Record:   Prev Next
Author Drewitt, Tony
Title A Manager's Guide to ISO22301 : A Practical Guide to Developing and Implementing a Business Continuity Management System
Imprint Ely : IT Governance Ltd, 2013
©2013
book jacket
Descript 1 online resource (224 pages)
text txt rdacontent
computer c rdamedia
online resource cr rdacarrier
Note Intro -- About the Author -- Contents -- Introduction -- Chapter 1: Introducing Business Continuity Management -- What is business continuity management? -- Evolution -- The business continuity management system (BCMS) -- The relationship between business continuity and disaster recovery -- Cause and effect -- BCM policy -- What is policy? -- The policy statement -- Use of the policy -- Chapter 2: Overview of the BCM Process -- Context of the organisation -- Understanding of the organisation and its context -- Understanding the needs and expectations of interested parties -- Determining the scope of the business continuity management system -- Business continuity management system -- Leadership -- Policy -- Roles, responsibilities and authorities -- Planning -- Support -- Provision of resources -- Competency of BCM personnel -- Awareness and communication -- Documentation -- Operation -- Business impact analysis -- Risk assessment -- BCM strategy -- BCM response -- Exercising and testing -- Performance evaluation and improvement -- The PDCA cycle -- Practical programme management -- Set-up phase -- Ongoing/maintenance phase -- End products -- Resources -- Governance and assurance processes -- Chapter 3: Business Impact Analysis and Risk Assessment -- Business impact analysis -- What is BIA? -- Non-financial impacts -- Impact treatment -- Identifying the activities -- Suppliers -- Collecting the data -- Impact data analysis -- Recovery time objectives -- Partial and full recovery -- Tools -- The role of insurance -- Disaster recovery resources -- Mapping and analysis -- Identifying resources -- Conflicts -- Tools -- Risk identification, assessment and management -- What is risk? -- Practical operational risk management -- Risk identification -- Scope -- Custom and practice -- Threats -- Multiple threats -- Risk assessment -- The risk matrix
Risk appetite -- Risk analysis -- Risk control and treatment -- Preventative and curative measures -- The risk management process -- Chapter 4: Business Continuity Strategy -- IT disaster recovery -- Availability -- Failover -- The ITDR marketplace -- Reciprocal and co-operative arrangements -- Go out and buy it -- People -- The rest of the resource spectrum -- BCM objectives -- Deliverables -- Chapter 5: Business Continuity Procedures -- The incident response structure -- Command structure - teams and roles -- Teams and structure -- Roles -- Collecting information -- Communicating with stakeholders -- Team resilience - deputies -- Triggering the BCM response - activation -- Business continuity planning -- Master plan -- Summary -- Activation -- Command location -- Command structure -- Priorities and objectives -- Scenario plans -- Recovery plans -- Other plan components -- Procedures -- Incident log -- Internal communication -- Contact data -- How the plan works -- Multilevel (organisational) plans -- Ending the business continuity phase -- Recovery -- Chapter 6: Exercising and Testing -- Exercises -- Planning the exercise -- Execution -- Reporting -- Chapter 7: Performance Evaluation -- Monitoring and measurement -- Criteria -- The BCMS -- Internal audit -- Management review -- Chapter 8: Improvement -- Non-conformity and corrective action -- Documentation -- Continual improvement -- Chapter 9: BCM Culture -- Making business continuity effective -- Raising awareness -- Awareness techniques -- Ownership -- Competitive advantage -- Chapter 10: Document Management and Control -- Reliability -- Usability -- Templates -- Version control -- Document history -- Security -- Chapter 11: Reporting and Assurance -- Corporate governance -- Supplier assurance -- Due diligence -- Chapter 12: Certification -- System compliance -- Terms and definitions
Section 4 - Context -- Risk factors -- Risk appetite -- Section 3 - Planning -- Scope and objectives -- Policy -- Resources -- Competencies -- BCM culture -- Documentation -- Section 4 - Implementation and operation -- Business impact analysis (BIA) -- Risk assessment -- Strategy -- The BCM response -- Sections 5 and 6 - Monitoring, exercising, maintaining and reviewing -- BCMS implementation -- Section 3 - Planning -- Section 4 - Implementation and operation -- Certification -- Certification bodies -- Rogue traders -- Chapter 13: Standards and Codes of Practice -- The Combined Code on Corporate Governance (UK) -- Turnbull -- Sarbanes-Oxley -- Basel II -- ISO27031 -- ISO27001 -- Bibliography -- Appendix 1: A BCM Policy -- Business continuity policy -- Policy statement -- Scope -- Business continuity management objectives -- Business continuity management principles -- Business impact analysis -- Maximum tolerable period of disruption -- Business continuity plans -- Contingencies -- Responsibilities -- Response organisation -- Group -- Business unit -- Testing and maintenance -- Awareness and culture -- Reporting -- Appendix 2: BCM Competencies -- Appendix 3: A Risk Register -- Appendix 4: A Crisis Management Team -- Appendix 5: A Communication Cascade -- Appendix 6: Document Templates -- When and how to use this plan -- Minimum acceptable level of activity -- 1.0 Loss of premises -- 2.0 Loss of IT network or applications -- 2.1 No denial of access to normal workspace -- 2.2 Remote access (from home or other workspace) -- 3.0 Loss of staff -- 3.1 Remaining staff operating in normal workspace -- 3.2 Some staff working at home -- 4.0 Loss of plant, equipment and services -- 4.1 Outline arrangements for: -- Appendix 7: A Document Register -- Appendix 8: Acronyms and Abbreviations -- ITG Resources -- Other Websites -- Toolkits -- Training Services
Professional Services and Consultancy -- Publishing Services -- Newsletter
A concise and practical guide to the ISO22301 benchmark for business continuity management (BCM), this book is essential reading for all managers, executives and directors with any interest or involvement in operational risk or business continuity management
Description based on publisher supplied metadata and other sources
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2020. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries
Link Print version: Drewitt, Tony A Manager's Guide to ISO22301 : A Practical Guide to Developing and Implementing a Business Continuity Management System Ely : IT Governance Ltd,c2013 9781849284677
Subject Database management.;Information technology -- Management.;Risk management
Electronic books
Record:   Prev Next