|
The recent release of part two of the British Standard for Business Continuity Management (BS25999) has given planners another avenue to explore when designing their business continuity program. The British Standards Institution (BSI) released the second part of BS25999 in late October 2007 and it has been well received by global organizations. BS25999 actually includes two standards, BS25999-1 and BS25999-2. The first was released in 2006 and addresses practices and policies; the second specifies procedures for business continuity management. The standard’s intent is to provide guidelines for implementing business continuity management within an organization. According to BSI, BS25999 is the world’s first internationally recognized standard for Business Continuity Management (BCM). It includes requirements covering the whole BCM lifecycle, based on BCM best practices. The standard has garnered much attention from businesses around the world. It has become the most downloaded standard from the BSI website. In fact, thousands of companies in the United Kingdom are implementing BS25999. The basic intent of the standard is to provide best practices for an organization’s personnel, infrastructure and information technology in order to get back in business with minimal disruption if disaster strikes. While it may seem this is similar to other standards in the market, there are some notable differences. “BS25999 is unlike other directives, policies or standards that are prescriptive in nature,” said Bob Reilly, senior associate at Booz Allen Hamilton. “It is a management standard that audits processes and procedures to establish and maintain a continuity program.” Those who complete the BS25999 procedures can apply for certification through BSI. External auditors will evaluate an organization’s business continuity management process. If certification is achieved, it can provide suppliers, investors and clients assurance that rigorous methods will be used to protect the organization in the event of a disruption. “The standard audits continuous process improvement and compliance to corporate policies, unlike other certifications or audits that just represent a snap-shot in time,” said Reilly. According to the BSI website, the auditors will be looking for documented evidence that processes are in place and will bring technical experts with them to ask why particular decisions were made. Whether the BS25999 standard becomes a hit in North America remains to be seen. Organizations who are interested should discern the differences between this standard and others that are available on the market and make decisions on what, if any, works best in their organization. For further input and comparison on the BS25999 standard, visit the ongoing discussion at www.drj.com. |
Upcoming Events
- No events.
|
Just as with the Y2K crisis of seven years ago, IT workers are being
called upon to don superhero suits and save the enterprise from
impending technology trouble. But this time, IT will be sifting through
the complexities of the federal Sarbanes-Oxley Act of 2002
Will your SMB be Ready?
|
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Dec | Feb » | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
Monthly Archives
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
January 31st, 2008
This entry was posted
on Thursday, January 31st, 2008 at 12:18 pm and is filed under BS 25999, Business Continuity Management, General.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.