The term 'Business Continuity (BC)' is used to describe the capability and resilience of an organisation to continue operating through, and after, disruptive events. With BC, the goal is to analyse risks to critical business functions and implement risk mitigation measures in order to ensure your organisation can perform its functions during and following a disruption. URM has a team of highly experienced BC and incident management (IM) consultants who can assist your organisation to achieve this goal and improve your BC planning capability and resilience.
Our approach is heavily aligned with recognised best practice, i.e. ISO 22301, the International Business Continuity Management System (BCMS) Standard. Certified itself to ISO 22301, URM and its BC consultants can provide you with a plethora of consultancy and training services, irrespective of whether your goal is to achieve ISO 22301 certification or simply to develop and improve your BC capabilities.
The following describes the approach to achieving ISO 22301 but if your goal is to establish robust, dependable plans, we will just look at the initial phases. Alternatively, you may wish to seek support exercising the plans you have in place which is addressed in the exercising section below. Whatever your goals and objectives are, URM is able to help you to achieve those in a pragmatic and appropriate manner.
ISO 22301 Gap Analysis
Typically, URM conducts a BC gap analysis against ISO 22301, which is widely regarded as representing established best practice. The gap analysis is conducted through a combination of BCMS documentation review (e.g., BC policy, business impact analysis (BIA) and risk assessment, BC strategy/plans / procedures, exercising programme, audit plan etc) and interviews with those individuals who are responsible for the organisation’s business continuity management (BCM) approach. The objective of the gap analysis is to identify those areas where best practice is currently being met and for those areas where your organisation is not currently compliant, URM will recommend the most suitable remediation approach.
ISO 22301 Implementation and Remediation Support
Following the gap analysis, URM offers a fully tailored and flexible support package to address the full implementation and maintenance of the BCMS, where we can do as little or as much as is required. Areas we can help you with include:
- BCM programme management
- Understanding the organisation/Conducting the BIA
- Determining BC strategies
- Developing and implementing BCM response
- Developing a training and awareness programme
- Exercising, maintaining and reviewing
Our steady organic growth over two decades as a consultancy and training organisation is based on our reputation for delivering high quality, tailored solutions utilising highly experienced, skilled and pragmatic business continuity and risk management practitioners. For those looking to certify to ISO 22301, our ISO certification track record is second to none with over 300 successful certifications and no failures. We also guarantee you a successful result should you engage URM to help you achieve ISO 22301 certification.
With our ‘getting the balance right’ approach URM’s goal is to ensure that your BC is appropriate to the amount and type of impact that is acceptable to your organisation following a disruption. It is important to note that no two BCMS’ will be the same, due to differences in organisational and industry requirements, risk appetites, products and services provided, processes employed, size and structure of the organisation, the requirements of interested parties and, in some cases, legal and regulatory obligations.
URM will ensure your BC strategy and plans will be tailored to your organisation, and reflect how you work, the terminology you use and be integrated into business as usual.
URM’s consultants have extensive experience as both business continuity managers and in their role as consultants advising organisations on BCM best practice. A key benefit of working with URM is our ‘real world’ knowledge transfer philosophy and training expertise which will enable you to manage and improve your BC without having to rely on ongoing external consultancy assistance.
Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories. Each of the 14 categories and provide you with a clear explanation of the primary objective...
In this blog, we want to dig a bit deeper into the benefits that are gained from implementing the Standard and from achieving certification...
The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when.