Blog

Business continuity (BC) is about bringing back your business post crisis or a disaster situation. BC is about managing ‘black swan’ events in your organisation – something that you never expected. However there is a scope – defined in terms of outages. You can chiefly plan against four outage scenarios – namely site outage, people or skill outage, technology outage and vendor outage. Can you think of anything else – please write to me!

Premise: Business continuity is about your recovery of your business post crisis not before. Insurance does not recover business, it recovers losses or existing investment.

If you are concerned about IT service delivery and its impact to your business – this is for you!

One of the new requirements in ISO 27001 2013 is considering security in project management. The standard clause is as follows:

Listed below are key steps for a comprehensive business continuity program.

1. Identification of mission critical activities that needs a continuity plan. In order to assess the requirement for BCP, one needs to understand enterprise context. We divide an organisation unit into mission critical teams/services such as revenue generating services (RGS) for profit making businesses, customer facing services for non-profit, essential infrastructure services (EIS) such as power, utilities, IT and security, and delayed start services (DSS) – services that can wait during emergency. This assessment helps you prioritise recovery. EIS – first to recover, RGS – second to recover and DSS – last to recover.

One of the key changes of iso 27001 – 2013 is the introduction of security performance framework in the management requirements. This is necessitated by the following ISO 27001 2013 Clauses

ISO 27001/ISO 27002 implementation and certification journey can be divided into the following key phases:

If you are the CEO, seek responses for the following questions.

Every organisation needs a business continuity plan. Very few often go for a formal ISO 22301.

Scared of the ISO auditor? After reading this blog,  hopefully you will be less scared.

It is quite pleasing to see how traditional businesses are waking up to the realities of information protection.

Businesses demand a better response from their IT organization. Business understand that IT is critical and they expect that a better delivery will augment business response time, whether new product delivery, new product launch and simply day to day responding to customer queries.