The term 'Business Continuity (BC)' is used to describe the capability and resilience of an organisation to continue operating through, and after, disruptive events. With BC, the goal is to analyse risks to critical business functions and implement risk mitigation measures in order to ensure your organisation can perform its functions during and following a disruption. URM has a team of highly experienced BC and incident management (IM) consultants who can assist your organisation to achieve this goal and improve your BC planning capability and resilience.
Our approach is heavily aligned with recognised best practice, i.e. ISO 22301, the International Business Continuity Management System (BCMS) Standard. Certified itself to ISO 22301, URM and its BC consultants can provide you with a plethora of consultancy and training services, irrespective of whether your goal is to achieve ISO 22301 certification or simply to develop and improve your BC capabilities.
Conducting Business Impact Analysis and Risk Assessment
In line with the requirements of ISO 22301, we can assist you conduct a business impact analysis (BIA) and risk assessment, the foundation stone of any BCMS. The purpose of the BIA is to help you identify your critical business activities (processes) that you need to prioritise when recovering from a disruption, factoring in impacts of losses over time, along with required levels of activity and resources needed. URM can help you establish your BIA methodology, so that in the event of a business disruption, you will be clear what to recover first, by when and to what level. You can also take advantage of URM’s automated business continuity BIA tool, Abriska® 22301. A key feature of the tool is that it replaces multiple spreadsheets with a ‘single source of truth’ database. Users are able to enter information through a secure Web-based system, thereby simplifying the BIA process. With the risk assessment, our risk and continuity specialists will help you to identify events that could lead to business disruption and assess which of these are unacceptable.
Having conducted your BIA with URM, your organisation will be ideally prepared to determine an appropriate business continuity strategy to be able to resume and recover prioritised business activities to a specified minimum acceptable level.
Our steady organic growth over two decades as a consultancy and training organisation is based on our reputation for delivering high quality, tailored solutions utilising highly experienced, skilled and pragmatic business continuity and risk management practitioners. For those looking to certify to ISO 22301, our ISO certification track record is second to none with over 300 successful certifications and no failures. We also guarantee you a successful result should you engage URM to help you achieve ISO 22301 certification.
With our ‘getting the balance right’ approach URM’s goal is to ensure that your BC is appropriate to the amount and type of impact that is acceptable to your organisation following a disruption. It is important to note that no two BCMS’ will be the same, due to differences in organisational and industry requirements, risk appetites, products and services provided, processes employed, size and structure of the organisation, the requirements of interested parties and, in some cases, legal and regulatory obligations.
URM will ensure your BC strategy and plans will be tailored to your organisation, and reflect how you work, the terminology you use and be integrated into business as usual.
URM’s consultants have extensive experience as both business continuity managers and in their role as consultants advising organisations on BCM best practice. A key benefit of working with URM is our ‘real world’ knowledge transfer philosophy and training expertise which will enable you to manage and improve your BC without having to rely on ongoing external consultancy assistance.
Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories. Each of the 14 categories and provide you with a clear explanation of the primary objective...
In this blog, we want to dig a bit deeper into the benefits that are gained from implementing the Standard and from achieving certification...
The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when.