Business Continuity Management.docxVIP专享VIP免费原创优质

下载本文档

阅读 128
下载 15
格式 docx
大小 21.25 KB
约3页
2025-02-01 发布于陕西
收藏
评论
点赞(0)
海报
举报

BusinessContinuityManagement(BCM)ObjectiveTheobjectiveofbusinesscontinuitymanagementistocounteractinterruptionstobusinessactivitiesandtoprotectcriticalbusinessprocessesfromtheeffectsofmajorfailuresordisasters.Abusinesscontinuitymanagementprocessshouldbeimplemented-isactuallyrequiredtobeimplementedbyISO17799-toreducethedisruptioncausedbydisastersandsecurityfailures(whichmaybetheresultof,forexample,naturaldisasters,accidents,equipmentfailures,anddeliberateactions)toanacceptablelevelthroughacombinationofpreventativeandrecoverycontrols.Theconsequencesofdisasters,securityfailuresandlossofserviceshouldbeanalysed.Contingencyplansshouldbedevelopedandimplementedtoensurethatbusinessprocessescanberestoredwithintherequiredtime-scales.Suchplansshouldbemaintainedandpractisedtobecomeanintegralpartofallothermanagementprocesses.Businesscontinuitymanagementshouldincludecontrolstoidentifyandreducerisks,limittheconsequencesofdamagingincidents,andensurethetimelyresumptionofessentialoperations.ModelApproachFig1:BCIModelforBusinessContinuityManagementBusinessContinuityManagementcanbeacomplexprocess.ThishasbeenrecognisedbytheBusinessContinuityInstutitutewhohaveestablisheda10-pointmodel(seeFig.1)fordevelopingeffectivebusinesscontinuitymanagementstrategies:1.ProjectInitiationandManagementToestablishtheneedforabusinesscontinuityplan(BCP),includingobtainingmanagementsupportandorganisingandmanagingtheprojecttocompletion,withinagreedtimeandbudgetlimits.2.RiskEvaluationandControlTodeterminetheeventsandenvironmentalsurroundingsthatcanadverselyaffecttheorganisationanditsfacilitieswithdisruptionaswellasdisaster,thedamagesucheventscancause,andthecontrolsneededtopreventorminimisetheeffectsofpotentialloss.Providecost-benefitanalysistojustifyinvestmentincontrolstomitigaterisk.3.BusinessImpactAnalysisToidentifytheimpactsresultingfromdisruptionsanddisasterscenariosthatcaneffecttheorganisationandtechniquesthatcanbeusedtoquantifyandqualifysuchimpacts.Establishcriticalfunctions,theirrecoverypriorities,andinter-dependenciessothatrecoverytimeobjectivescanbeset.4.DevelopingBusinessContinuityStrategiesTodetermineandguidetheselectionofalternativebusinessrecoveryoperatingstrategiesforrecoveryofbusinessfunctionsandITwithintherecoverytimeobjectives,whilemaintainingtheorganisation'scriticalfunctions.5.EmergencyResponseandOperationsDevelopandimplementproceduresforrespondingtoandstabilisingthesituationfollowinganincidentorevent,includingestablishingandmanaginganEmergencyOperationsCentre,tobeusedasacommandcentreduringtheemergency.6.DevelopingandImplementingBusinessContinuityPlansTodesign,developandimplementtheBCPthatprovidesrecoverywithintherecoverytimeobjective.7.AwarenessandTrainingProgrammesToprepareaprogrammetocreatecorporateawarenessandenhancetheskillsrequiredtodevelop,implement,maintainandexecutetheBCP.8.MaintainingandExercisingBusinessContinuityPlansTopre-planandco-ordinateplanexercises,andevaluateanddocumentplanexerciseresults.Developprocessestomaintainthecurrencyofcontinuitycapabilitiesandtheplandocumentinaccordancewiththeorganisation'sstrategicdirection.Verifythattheplanwillproveeffectivebycomparisonwithasuitablestandard,andreportresultsinaclearandconcisemanner.9.PublicRelationsandCrisisCo-ordinationTodevelop,co-ordinate,evaluateandexerciseplanstohandlethemediaduringcrisissituations.Todevelop,co-ordinate,evaluatea...

1、当您付费下载文档后，您只拥有了使用权限，并不意味着购买了版权，文档只能用于自身使用，不得用于其他商业用途（如 [转卖]进行直接盈利或[编辑后售卖]进行间接盈利）。
2、本站所有内容均由合作方或网友上传，本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺！文档内容仅供研究参考，付费前请自行鉴别。
3、如文档内容存在违规，或者侵犯商业秘密、侵犯著作权等，请点击“违规举报”。

碎片内容