How to Deploy 25999 - How to Deploy BS 25999 second edition...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Authored By Avalution Consulting and BSI Management Systems America How to Deploy BS 25999 second edition
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 How to Deploy BS 25999 (second edition) TABLE OF CONTENTS TABLE OF CONTENTS . .................................................................................................................................................... 2 1. INTRODUCTION . ............................................................................................................................................................ 3 2. ACHIEVING PROGRAM CREDIBILITY BY CHOOSING THE RIGHT STANDARD FOR YOUR ORGANIZATION . ............................................. 4 2.1. How to Choose the Best Standard for Your Organization . ................................................................... 4 2.2. How BS 25999 Answers These Questions . ............................................................................................ 4 3. USING THE STANDARD TO BUILD YOUR PROGRAM . .............................................................................................................. 5 3.1. An overview of BS 25999 . ..................................................................................................................... 5 3.2. Planning the BCMS . ............................................................................................................................ 7 3.2.1. Program Requirements . ........................................................................................................................................ 7 3.2.2. BCM Policy. ............................................................................................................................................................ 7 3.2.3. Provisioning Resources and Competency of Personnel . ....................................................................................... 7 3.2.4. Embedding BCM . ................................................................................................................................................... 8 3.2.5. Documentation and Records . ................................................................................................................................ 8 3.3. Implementing and Operating the BCMS . ....................................................................................... 9 3.3.1. Understanding the Organization . .......................................................................................................................... 9 3.3.2. BIA and Risk Assessment . ...................................................................................................................................... 9 3.3.3. Business Continuity Strategy . .............................................................................................................................. 11 3.3.4. Planning Activities . .............................................................................................................................................. 13 3.3.5. Exercising and Maintaining BCM Arrangements . ................................................................................................ 15 3.4. Monitoring and Reviewing the BCMS . ......................................................................................... 16 3.4.1. Internal Audit . ..................................................................................................................................................... 16 3.4.2. Management Review . ......................................................................................................................................... 16 3.5. Maintaining and Improving the BCMS . ........................................................................................ 17 3.5.1. Preventive and Corrective Actions . ..................................................................................................................... 17 3.5.2. Continual Improvement . ..................................................................................................................................... 17 4. KEY PROGRAM IMPROVEMENT OPPORTUNITIES . ................................................................................................................ 18 5. TAKING THE NEXT STEP: THE CERTIFICATION PROCESS . ...................................................................................................... 19 6. CONCLUSIONS . ............................................................................................................................................................ 22 ABOUT AVALUTION CONSULTING . ........................................................................................................................................... 23 ABOUT BSI MANAGEMENT SYSTEMS. ...................................................................................................................................... 23 This second edition of “How to Deploy BS 25999” address es changes to the BS 25999-2 Specification, finalized in late 2007, after the initial release of the white paper. This edition also takes advantage of lessons learned from recent BCMS development projects designed to meet BS 25999 requirements. © 2008 Avalution Consulting, LLC & BSI Management Systems America, Inc. | All Rights Reserved
Background image of page 2
3 How to Deploy BS 25999 (second edition) The purpose of BS 25999 is to provide a basis for understanding, developing and implementing business continuity within an organization …” 1. INTRODUCTION Business continuity programs, similar to other enterprise risk management processes, are most effective when grounded in generally-accepted standards and built according to the bu siness’ objectives. Business objectives and “proven” standards together form a foundation that adds both credibility and viability to a continuity program. This white paper explores a new international code of practice (and its associated specification document), the British Standard Institut ion’s British Standard (BS) 25999, viewed by a growing body of practitioners as a complete description of a mature, repeatable and actionable business continuity management program. In addition to providing implementation details for the standard, this document covers how to use BS 25999 to obtain executive support, create a business continuity program and/or increase the maturity of an existing program. BS 25999 provides a basis for understanding, developing and implementing business continuity within an organization, integrates risk management disciplines and processes with business continuity and provides confidence in business-to- business and business-to-customer dealings. BS 25999 is written in two parts. Part 1, the Code of Practice, outlines the standard’s overall objectives, guidance and recommendations.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 23

How to Deploy 25999 - How to Deploy BS 25999 second edition...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online