Assign responsibility and authority for your BCMS. Planning 6. Specify actions to manage your risks and address your opportunities. Set business continuity objectives and develop plans to achieve them. Support 7.
|Published (Last):||6 December 2004|
|PDF File Size:||18.89 Mb|
|ePub File Size:||17.15 Mb|
|Price:||Free* [*Free Regsitration Required]|
Assign responsibility and authority for your BCMS. Planning 6. Specify actions to manage your risks and address your opportunities. Set business continuity objectives and develop plans to achieve them. Support 7. Support your BCMS by providing the necessary resources. Support your BCMS by making sure that people are competent. Support your BCMS by making people aware of their responsibilities.
Support your BCMS by establishing communication procedures. Support your BCMS by managing all relevant information. Provide the information and documents that your BCMS needs.
Supervise the creation and modification of BCMS documents. Operation 8. Carry out process planning and establish controls. Study disruptions and risks and set your priorities. Establish a process to analyze impacts and assess risks. Evaluate and set business continuity and recovery priorities. Assess risks and identify risk treatment options.
Develop a business continuity strategy to handle disruptions. Use impact analysis and risk assessment to develop strategy. Identify the resources that you need to implement strategy. Select and implement risk treatment measures to manage risks.
Establish and implement business continuity plans and procedures. Establish disruption and continuity management procedures.
Establish an incident response structure and procedures. Establish disruption warning and communication procedures. Establish incident response and business continuity procedures. Establish suitable business recovery and restoration procedures.
ISO 27001 - Annex A.17: Information Security Aspects of Business Continuity Management
There was a growing recognition, however, that this needed to become a business-led process and encompass preparing for many forms of disruption. In light of this, the discipline became known as business continuity management BCM. As governments and regulators began to recognize the role of business continuity in mitigating the effects of disruptive incidents on society, they increasingly sought to gain assurance that key players had appropriate business continuity arrangements in place. Similarly, businesses recognized their dependence on each other and sought assurance that key suppliers and partners would continue to provide key products and services, even when incidents occurred. In the UK, BS was introduced to provide a management systems standard to which organizations could obtain accredited certification for the first time. The new standard is the result of significant global interest, cooperation and input.
Business continuity - ISO 22301 when things go seriously wrong
ISO - Annex A. Annex A. Lets understand those requirements and what they mean in a bit more depth now. Despite that effort, more significant disruptive incidents may still happen so planning for them is important.