Business continuity (BCM)
Expect the best but be prepared for the worst. This old proverb perhaps best express the importance and the sense of the process, which is currently called business continuity management. Non standard solution, usually a crisis is precisely the moment when we poignantly realize relativity and fragility of the current modus operandi.
Confrontation with unpredictable circumstances always require some degree of creativity and invention, but management don’t have enough time in such situation and any mistake can result in further deterioration of the situation, often with fatal consequences.
Technological threats (viruses, power failures, damage to equipment), the human factor (hackers, unintentional and intentional errors made by staff itself), natural phenomena (floods, fires...) may cause that otherwise smoothly functioning society suddenly finds itself in a crisis. Suddenly there is a loss of business and from that moment a limited time for resolving the situation begins to run – in the worst case it is a time remaining to termination of a company due to a loss of competitiveness, market position or due to legal consequences coming from failure of services...
Objectives
In the event of an accident (or more generally, the crisis) there is usually not enough time and resources for selecting and implementing the most appropriate procedure. People often reach for the first-use solution without having a real opportunity to evaluate its applicability and beeing under pressure, they don’t always realize an appreciable risk, thus the quickly chosen solution can finally significantly increase the extent of recovery.
Therefore, it is more efficient (i.e. cheaper) to prepare appropriate contingency procedures and alternatives before a crisis situation ever arises. So you can suggest some ways how to minimize possible damage and how to restore the operation of information systems and communications, as well as other means of support for running business processes (which are ultimately the most important thing). Such measures must respect that the highest priority is ensuring the fastest possible access to strategic information needed to ensure business continuity.
Just like risk management, effective continuity management must encompass a relatively wide range of activities to ensure a smooth start of replacement process, to ensure adequate alternative sources during the crisis and immediately thereafter tofor restoreing the original condition – , all of this together with managed communication both in the internal direction and towards public and media.
For all this effect, a a formalized management system is used, which ensures the desired (and repeatably reachableed) adequate fulfilment qualityof following points:
Establishment of the continuity management process within the organization
Impact analysis of the failure of each activity (the formalization of the fact findings on vulnerability and on the degree of criticality of processes in their failure)
Creating optimized plans for crisis situations
Implementation of the necessary measures (as defined in emergency plans to mitigate the potential consequences of accidents)
Ongoing maintenance, training and testing emergency plans
A suitable solution is the procedure under a safety standard. Thus it is possible to achieve complexity and efficiency, but also to create a good basis for a regular security audit or possible future certification.
On the basis of our practical experience in security and on the knowledge of specifics of Czech and Slovak environment we consider that the most suitable is continuity of operations management system, or BCM (Business Continuity Management) as it is defined by British Standard BS 25999-1 (formerly PAS56), which is linked to other safety standards, especially ISO / IEC 27001 (ISMS).
In compliance with such standards we offer a quality management system of continuity which is perfectly tailored to your needs.