Business Continuity Management (BCM) – ISO 22301
Business Continuity Management ensures through the methodical procedure according to the requirements of ISO 22301 that the continuation of a business operation is secured in the best possible way in case of crises or unexpected events.
BCM – Lifecycle
The identification and analysis of critical business processesis crucial and forms the basis for the following questions:
- which processes in the company must be maintained functional and
- which measures are necessary for this.
One of the main components of BCM is the Business Impact Analysis (BIA). Using BIA, the dependencies between IT processes and/or business processes/areas are methodically recorded and presented.
Further sub-areas of BCM include emergency and crisis management to ensure the essential business processes and the continuity of business operations.
The result of BIA / BCM
- the criticality of the effects of failures in business and IT processes becomes transparent and
- critical points of attack can be identified, considered and appropriate measures taken
- emergency planning, including emergency tests, is implemented
- the associated documentation is checked, evaluated and managed.
Together with risk analysis, BIA forms the basis for the security strategy of a company.
The Business Continuity Management Software QSEC offers optimal support here by combining risk management according to ISO 27005 with business impact analysis according to ISO 22301.