Thursday, September 1, 2022

Business continuity plan

 

Often, we think business continuity plans (BCP) and disaster recovery plans (DRP) are the same. In the reality, these two are not the same. DR is a subset of BCP and focuses on how to recover once a disaster has struck. BCP is at strategy level, it will talk about plans for business continuity if there is any disaster.

Business continuity management (BCM) is a holistic management process to handle both BCP and DRP. BCM provides a framework for integrating resilience with the capability for effective responses in a manner that protects the interests of the organization’s key stakeholders. The main objective of BCM is to allow the organisation to continue to perform business operations under various conditions. BCM is the main approach to managing all aspects of BCP and DRP.

 



The following are a few widely used industrial standards and frameworks that are available for BCP.

·         ISO/IEC 27031:2011: describes the concepts and principles of information and communication technology (ICT) readiness for business continuity

·         ISO 22301:2019 Security and resilience — Business continuity management systems — Requirements

·         NIST outlines the following steps in SP 800-34

 

BCP helps organizations achieve

·         Appropriate response to emergency situations

·         Ensure safety

·         Reduced business impact

·         Resume critical business functions.

·         plan to work with the vendor for DR

·         Reduce confusion during a crisis

·         increase customer confidence.

·         It is up and running quickly after a disaster.

 

NIST SP 800-34 outlined following steps



 

Business continuity planning (BCP) entails assessing organisational risks and developing policies, plans, and procedures to mitigate their impact if they occur. The BCP focused on how to keep the organisation in business after a major disruption takes place. It is about the survivability of the organisation and making sure that critical functions can still take place even after a disaster. The goal of BCP planners is to implement a combination of policies, procedures, and processes such that a potentially disruptive event has as little impact on the business as possible. The BCP process has four major steps.

·         Project scope and planning

·         Business impact analysis

·         Continuity planning

·         Approval and implementation

 




Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)