IT Security, Policy and Standards, Risk Assessment and Management, Operational, Management, and Technical Controls

Home

Sample Assessment Reports

Inventory Form

Incident Report Form

Emergency Contacts

Key Personel

IT Security Quiz

Tools & Techniques

SECURITY WEB SITES
BUSINESS CONTINUITY MANAGEMENT
Preventing and avoiding incidents from which your company cannot quiclky recover!

Overview
Business Continuity Management (BCM) is an Enterprise-wide system established to proactively prevent disruptions to an organization and/or its mission and to ensure that the organization will quickly recover from disruptive incidents. Business Continuity Planning (BCP), the steps taken to implement a BCM program, calls upon disciplines such as Risk and Contingency Management, Security Awareness, and the development of relevant organizational Policies Standards, and Guidelines to support the BCM system.

Components of a BCM progam should include - but not limited to - Business Impact Analysis (BIA); Contingency/Disaster Recovery Planning; Test, Training, and Exercise (TT&E); Event and Crisis Management; Risk Avoidance and Mitigation; and Preventive Controls.

Why a BCM Program
It is the responsibility of business managers and owners to ensure that the organization is able to function with minumum disruption to the organization or its mission. Business owners and managers must accept a well known fact: There is no such thing as a risk free operation! Things happen! Information and data disappear! Equipment fail! Employees and contractors become disgruntled! An effective and efficient BCM program is capable of reacting to mishaps and restoring normal operations with minimum loss of business.

Benefits
The BCM system identifies and analyzes the impact of an incident ensuring rapid recovery of applications and systems. This is where BCM and risk management intersect. Risk management focus on key products, services, and/or assets often with concepts and techniques such as business impact analysis (BIA). The BIA will measure and anticipate the business loss based on the incident (e.g., loss of a server, network, key personnel, building, etc.).

Additionally, an effective BCM program includes a Contingency Management plan with key personnel, backup systems, alternate sites and/or operations to minimize down time. An important facet of BCM and its supporting systems is the ability to identify and value assets. Finally, the BCM is a living entity. Its structure and organization (i.e., supporting systems and applications) must be kept up-to-date to reflect changes in the organization, its assets, and the environment (e.g., dependent and interdependent systems and applications).

Why You Need Our Product | Where Our Product Fits | PURCHASE PRODUCT