ISO22301: 2019 - An introduction to a business continuity management system (BCMS)
eBook - ePub

ISO22301: 2019 - An introduction to a business continuity management system (BCMS)

  1. 38 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

ISO22301: 2019 - An introduction to a business continuity management system (BCMS)

Book details
Book preview
Table of contents
Citations

About This Book

In an increasingly volatile world, exemplified by the 2020 COVID-19 pandemic, organisations are looking at business continuity with a fresh perspective. While most organisations believe they are prepared for disruption, COVID-19 has proved otherwise. The need for business continuity has never been clearer.

If you were hit by a cyber attack and lost the use of your IT systems, would you be able to carry on? If your business premises were forced to close, what would you do? If you were affected by unexpected staff absence, how could you reassure your customers that you can still offer them the service they expect?

Being unprepared can lead to financial and reputational damage, which could prove disastrous. You could fail to keep up with customer demand or lose important business, or your customers could go elsewhere. Without a proper risk assessment strategy, your company directors could even face prosecution if a major incident occurs and results in loss or injury.

An introduction to ISO 22301

To minimise the impact of a disaster on your business, and to continue to provide essential services to your customers, you need to put in place a BCMS (business continuity management system). This pocket guide will help you understand the basics of business continuity and ISO 22301: 2019, the international standard that describes the specification for a BCMS.

It covers:

  • What business continuity is;
  • Key terms and definitions;
  • A brief history of business continuity management;
  • The BCMS;
  • ISO 22301 BCMS requirements;and
  • Certification

ISO 22301: 2019 - An introduction to a business continuity management system (BCMS) provides an easy-to-read and straightforward introduction to a BCMS that business continuity managers, compliance managers, C-suites and disaster recovery planners – or any organisation implementing, or considering implementing, an ISO 22301 BCMS – will find valuable.

Frequently asked questions

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access ISO22301: 2019 - An introduction to a business continuity management system (BCMS) by Alan Calder in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.

Information

Publisher
ITGP
Year
2020
ISBN
9781787782297
Topic
Computer Science
Subtopic
Computer Science General
Index
Computer Science

CHAPTER 1: WHAT IS BUSINESS CONTINUITY?

In any organisational endeavour, be it a business, public body or not-for-profit organisation, a key factor of success is that it can operate without being interrupted by unforeseen factors. To do this, organisations develop contingencies to ensure that resources and productivity are not disrupted by everyday events.
Everyday events are one thing – significant disruptive incidents are quite another. Most contingencies are developed on an intuitive basis and are intended to deal with short-term problems; when the problems are longer term, or of a scale or nature not anticipated by the designer, they often fall short of what is needed to ensure continued operation, putting the organisation at risk.
Business continuity management is a systematic process of risk management and planning designed to ensure that an organisation can quickly return to an acceptable level of service after a disruptive incident.

Why does business continuity matter?

Many people regard business continuity as a form of risk management or insurance; a means of ensuring that, if something goes wrong, there is a way of limiting or even eliminating the impact.
However, there are other important reasons, outlined below, why organisations should have a business continuity management programme.

Licence to operate

Most businesses are allowed to do what they do provided they operate within the law. However, many public bodies and an increasing number of businesses (for example, in the financial sector) operate under some form of licence, permission or authority that could, under certain circumstances, be withdrawn.
For many, this can be considered an operational risk, and a risk to operations is a risk to the organisation’s ability to continue to function. Critically, each organisation must decide, as a matter of policy, whether risks associated with its licence to operate should be included within the scope of its BCMS (policy and scope are described in more detail in chapter 4).

Competitive edge

As the risk of suppliers falling victim to operational issues becomes more visible, many organisations are seeking formal assurance that their suppliers will be able to continue supplying them in the event of a disruptive incident. Operational resilience is a common requirement in supplier due diligence processes (alongside other criteria including financial stability, quality management systems and information security), yet many organisations still treat it as an afterthought.
The existence of a recognised business continuity standard provides a real benchmark against which organisations can satisfy themselves as to their suppliers’ operational resilience. For suppliers, this means that having a BCMS that complies with – or, better still, is certified to – ISO 22301 can amount to a significant competitive advantage.

Insurance

Many organisations have business interruption cover as part of their business insurance portfolio. This cover will usually compensate the organisation for loss of profit in the event of an interruption for a period called the ‘indemnity period’, which can range from just a few months up to one or two years.
Unfortunately, interruption cover does not compensate for any loss outside of the indemnity period, rarely includes major events such as terrorism or pandemic threats as a matter of course (at least, not without paying an additional premium), and does not compensate for the loss of future business that so frequently follows a major disruption. Even if you are compensated for the earnings lost during the disruption, the customers you lose are unlikely to return.
While useful, business interruption cover usually comes at a significant cost to the organisation, and rarely offers much protection against a truly serious disruption. While insurance remains an important component of any organisation’s resilience in the face of operational risks and interruptions, it should always be seen as complementary to business continuity management (BCM), not as a substitute. The existence of a BCMS, however, often provides an opportunity to reduce the amount of cover that is needed and, therefore, the insurance premium.

Corporate governance

Corporate governance is frequently referred to as a reason for ‘doing’ business continuity, but often without a proper explanation of its significance.
The UK Corporate Governance Code 2018 includes a requirement to “monitor the company’s risk management and internal control systems and, at least annually, carry out a review of their effectiveness and report on that review in the annual report”.2
The Guidance on Risk Management, Internal Control and Related Financial and Business Reporting (which provides specific guidance on compliance with the Corporate Governance Code), while focusing significantly on financial controls, is clear that the organisation must ensure it is able to “respond appropriately to risks and significant control failures and to safeguard its assets”.3
While neither the letter of the Corporate Governance Code nor the Guidance state that listed companies or...

Table of contents

  1. Cover
  2. Title
  3. Copyright
  4. Contents
  5. Introduction
  6. Chapter 1: What is business continuity?
  7. Chapter 2: Terms and definitions
  8. Chapter 3: A brief history of business continuity management
  9. Chapter 4: The business continuity management system
  10. Chapter 5: ISO 22301 – BCMS – Requirements
  11. Chapter 6: Certification
  12. Further reading