The term 'Business Continuity (BC)' is used to describe the capability and resilience of an organisation to continue operating through, and after, disruptive events. With BC, the goal is to analyse risks to critical business functions and implement risk mitigation measures in order to ensure your organisation can perform its functions during and following a disruption. URM has a team of highly experienced BC and incident management (IM) consultants who can assist your organisation to achieve this goal and improve your BC planning capability and resilience.
Our approach is heavily aligned with recognised best practice, i.e. ISO 22301, the International Business Continuity Management System (BCMS) Standard. Certified itself to ISO 22301, URM and its BC consultants can provide you with a plethora of consultancy and training services, irrespective of whether your goal is to achieve ISO 22301 certification or simply to develop and improve your BC capabilities.
Exercising Your BCPs and IMPs
It is imperative your organisation is able to respond in a prompt and efficient manner in the event of an incident. This can be best achieved by conducting regular exercises with key role holders and their deputies. URM’s team of incident management specialists is hugely experienced and skilled in devising challenging, original and appropriate scenarios which will exercise and validate your BCPs and IMPs. Working closely with you, we will ensure the scenarios have clear objectives in terms of raising awareness, assessing how well participants understand the plans, as well as their own roles and responsibilities and how they work collectively as a team. Having developed and facilitated the BC exercise, URM will provide you with a detailed report on how your Team performed against the exercise objectives, what worked well and what opportunities there are for improvement. These improvements may relate to developing or refining your plans or in providing training and awareness to your key role holders.
One feature of our exercising over the last 10 years has been the increasing number of cyber related exercises we have developed, addressing such threats as malware attacks, ransomware incidents, data breaches and phishing attempts. URM’s experience and expertise in this area is validated as an Assured Service Provider by the National Cyber Security Centre (NCSC) and IASME under the Cyber Incident Exercising scheme. Under the Scheme, you can be assured, URM possesses the required skills and experience to create and facilitate bespoke and structured table top and live play cyber incident exercises.
Our steady organic growth over two decades as a consultancy and training organisation is based on our reputation for delivering high quality, tailored solutions utilising highly experienced, skilled and pragmatic business continuity and risk management practitioners. For those looking to certify to ISO 22301, our ISO certification track record is second to none with over 350 successful certifications and no failures. We also guarantee you a successful result should you engage URM to help you achieve ISO 22301 certification.
With our ‘getting the balance right’ approach URM’s goal is to ensure that your BC is appropriate to the amount and type of impact that is acceptable to your organisation following a disruption. It is important to note that no two BCMS’ will be the same, due to differences in organisational and industry requirements, risk appetites, products and services provided, processes employed, size and structure of the organisation, the requirements of interested parties and, in some cases, legal and regulatory obligations.
URM will ensure your BC strategy and plans will be tailored to your organisation, and reflect how you work, the terminology you use and be integrated into business as usual.
URM’s consultants have extensive experience as both business continuity managers and in their role as consultants advising organisations on BCM best practice. A key benefit of working with URM is our ‘real world’ knowledge transfer philosophy and training expertise which will enable you to manage and improve your BC without having to rely on ongoing external consultancy assistance.
URM’s blog discusses the changes to the requirements around threat intelligence in ISO 27001:2022 and what certified organisations will need to do differently.
URM’s blog explains how the principles of confidentiality, integrity and availability (CIA) can help align your information security controls with best practice