Organizations across a variety of industries are turning to metrics to determine whether their programs work and if they are getting a return on their investment. Business continuity professionals are no exception. More and more, BC pros are turning to metrics to determine how effective their programs are and convey that to senior management.
Lynnda Nelson, President of The International Consortium for Organizational Resilience (ICOR),...
What's in store for business continuity in the coming year? How will this continally evolving...
Results of the Unitrends and Continuity Insights...
Brian Zawada, Director of Consulting for Avalution, discusses how to effectively user management system concepts outlined in different business continuity standards to actively engage senior management in your enterprise's continuity program.
A key element of any business continuity professional’s job description is helping the organization execute its business continuity arrangements, or as ISO 22301 calls it in Clause 8.4.3, “detecting an incident” and then activating the response. Taken one step further, ISO 22301 calls out a number of specific response-related requirements related to early warning or incident detection that organizations must consider
A new report published by the Business Continuity Institute (BCI), in association with BSI, has revealed that IT-related threats are continuing to provide the greatest concern for organizations, ranking above other threats such as natural disasters, security incidents and industrial disputes.
This perspective is the fifth in a series to discuss key elements of the ISO 22301 business continuity management system. Today we’re going to take a look at Clause 9.1.2, the standard’s requirement for evaluation of business continuity procedures.
One of the key elements of all management systems is the ability to monitor, measure and continually improve the performance of the organization. In Clause 9 – Performance evaluation, ISO 22301 provides the requirements for evaluating the BCMS and the business continuity procedures.
ISO/TR 31004:2013 provides guidance for organizations on managing risk effectively by implementing ISO 31000:2009. It provides: a structured approach for organizations to transition their risk management arrangements in order to be consistent with ISO 31000; an explanation of the underlying concepts of ISO 31000; and guidance on aspects of the principles and risk management framework that are described in ISO 31000.
While all business continuity standards require documented analysis and plans, ISO 22301 requires that organizations document procedures (to drive repeatable performance) and outcomes of the planning process (to serve as evidence). While this effort is necessary if an organization chooses to seek certification, there are several benefits organizations can achieve just by conforming to the ISO 22301 standard.
ISO 22301 is the first standard to employ the new ISO format for management systems standards, which involves a considerable amount of “templatized” management system content across 10 clauses. Because this format, language and many of the requirements are new to most business continuity professionals, it’s important to review and consider the intent associated with some of the content and concepts.
Avalution Consulting announces the achievement of organizational certification to ISO 22301, the international business continuity standard. Avalution is the first organization in the United Stated to receive this certification. Avalution was assessed and registered by BSI Group America Inc. (BSI), a leading global Certification Body.
Wednesday, May 29, 2013 3:00 PM - 4:00 PM EDT ISO 22301 is the first converged standard in the DR/BC Industry. But what does it mean to you and your organization? Where does it provide leadership and best practice, and where does it present the obvious or represent compromise? Most importantly, what aspects provide direction for opportunities to improve your program and deliver business value?Attend this session for a practical approach to embracing ISO 22301 — on your terms!
Wednesday, May 29, 2013 3:00 PM - 4:00 PM EDT ISO 22301 is the first converged standard in the DR/BC Industry. But what does it mean to you and your organization? Where does it provide leadership and best practice, and where does it present the obvious or represent compromise? Most importantly, what aspects provide direction for opportunities to improve your program and deliver business value?Attend this session for a practical approach to embracing ISO 22301 — on your terms!REGISTER TODAY
As an auditable standard, ISO 22301 is difficult to envision without significant automation for key parts of the program. Specific features are needed to affordably meet the goals of such a program. This article addresses some of the major areas requiring systems software.
In the leadup to the 11th Annual Continuity Insights Management Conference, Lynnda Nelson, President of ICOR, discusses “soft” business continuity issues, why risk management is not a panacea and the business continuity-themed supergroup: Strapperjack!
Avalution Consulting Releases White Paper On Implementing ISO 22301: The Business Continuity Management System StandardFebruary 26, 2013 9:30 am | News | Comments
Avalution’s new white paper, Implementing ISO 22301, breaks the standard down section by section, discussing what each clause means, the value it delivers, recommended approaches for alignment, and items to consider before moving forward. Whether your goal is to align to the standard or pursue certification (only if there’s a business case, of course), this white paper will serve as your road map for success.
In the leadup to the 11th Annual Continuity Insights Management Conference, Chris Needham-Bennett, owner & Managing Director of London-based Needhams 1834 Ltd, discusses the real cost of ISO22301 certification, the tsunami that struck Britain in 1607 and Theodore Roosevelt’s resilience.
RSA Archer Business Continuity Management and Operations is one of the industry’s most tightly integrated solutions designed to address business continuity, disaster recovery and crisis management. Engineered to align with BS25999, NIMS and ISO 22301, it offers a standards-based approach to business continuity planning.
The Agiliance ISO 22301 Content Pack provides the necessary framework to identify potential threats to an organization and the impacts to business operations they pose. It breaks down the processes into simple and effective steps, enabling organizations to not just create a business continuity strategy but also to manage, maintain, and continually improve the plan.
As a consultant, I have had the opportunity to work for some of the largest and most complex corporations in the world. Based on my observations over the years, both positive and negative, I would like to share some ideas that will help bring the two disciplines of BCM and ERM together to achieve real business value and improve loss avoidance.
At its heart, PS-Prep certification is a very straightforward process: Simply certify to one of the three standards chosen by DHS and you’re pretty much good to go. Unfortunately, PS-Prep is plagued by several technicalities that cause potential adopter’s eyes to glaze over faster than you can say “ANAB-accredited certifying body.” To shed some light on the program, Continuity Insights speaks with Tim Mathews, Director of Enterprise Resiliency at Educational Testing Service, about how PS-Prep can shore up supply chains, the Wal-Mart effect, accreditation roadblocks, and the special consideration for small businesses.
ICOR's BCM 5000 course provides students with the skills and knowledge to conduct and lead effective business continuity management system audits in accordance with the requirements of the standards.
Using a management system approach for your BCM program is more efficient than a siloed approach and ties it to other management systems in place in the organization. It can eliminate waste and duplication of services. It embeds BCS into the culture of the organization versus maintaining ownership with a few individuals.
Business continuity certification requires management commitment and support, a strong business case, personnel time, and financial resources in order to achieve success and deliver long-term value, so it’s important to research up front whether certification makes business sense for and would be successful within your organization.
At the 2012 Continuity Insights Management Conference, Mike Keating, VP of BCM at Reinsurance Group of America, explains that the value of ISO 22301 for his organization is not in certification but in the common language it provides business continuity professionals around the world. ICOR's Lynnda Nelson compares BS 25999 to ISO 22301, highlighting the changes to terminology such as MTPoD.
The process for obtaining PS-Prep certification is now established and companies are working to determine their readiness for a PS-Prep third-party audit. The first step in determining readiness is to identify the standard to which your organization should become certified. ICOR's Lynnda Nelson gives a side-by-side comparison of the three standards at the ehart of PS-Prep and provides background information designed to help organizations choose the most appropriate standard.
In order to tease out the most compelling — and more subtle — results from the 2011-2012 Continuity Insights & KPMG LLP Global Business Continuity Management Program Benchmarking Study, a panel of subject-matter experts reviewed and commented on the raw data collected from 685 business continuity professionals. Reactions range from “disturbing” to “encouraging.”
- Page 1