Escolar Documentos
Profissional Documentos
Cultura Documentos
Business Continuity
Management
By. Mr. Chomnaphas Tangsook
Business Director
BSI Group ( Thailand) Co., Ltd
Contents slide
2002
2000
1979
BS 5750 -> ISO 9001
1996
1995
1992
BS 25999
Not just about managing the high profile disasters but also the day
to day business disruptions
Not an IT standard and not about Disaster Recovery
A business-owned, business-driven process that establishes
a fit-for-purpose strategic and operational framework.
Defining Business
Continuity Management
Holistic management process that identifies potential
threats to an organization and the impacts to business
operations that those threats, if realized, might cause and
which provides a framework for building organizational
resilience with the capability for an effective response
that safeguards the interests of its key stakeholders,
reputation, brand and value-creating activities
BS 25999-2:2007, 2.4
Publication dates
BS25999-1 Code of Practice
December 2006
BS25999-2 Specification
Mid November 2007
Certification process
BSI develops certification process
8
10
33 members
10
11
Institute of Directors
11
12
12
13
Continuity Forum
Institute of Emergency Management
13
14
Organization
Customers
Conduit
Organizations
Vendors
14
15
16
Timeline
Incident Response
Business continuity
Within minutes to hours:
Staff and visitors
accounted for
Casualties dealt with
Damage containment/
limitation
Damage assessment
Invocation of BCP
17
Interested
parties
Business
continuity
requirements
and
expectations
Interested
parties
Establish
Act
Maintain
and
improve
Do
Implement
and
operate
Check
Monitor
and
review
Managed
business
continuity
18
19
20
21
Scope, policy,
stakeholders,
regulatory
Identify activities
that support key
product and services
Identify critical
activities according to
priority for recovery
Identify impact of
threat to critical
activities
Estimate resources
required to recover
each critical activity
22
23
Service Level
OK!
MTPD
RTO
24
Disaster!
MTPD
RTO
25
26
27
28
29
30
Exercising plans
Different types of exercise
Desk check
Walk through
Simulation
Component/activity
Full test
Exercising supports
awareness programme
competency development
BS 25999-2:2007, 4.4.2
Structure of BS 25999-2
1 Scope
2 Terms and definitions
3 Planning the BCMS
31
32
33
34
35
35
36
BS 25999 Clients
36