At a high level, it may seem natural to use the terms business continuity management and enterprise risk management interchangeably. Some people may even think they’re just terms representing the same thing. While there [...]
Understanding the evolution of supply chain risk management post-pandemic Have you ever had an idea about your job or a work project that really gets you excited? Or have you figured out a better [...]
WHAT IS ISO 22317? The International Organization for Standardization (ISO) Technical Committee (TC) 292, the committee responsible for writing security, resilience, and business continuity standards, has released its latest document: ISO 22317 – Societal Security – Business [...]
Broadly speaking, there are two approaches to structuring a business continuity program. A centralized structure involves leading and executing the business continuity planning process within a single team and engaging the business as needed. [...]
This article provides an overview of GPG Professional Practice 1 (PP1) – Policy and Program Management, the first of the six professional practices, and discusses the importance and recommendations in establishing the foundation for a [...]
Early on in the development of a business continuity program, careful, pragmatic scoping can be the difference between quick and appropriate wins and a never-ending planning effort with little capability. Organizations typically build programs [...]
The business continuity industry has heard a lot about Plan, Do, Check Act (PDCA) recently. Nearly every emerging standard is following this approach, from BS 25999 and NFPA 1600 (2010 edition) to the new [...]
Resilience Management Definition Resilience management is the process of integrating all of an organization’s protective activities under one, clear, management structure. The methodology is subdivided into two areas: readiness and response. Readiness [...]
After approval by the ISO member bodies, the ISO Technical Management Board Working Group on risk management released ISO 31000:2009, Risk Management – Principles and Guidelines in November of 2009. The authors designed the [...]
One of the most visible and essential elements of a business continuity program is exercising. Performing exercises enables the organization to validate and improve business continuity capabilities and plan documentation. It is typically [...]
Many organizations struggle to define the best method to meet business expectations regarding information technology (IT) recovery. ISO 27031 provides guidance to business continuity and IT disaster recovery professionals on how to plan for IT [...]
American novelist Thomas Berger once mused that, “the art and science of asking questions is the source of all knowledge.” The quest for answers, searching beyond the surface and challenging currently accepted assumptions, provokes [...]
