Business Continuity Management: Choosing to survive shows you how to systematically prepare your business, not only for the unthinkable, but also for smaller incidents which, if left unattended, could well lead to major disasters. A business continuity management (BCM) program is critical for every business today, and this book will enable you to develop and implement yours to maximum effect.

• Cover
• Title
• Copyright
• Contents
• Preface
• About the Author
• Acknowledgements
• Chapter 1: Introduction
  • What is business continuity management?
  • Benefits of effective BCM programs
  • Emerging risk and threat topologies
  • BCM and risk management
  • BCM and compliance
  • BCM and insurance
• Chapter 2: Setting up the BCM Program
  • Gathering key success factors
  • Establishing the governance model
  • Establishing the BCM organizational unit
  • Organizations with a regional or international presence
• Chapter 3: Running the BCM Life Cycle
  • Running the BCM life cycle for the first time
  • Business impact analysis
  • Risk and threat assessment
  • Strategies and risk treatment plans
  • Planning and implementation
  • Awareness and training
  • Testing
  • Rerunning the cycle
• Chapter 4: BCM Standards
  • ISO22301 societal security – preparedness and continuity management systems – requirements
  • ASIS SPC.1-2009 organizational resilience: security, preparedness, and continuity management systems requirements with guidance for use
• Chapter 5: Technology Continuity
  • IT disaster recovery and readiness for business continuity (ITDR and IRBC)
  • Technology continuity sites
  • Technology continuity outside IT
• Chapter 6: Technology Continuity Standards
  • ISO/IEC 27031 information technology – security techniques – guidelines for information and communication technology readiness for business continuity (IRBC)
  • ISO/IEC 24762:2008 information technology – security techniques – guidelines for information and communications technology disaster recovery sites
• Chapter 7: Facilities Management and Physical Security
  • Facilities management
  • Physical security preparations
  • Environmental setups and preparations
• Chapter 8: Evacuation Plans
  • Features of an effective evacuation plan
  • Evacuation plan development
  • Communicating the plans
  • Training and testing
• Chapter 9: People and BCM
  • The importance of people
  • Succession planning
• Chapter 10: BCM Software
  • The need for BCM software
  • Role of BCM software within the BCM life cycle
  • Features of effective BCM software
  • Deploying BCM software
• Appendix 1: BCM Policy
  • Objective
  • Policy statement
  • Policy ownership and maintenance
  • Disaster definition
  • Policy guidelines
• Appendix 2: BIA Questionnaire
  • Purpose
  • Questionnaire contacts
  • Terminology
  • Understanding your processes – general process information
  • Understanding your processes – internal and external dependencies
  • Understanding your processes – impacts and criticality
  • Identifying RTO, season, and RPO
  • Understanding your processes – IT and resource requirements
  • Succession planning – identification of human resources
  • Assets required during disaster – identification of recovery resources
• Appendix 3: BIA Report
  • Executive summary
  • Abbreviations and acronyms
  • Introduction
  • Scope
  • Approach
  • Assumptions
  • Consolidated results
  • Observations
  • Recommendations
• Appendix 4: Risk Assessment Questionnaire
• Appendix 5: Risk Assessment Report
  • Introduction
  • Objectives
  • Approach
  • Summary of results
  • Detailed risk information
  • Risk treatment plan
• Appendix 6: BCM Strategy Report
  • Executive summary
  • Introduction
  • Key inputs for developing the business continuity strategy
  • Objectives of the business continuity strategy
  • Methodology
  • Overview of the preferred/recommended business continuity strategy for the organization
  • Business continuity strategy – crisis management
  • Business continuity strategy – processes
  • Business continuity strategy – technology
  • Business continuity strategy – data and information
  • Business continuity strategy – supplies
  • Business continuity strategy – people
  • Business continuity strategy – facilities and premises
  • Business continuity strategy – business continuity management
  • Implementation and ownership
• Appendix 7: BCM Plan
  • Scope
  • Objective
  • Team leader contact details and responsibilities
  • Team member details
  • Activities to be performed immediately after a disaster
  • Activities to be performed during disaster recovery
  • Relevant locations
  • Processes to be performed if IT systems are available
  • Processes to be performed if IT systems are not available
  • Resource requirements
  • List of documents/manuals to be stored off site
  • Contact list
  • Vendor list
  • Sample press release
  • Handling a media interview
• Appendix 8: ITDR Plan
  • Scope
  • Objective
  • Team structure
  • Activities to be performed immediately after a disaster
  • Activities to be performed during disaster recovery
  • Relevant locations
  • Disaster declaration matrix
  • Recovery procedures
  • List of documents/manuals to be stored off site
  • Contact list
  • Vendor list
• Appendix 9: Evacuation Plan.
  • Description of building
  • Map containing building and assembly point(s)
  • Floor layouts
  • Handling fire emergencies
  • Roles and responsibilities
  • Important emergency numbers
  • Employees’ emergency contact information
• Appendix 10: Test Plans and Forms
  • Scope
  • Objectives
  • Test frequency
  • Test types
  • The test process and mechanism
  • Tests calendar
  • Detailed test plan
  • Test preparation form
  • Test assessment form
• ITG Resources