business Continuity Management”, specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS), describing only requirements that can be objectively and independently audited https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  24. Business continuity - Standards • Australia – Published by Standards Australia HB 292-2006 : A practitioners guide to business continuity management HB 293-2006 : Executive guide to business continuity management In 2010, Standards Australia introduced their Standard AS/NZS 5050 that connects far more closely with traditional risk management practices. This interpretation is designed to be used in conjunction with AS/NZS 31000 covering risk management. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  25. Business continuity - Procedures • British Standard 25999-2 and other standards identified above provide a specification for implementing a business continuity management system within an organization. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  26. Business continuity - Planning • Planning, prevention, and preparation are a key part of any business continuity management system and have direct read across from civil contingencies planning. The activity begins with understanding the business to identify potential risks and threats to critical business activities both internally and from the external environment. It is also advisable to examine the resilience of suppliers. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  27. Institute of Internal Auditors - Practice guides • GTAG 10: Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  28. Cyber security standards - ISO 27001 • The ISO/IEC 27002 standard is arranged into eleven control areas; security policy, organizing information security, asset management, human resources security, physical and environmental security, communication and operations, access controls, information systems acquisition/development/maintenance, incident handling, business continuity management, compliance https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  29. Chartered Quality Institute - IRCA • IRCA offers certification programmes that recognise the competence of auditors who audit quality, software development, aerospace, maritime safety, pharmaceutical, food safety, environmental, information security, information technology service, occupational health and safety, social systems and business continuity management systems. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  30. Business process outsourcing - Threats • Risks and threats of outsourcing must therefore be managed, to achieve any benefits. In order to manage outsourcing in a structured way, maximizing positive outcome, minimizing risks and avoiding any threats, a Business continuity management (BCM) model is set up. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  31. Business process outsourcing - Threats • A framework for business continuity management, International Journal of Information Management 26- 2 (2006): 128- 141 https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  32. Framework Programmes for Research and Technological Development - TIMBUS Project • TIMBUS aligns digital preservation with well-established methods for enterprise risk management (ERM) and business continuity management (BCM). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  33. Threat (computer) - Threat management • Very large organizations tend to adopt business continuity management plans in order to protect, maintain and recover business-critical processes and systems. Some of these plans foreseen to set up 'computer security incident response team' (CSIRT) or 'computer emergency response team' (Computer emergency response team|CERT) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  34. Business impact analysis • In 2007, the BSI published BS 25999-2 Specification for Business Continuity Management, which specifies requirements for implementing, operating and improving a documented business continuity management system (BCMS). https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  35. Business impact analysis • This document was superseded in November 2012 by the British standard BS ISO22301:2012. (British Standards Institution, 2012) British Standards Institution (2012). Societal security – Business continuity management Systems – Requirements: London https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  36. Crisis management - Business continuity planning • Business Management: Top tips for effective, real-world Business Continuity Management) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  37. Enterprise relationship management - Velox framework • Velox ERM is a product of Technology Partnerz.[ http://www.technologypartnerz.com/eng/erm.asp ERM - Enterprise Relationship Management - Technology Partnerz Ltd] It integrates ONA - organizational network analysis,[ http://www.orgnet.com/orgnetmap.pdf Organizational Network Mapping] process re-design, IS/IT strategy, change management, supplier relationship management, customer relationship management, and risk and business continuity management into a comprehensive and simple framework that supports people and organizations in repeatably/consistently: https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  38. Chief information security officer • * Disaster recovery and business continuity management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  39. Civil Contingencies Act 2004 - Part 1: Local Arrangements for Civil Protection • Part 1 of the Act places a legal obligation upon emergency services and local authorities (defined as Category 1 responders under the Act) to assess the risk of, plan, and exercise for emergencies, as well as undertaking Business continuity Management https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  40. Emergency management - As a profession • Professional emergency managers can focus on government and community preparedness (Continuity of Operations/Continuity of Government Planning), or private business preparedness (Business continuity planning|Business Continuity Management Planning) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  41. ISO/IEC 17799 - Outline for ISO27002:2013 • #Information security aspects of business continuity management - Information security continuity and Redundancies https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  42. ISO/IEC 17799 - Outline for ISO27002:2005 • 14. Business continuity planning|Business continuity management – protecting, maintaining and recovering business-critical processes and systems https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  43. Information security policies - Risk management • *business continuity management, and https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  44. IT baseline protection - IT Baseline Protection Catalog and standards • It contains elements from BS 25999, ITIL Service Continuity Management combined with the relevant IT Baseline Protection Catalog components, and essential aspects for appropriate Business continuity planning|Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  45. Dynamic infrastructure - Benefits of having dynamic infrastructures • – Source: Gartner – Predicts 2009: Business Continuity Management Juggles Standardization, Cost and Outsourcing Risk). / Roberta J Witty, John P Morency, Dave Russell, Donna Scott, Rober Desisto / 28 January 2009 https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  46. BSI Group - Standards • BSI produces standards on a wide range of products, services and processes; from nuts and bolts to sustainability, risk, business continuity management and nanotechnology. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  47. List of International Organization for Standardization standards - ISO 20000 – ISO 29999 • * ISO 22301:2012 Societal security – Business continuity management systems – Requirements https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  48. Certified Internal Auditor - Practice guides • :*'GTAG 10:' Business Continuity Management (BCM) https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  49. IT service continuity - Background • At the same time the need for business continuity management (BCM), including incident preparedness, disaster recovery planning, and emergency response and management, has become steadily more prevalent in developed and developing economies. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

  50. IT service continuity - Background • IT Service Continuity is essential for many organizations in the implementation of Business Continuity Management and Information Security Management and as part of the implementation and operation information security management as well as business continuity management as specified in ISO/IEC 27001:2013 and ISO 22301:2012 respectively, it is critical to develop and implement continuity for the ICT services to help ensure business continuity. https://store.theartofservice.com/the-business-continuity-management-toolkit.html

More Related