Home
Risk Assessment
Risk Management
Sample Assessment Reports
Incident Report Form
Emergency Contacts
Key Personnel
IT Security Quiz
Tools & Techniques
Contact Us
IT Security Risk Management (ITSRM)
BUSINESS CONTINUITY MANAGEMENT
Preventing and avoiding incidents from which your company cannot quickly recover!
Overview
Business Continuity Management (BCM) is an Enterprise-wide concept established to proactively prevent disruptions to an organization and/or its mission and to ensure that the organization will quickly recover from disruptive incidents.  Business Continuity Planning (BCP), the steps taken to implement a BCM program, calls upon disciplines such as Risk and Contingency Management, Security Awareness, and the development of relevant organizational Policies Standards, and Guidelines to support the BCM system.  Components of a BCM program should include - but not limited to - Business Impact Analysis (BIA); Contingency/Disaster Recovery Planning; Test, Training, and Exercise (TT&E); Event and Crisis Management; Risk Avoidance and Mitigation; and Preventive Controls.

Why a BCM Program
It is the responsibility of business managers and owners to ensure that the organization is able to function with minimum disruption to the organization or its mission.  Business owners and managers must accept a well known fact:  There is no such thing as a risk free operation!  Things happen!  Information and data disappear!  Equipment fail!  Employees and contractors become disgruntled!  An effective and efficient BCM program is capable of reacting to mishaps and restoring normal operations with minimum loss of business.

Benefits
The BCM system identifies and analyzes the impact of an incident ensuring rapid recovery of applications and systems.  This is where BCM and risk management intersect.  Risk assessment and risk management focus on key products, services, and/or assets often with concepts and techniques such as threat and vulnerability, event likelihood, and business impact analysis (BIA).  The BIA will measure and anticipate the business loss based on the incident (e.g., loss of a server, network, key personnel, building, etc.). 

Additionally, an effective BCM program includes a Contingency Management plan with key personnel, backup systems, alternate sites and/or operations to minimize down time.  An important facet of BCM and its supporting systems is the ability to identify and value assets.  Finally, the BCM is a living entity.  Its structure and organization (i.e., supporting systems and applications) must be kept up-to-date to reflect changes in the organization, its assets, and the environment (e.g., dependent and interdependent systems and applications).
Security Begins and Ends with You!

  Why You Need Our Product    |    Where Our Product Fits   |   PURCHASE PRODUCT