Business Continuity Management
Published in 2008
Book
Paperback/Softback
40 pages
978-0-89413-623-8 (ISBN)
Description
This GTAG focuses on how business continuity management (BCM) is designed to enable business leaders to manage the level of risk the organization could potentially encounter if a natural or man-made disruptive event that affects the extended operability of the organization were to occur. The guide includes disaster recovery planning for continuity of critical information technology infrastructure and business application systems.
Chief audit executives CAEs have been challenged to educate corporate executives on the risks, controls, costs, and benefits of adopting a BCM program. Although it is true that recent disasters around the world have motivated some corporate leaders to give attention to BCM programs, the implementation of such programs is far from universal. The key challenge is engaging corporate executives to make BCM a priority. Although most executives are likely to agree that BCM is a good idea, many will struggle to find the budget necessary to fund the program as well as an executive sponsor that has the time to ensure its success.
Business Continuity Management will help the CAE communicate business continuity risk awareness and support management in its development and maintenance of a BCM program.
This document is also available in PDF format.
Chief audit executives CAEs have been challenged to educate corporate executives on the risks, controls, costs, and benefits of adopting a BCM program. Although it is true that recent disasters around the world have motivated some corporate leaders to give attention to BCM programs, the implementation of such programs is far from universal. The key challenge is engaging corporate executives to make BCM a priority. Although most executives are likely to agree that BCM is a good idea, many will struggle to find the budget necessary to fund the program as well as an executive sponsor that has the time to ensure its success.
Business Continuity Management will help the CAE communicate business continuity risk awareness and support management in its development and maintenance of a BCM program.
This document is also available in PDF format.
More details
Content
1. Executive Summary
2. Introduction
BCM Definition
Crisis Management Planning
Disaster Recovery of IT
3. Building a Business Case
4. Business Risks
Common Disaster Scenarios
Common Disaster Impacts
5. BCM Requirements
Management Support
A. Senior Management Support
B. Business Unit Management Support
Risk Assessment and Risk Mitigation
A. Examples of Disruptive Events
B. Assessing the Impact of Disruptive Events
C. Developing Risk Mitigation Strategies
Business Impact Analysis
A. Identifying the Business Processes
B. Determining RTO and RPO Based on Business Impact
C. Identifying the Other Parties and Physical Resources
D. Obtaining Sponsor and Manager Approval of BIA
Business Recovery and Continuity Strategy
A. Staffing Recovery Activities
B. Alternative Sourcing of Critical Functions
C. Alternative Offices Needed for Recovery Activities
D. Planning to Transition Back to Normal Operations
Disaster Recovery for IT
A. Considerations when Selecting DRP Strategies
B. Recovery Solutions and Recovery Sites
Awareness and Training
Maintenance of the BCM Program
Exercise of the Business Continuity
A. Types of Exercises
B. Exercise Frequency
Crisis Communications
Coordination with External Agencies
6. Emergency Response
7. Crisis Management
8. Conclusion/Summary
9. Appendix
Sample BCP Audit Guide
BCM Standards and Guidelines
BCM Capability Maturity Model
10. Glossary
2. Introduction
BCM Definition
Crisis Management Planning
Disaster Recovery of IT
3. Building a Business Case
4. Business Risks
Common Disaster Scenarios
Common Disaster Impacts
5. BCM Requirements
Management Support
A. Senior Management Support
B. Business Unit Management Support
Risk Assessment and Risk Mitigation
A. Examples of Disruptive Events
B. Assessing the Impact of Disruptive Events
C. Developing Risk Mitigation Strategies
Business Impact Analysis
A. Identifying the Business Processes
B. Determining RTO and RPO Based on Business Impact
C. Identifying the Other Parties and Physical Resources
D. Obtaining Sponsor and Manager Approval of BIA
Business Recovery and Continuity Strategy
A. Staffing Recovery Activities
B. Alternative Sourcing of Critical Functions
C. Alternative Offices Needed for Recovery Activities
D. Planning to Transition Back to Normal Operations
Disaster Recovery for IT
A. Considerations when Selecting DRP Strategies
B. Recovery Solutions and Recovery Sites
Awareness and Training
Maintenance of the BCM Program
Exercise of the Business Continuity
A. Types of Exercises
B. Exercise Frequency
Crisis Communications
Coordination with External Agencies
6. Emergency Response
7. Crisis Management
8. Conclusion/Summary
9. Appendix
Sample BCP Audit Guide
BCM Standards and Guidelines
BCM Capability Maturity Model
10. Glossary