BCM is a holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause, and which provides a framework for building organizational resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities
Recent natural disasters, environmental accidents, technology mishaps and man-made crises have demonstrated that severe incidents can and will happen, impacting the public and private sectors alike. The challenge goes beyond providing an emergency response plan or using disaster management strategies that were previously used.
Organizations of all sizes and types should now engage in a comprehensive and systematic process of prevention, protection, preparedness, mitigation, response for business continuity and recovery. It is no longer enough to draft a response plan that anticipates and minimizes the consequences of naturally, accidentally, or intentionally caused disruptions, but rather organizations must also take adaptive and proactive measures to reduce the likelihood of a disruption.
Today’s threats require the creation of an on-going, managed process that ensures the survival and sustainability of an organization’s core activities before, during, and after a disruptive event.
The ability of an organization to recover from a disaster is directly related to the degree of business continuity planning that has taken place BEFORE the disaster. Studies show that two out of five businesses that experience a disaster will go out of business within five years of the event.
Business continuity plans are critical to the continuous operation of all types of businesses. More importantly, these plans are assuming increased importance as companies become increasingly reliant on technology to do business. Despite this clear message that downtime is disastrous, Gartner research shows that less than 30 percent of Fortune 2000 companies have invested in a full business continuity plan. The reason for this oversight may simply be that the technical challenges seem to be too daunting. Or perhaps the cost of implementation is perceived as too great. All of these are viable concerns, but they can be addressed with business continuity solutions.
ISO 22301, the world’s first international standard for Business Continuity Management (BCM), has been developed to help organizations minimize the risk of such disruptions. ISO has officially launched ISO 22301, “Societal security - Business continuity management systems – Requirements”, the new international standard for Business Continuity Management System (BCMS).
This standard will replace the current British standard BS 25999.
Key Elements for ISO 22301:2012
Establishing And Managing The BCMS
To define the boundaries of the BCMS, and to ensure that objectives are clearly stated, understood and communicated, top management’s commitment to BCM is demonstrated, resources are allocated and those with BCM responsibilities are competent to perform their roles.
Embedding BCM In The Organization’s Culture
To ensure that the organization embeds business continuity into its routine operations and management processes, regardless of its size or the sector within which it operates.
BCMS Documentation And Records
To provide clear evidence of the effective operation of the BCMS and the organization’s implementation of BCM.
Understanding The Organization
To enable the organization to identify the critical activities and resources needed to support its key products and services, understand the threats to them and choose appropriate risk treatments.
Determining Business Continuity Strategy
To identify BCM arrangements that will enable the organization to recover its critical activities within their recovery time objectives.
Developing And Implementing A BCM Response
To enable the organization to develop and implement appropriate BCM plans and arrangements to manage any incident and continue its critical activities.
Exercising, Maintaining And Reviewing BCM Arrangements
To verify the ongoing effectiveness of the BCM arrangements and to provide greater assurance following an incident those critical activities will be recovered as required.
Monitoring And Reviewing The BCMS
To ensure that management monitor and review the effectiveness and efficiency of the BCMS, review the appropriateness of the business continuity policy, objectives and scope, and determine and authorize actions for remediation and improvement.
Maintaining And Improving The BCMS
To maintain and improve the effectiveness and efficiency of the BCMS by taking preventive and corrective actions, as determined by the management review.
It is the latest standard
Any organization – large or small, for profit or non-profit, private or public. The standard is conceived in such a way that it is applicable to any size or type of organization
DRIVERS FOR CERTIFICATION
When implemented properly, business continuity management will decrease the possibility of a disruptive incident, and if such incident occurs an organization will be ready to respond in an appropriate way, and thus drastically decrease the potential damage of such incident. It provides you with a powerful outline based on international best practices on how to manage business continuity. Following certification, your organisation will be better equipped to:
Safeguard key assets and maintain your reputation
Identify impacts of operational disruption and crucial improvements
Encourage cross-team collaboration
Reap cost benefits from reduced insurance premiums
Demonstrate commitment to key stakeholders
Gain a competitive advantage against competitors in case of a major industrial crisis
All in all it enables your organisation to stick to your promises even facing a crisis, and maintain delivery of products or services.