• Home

  • Documents

  • Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a...
7
ARE YOU READY FOR ISO22301 A Simple Guide ABSTRACT If you’re thinking about implementing ISO 22301, then this guide will help you make an assessment of whether you’re ready to face the challenges ahead MISSING THE LINQ 2016

Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

  • Upload
    others

  • View
    3

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADY

FORISO22301ASimpleGuide

ABSTRACTIfyou’rethinkingaboutimplementingISO22301,thenthisguidewillhelpyoumakeanassessmentofwhetheryou’rereadytofacethechallengesahead

MISSINGTHELINQ2016

Page 2: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 2

AREYOUREADYFORISO22301?

ASIMPLEGUIDE

INTRODUCTION

WithBusinessContinuityanoftenoverlookedaspectofCorporateITGovernanceforalotoforganisations,theISO22301standardformsoneofthepillarsonwhichITGovernanceissupported.Thestandardhasbeendesignedwithorganisationsofallsizesandtypesinmindandshouldbesomethingworthconsidering,thisguidewillhelpyoumakeanassessmentofwhetheryouarereadyforISO22301.

Byaskingafewsimplequestions,itwillenableyoutomaketherightdecisionforyouandyourbusinessandhelpyouavoidmakingacostlymistake.

FollowtheAreYouReadyforISO22301–ASimpleGuidetolearnwhatisrequired.

Ifyouwantmoredetailedinformationorhelpinjumpstartingyouraccreditationprocessthengotoourwebsitewww.missingthelinq.comformoreinformationorsendusanemailatcontact@missingthelinq.com

Page 3: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 3

QUESTION1–ISYOURMANAGEMENTTEAMCOMMITTED?

Unlessyouhavethebackingoftheseniormanagementteamand/oramemberoftheseniorteammanagementleadingtheprojectitwillfail.

Theyshouldbethedrivingforcebehindtheprogramme,theyneedtocompletelyunderstandthestrategicissuesaroundtheneedforbusinesscontinuitymanagementanddisasterrecovery.Iftheseniormanagementarenotbehindthisproject,thereislittlepointinproceeding,certificationwillnotbeawardedwithoutclearevidenceofsuchcommitment.

ManagementsupportisveryimportantaswithintheStandarditformsacriticalpartoftheprocessandhavingSeniorManagementbuy-inenablestheprojecttocutacrossallpartsofanorganisation,andthereforeallkeyleadersneedtobeonside.

Onebusinessworkingtowardsacommonobjective.

QUESTION2–WHATISTHEPOTENTIALDISRUPTION?

WithoutsomeformofBusinessContinuityplanwhatisthepotentialdisruptiontothebusiness,whatwilltheimpactsbeandreputationaldamage.

WhenconsideringthethreatstotheorganisationyouneedtoconsiderinterestedpartiesaffectedbytheBCMS.Itrequiresyoutounderstandtheimpactofrisksfacingtheorganisationandrequirescross-organisationalworking.

AprofessionalorganisationwillhaveasufficientunderstandingofthethreatstoBusinessContinuityandwillensurethatallstaffunderstandtheirroleinthewiderenvironmentincludingthesupplychain.

Everyoneshouldbeawareofhowtheycontributetodeliveringtheorganisationsaims.

Page 4: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 4

QUESTION3–AREYOUALREADYMEETINGTHEREQUIREMENTS?

Awellorganisedcompany,withgoodstructureandorganisationandsupportingprocessesandpeopleopentochangeandwilingtolearnmay

alreadybeonthepathtoaccreditation.

Inordertounderstandhowfaryourorganisationisfromaccreditationandhowmuchworkisrequiredtoachieveit,itisworthgettingholdofacopyofthestepbystepguidestoimplementingISO22301thiswillgiveyouasimpleintroductiontotheStandardandaninsightofwhatisrequired.

Furthermore,itisrecommendedbeforecommittingyourselftothefullprojectthatagapanalysisisperformed.Thiswillquicklyidentifygapsinyourcurrentmanagementsystemsupfrontbeforeembarkingonacostlyproject.

ThiscanbedoneusingtheBusinessContinuityManagementSystemdocumentationasguidanceonwhatyourcorethreatsare,whatyouaredoingaboutthem,yourriskassessmentprocessesandhowrisksarehandledandwhatplansareinplacetomanagedisruption.

QUESTION4–DOYOUHAVEAVAILABLEBUDGET&RESOURCES?

FailtoPlan,PlantoFail-ofcoursewhileitisnecessary,itisnotsufficienttojusthaveaplan,havingtherightlevelofresourceandbudgetiscriticalwhen

implementingtheproject.

NoteveryorganisationcanaffordtheluxuryofadedicatedBusinessContinuityManager,nordoeseveryorganisationhavetheskillsorcompetenciesin-housetodelivertheproject.

Likewise,somemayhaveimplementedtheISOStandardinapreviousrole,orhavebackgroundsincreatingbusinesscontinuityplansandmanagementsystems.

ThegoodnewsistheStandardmakesitaloteasierforalltypesoforganisationstoimplementasitismoreflexibleandagileanddesignedformodernbusinesses,takingacollectiveviewofriskanditsmanagement.

Page 5: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 5

QUESTION5–WHATARETHERISKS/COSTSOFNOTBEINGACCREDITED?

WithriskbasedthinkingattheheartoftheStandardandafocusonthemanagementofdisruptionandhowtokeepcriticalfunctionsoperational.Itwill

demonstrateresiliencetocustomersandsuppliers.

TheISO22301embracesaprocessapproachtorisk,bothintermsofdisruptionanditsmanagement,i.e.howtokeepcriticalfunctionsupandrunningduringtimesofcrises.

Theorganisationneedstounderstandwhatthecorerisksandthreatsare,howtheyaretobeassessedandmitigatedandwhatplansareinplace.Needtoalsohaveallappropriateregulatoryandlegalrequirementsidentifiedaspartoftheriskassessment.

Arethereprocessesformanaginganincident,andhowaretheseinvoked,whodoeswhatandwhen,whattestingandvalidationproceduresareinplace?Whatiftheplanisnon-conforming?

Inotherwords;whatistherealisticlikelihoodofathreatofadisruptionoccurring,andtheharmlikelytoresultfromthatdisruptionoccurringandwhatistheopportunitytoimprove.

QUESTION6–WILLITMAKEYOUABETTERBUSINESS?

Thefinalquestionyoushouldaskyourself,isgoingthroughallthehardwork,timeandeffortacrossallpartsoftheorganisation,implementingchangeand

controlsgoingtomakeyouabetterbusiness?

AlotofworkandcommitmentisgoingtoberequiredtoimplementISO22301,alotofchangewillneedtobemanagedacrossalotoftheorganisationandthereforetherehastobeatangiblebusinessbenefit,whichismeasurableandquantifiable.

AcknowledgingthatBusinessContinuityisnotjust‘anicethingtohave’,butanecessityisimportant.Therecouldbemorebeneficialprojectstoworkonwhichwillhavebiggerreturnsoninvestment,howeverdependingontheanswerstotheabove5questionsitwillgiveyouagoodindicationofwherethisprojectssitsintermsofprioritisationandwhetheritfitsinyourorganisationsstrategyornot.

GLOSSARYOFTERMS

Page 6: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 6

RiskAssessment–Ariskassessmentcombinestwotechniquesariskanalysisandariskevaluation.

RiskAnalysis-Usesinformationtoidentifypossiblesourcesofrisk.Itusesinformationtoidentifythreatsoreventsthathaveaharmfulordetrimentalimpact.Itthenestimatestheriskbyaskingwhatistheprobabilityofthateventoccurring,andwhatimpactwouldithaveifitoccurred?

RiskEvaluation–Comparestheestimatedriskwithasetofriskcriteria.Thisisdonetodeterminehowsignificanttheriskreallyis.

RiskAcceptance–IspartoftheRiskTreatmentdecisionmakingprocess,meaningtheriskisacceptablegivencertaincontrolsareinplaceortheriskhasbeenmitigatedinsomeotherway.

Controls–Inthecontextofbusinesscontinuitymanagement,acontrolisanyadministrative,managerial,technical,orlegalmethodthatisusedtomodifyormanageariskorthreattodisruption.Controlscanincludethingssuchaspractises,processes,policiesandorganisationstructures.

BusinessContinuityManagementSystem(BCMS)–Includesallofthepolicies,procedures,documents,records,plans,guidelines,agreements,contracts,processes,practises,methods,activities,roles,responsibilities,relationships,tools,techniques,technologies,resourcesandstructuresthatareusedtoimplementandmanagerisksandthreatstothebusiness.

Page 7: Are you ready for ISO22301 - Missing the Linq · Not every organisation can afford the luxury of a dedicated Business Continuity Manager, nor does every organisation have the skills

AREYOUREADYFORISO22301

MISSINGTHELINQ2016 7

MissingtheLinq9FarncombeLaneOakwoodDerbyDE212AYRegisteredinEnglandandWalesNo.9832076

WEB:www.missingthelinq.com EMAIL:[email protected]


HRMS PLUS - The software system which keeps your HR activities at ease by managing every things of an organisation

HRMS PLUS - The software system which keeps your HR activities at ease by managing every things of an organisation

Software
Bsi bs25999-to-iso22301-transition

Bsi bs25999-to-iso22301-transition

Technology
How to Books - Make Your Mission Statement Work - Identify Your Organisation Values and Live Them Every Day

How to Books - Make Your Mission Statement Work - Identify Your Organisation Values and Live Them Every Day

Documents
NetVanta Unified Threat Managementportal.adtran.com/pub/Library/Product_Brochures/International/IN152… · solutions to fit every organisation—from small- to medium-sized businesses

NetVanta Unified Threat Managementportal.adtran.com/pub/Library/Product_Brochures/International/IN152… · solutions to fit every organisation—from small- to medium-sized businesses

Documents
( ) Autonomous non-profit organisation Centre for Development of Innovative Social Services “Partnership for Every Child” PARTNERSHIP FOR EVERY CHILD (

( ) Autonomous non-profit organisation Centre for Development of Innovative Social Services “Partnership for Every Child” PARTNERSHIP FOR EVERY CHILD (

Documents
Introducing ISO 22301 - safebridge.ptsafebridge.pt/Whitepapers/ISO22301/ISO-22301-Presentation.pdf · 6Summary of • ISO is currently developing a high level structure (Guide 83)

Introducing ISO 22301 - safebridge.ptsafebridge.pt/Whitepapers/ISO22301/ISO-22301-Presentation.pdf · 6Summary of • ISO is currently developing a high level structure (Guide 83)

Documents
Iso22301 Whitepaper

Iso22301 Whitepaper

Documents
ORGANISATION : NATURE & PURPOSE · ORGANISATION : NATURE & PURPOSE SYNDICATE GROUP 9 : ANUSREE RAHA ... A system consciously ... • “Every dabbawala is a stakeholder in the

ORGANISATION : NATURE & PURPOSE · ORGANISATION : NATURE & PURPOSE SYNDICATE GROUP 9 : ANUSREE RAHA ... A system consciously ... • “Every dabbawala is a stakeholder in the

Documents
The CX Company Customer Experience · 2019-06-14 · THE CUSTOMER JOURNEY Understand the importance of every interaction across every touchpoint that a customer has with an organisation

The CX Company Customer Experience · 2019-06-14 · THE CUSTOMER JOURNEY Understand the importance of every interaction across every touchpoint that a customer has with an organisation

Documents
ISO22301-MT-Nyrt - Telekom Mobilszolgáltatás · has baen assessed and cert¶ed as meetag the Of the Technology operation, sales and customer relations, service order fulfillment

ISO22301-MT-Nyrt - Telekom Mobilszolgáltatás · has baen assessed and cert¶ed as meetag the Of the Technology operation, sales and customer relations, service order fulfillment

Documents
NextGen 360o Advanced Business Continuity Applied …williamtravisgroup.com/wp-content/uploads/2016/10/WTG-NextGen-CP… · DRII Professional Practices and ISO22301) incorporated

NextGen 360o Advanced Business Continuity Applied …williamtravisgroup.com/wp-content/uploads/2016/10/WTG-NextGen-CP… · DRII Professional Practices and ISO22301) incorporated

Documents
INSTITUTIONAL BIOSAFETY - Banaras Hindu · PDF fileINSTITUTIONAL BIOSAFETY Indian regulations require that every organisation intending to conduct research on genetically modified

INSTITUTIONAL BIOSAFETY - Banaras Hindu · PDF fileINSTITUTIONAL BIOSAFETY Indian regulations require that every organisation intending to conduct research on genetically modified

Documents
WORLD-CLASS CONTRACT MANUFACTURING ORGANISATION Extraordinary service every day

WORLD-CLASS CONTRACT MANUFACTURING ORGANISATION Extraordinary service every day

Documents
Organisation - organisation structures

Organisation - organisation structures

Business
Deb Global Range Product Guide - GSG Eng · 2016-09-19 · Deb in Use Every person in the organisation doing the right thing with regard to skin safety. No one organisation or location

Deb Global Range Product Guide - GSG Eng · 2016-09-19 · Deb in Use Every person in the organisation doing the right thing with regard to skin safety. No one organisation or location

Documents
Aspen Heights British School Newsletter · The World Health Organisation states that every child needs 60 minutes of exercise every day to be healthy. We are will be running activities

Aspen Heights British School Newsletter · The World Health Organisation states that every child needs 60 minutes of exercise every day to be healthy. We are will be running activities

Documents
ISO 22301 - Parker Solutions Groupparkersolutionsgroup.co.uk/wp-content/uploads/2016/11/...ISO22301.pdf · • Increased confidence of customers and clients ... ˜nal version of ISO

ISO 22301 - Parker Solutions Groupparkersolutionsgroup.co.uk/wp-content/uploads/2016/11/...ISO22301.pdf · • Increased confidence of customers and clients ... ˜nal version of ISO

Documents
Top Reasons Why Every Organisation Need Facility Managers

Top Reasons Why Every Organisation Need Facility Managers

Career
Promise, Progress or Failure to Prioritise? · organisation better balanced at every level. Other factors may also skew the appearance of progress within an organisation. For example,

Promise, Progress or Failure to Prioritise? · organisation better balanced at every level. Other factors may also skew the appearance of progress within an organisation. For example,

Documents
BRAND GUIDELINES - internal.britishsteel.uk.cominternal.britishsteel.uk.com/files/documents/... · | BRAND GUIDELINES BRITISH STEEL BRAND About A brand is at the heart of every organisation,

BRAND GUIDELINES - internal.britishsteel.uk.cominternal.britishsteel.uk.com/files/documents/... · | BRAND GUIDELINES BRITISH STEEL BRAND About A brand is at the heart of every organisation,

Documents
Bsi Iso22301 Product Guide Uk En

Bsi Iso22301 Product Guide Uk En

Documents
Iso22301 Whitepaper Es

Iso22301 Whitepaper Es

Documents
Reconciliation Action Plan program Every Australian organisation can make a contribution to reconciliation

Reconciliation Action Plan program Every Australian organisation can make a contribution to reconciliation

Documents
GAELIC ATHLETIC ASSOCIATION - Cloudinary€¦ · The Gaelic Athletic Association today is an organisation which reaches into every corner of the land and has its roots in every Irish

GAELIC ATHLETIC ASSOCIATION - Cloudinary€¦ · The Gaelic Athletic Association today is an organisation which reaches into every corner of the land and has its roots in every Irish

Documents
DIRECTING CHAPTERaction, directing initiates action in the organisation. (ii) Directing takes place at every level of management: Every manager, from top executive to supervisor performs

DIRECTING CHAPTERaction, directing initiates action in the organisation. (ii) Directing takes place at every level of management: Every manager, from top executive to supervisor performs

Documents
Group discussion - Important for every organisation

Group discussion - Important for every organisation

Career
ello - bestpracticecompetition.com fileFIRST - EXC EDGE • QUALITY LEANEST • INTERNATIONAL BEST PRACTICE COMPETITION Every organisation is good at something. every organisation

ello - bestpracticecompetition.com fileFIRST - EXC EDGE • QUALITY LEANEST • INTERNATIONAL BEST PRACTICE COMPETITION Every organisation is good at something. every organisation

Documents
CURRICULUM ORGANISATION 2009. Curriculum Organisation Rationale The best experience for every student The best experience for every student Greater flexibility

CURRICULUM ORGANISATION 2009. Curriculum Organisation Rationale The best experience for every student The best experience for every student Greater flexibility

Documents
ContinuitySA ISO22301 Presentation Slidescontinuitysa.co.za/.../ContinuitySA-ISO22301-Presentation-Slides.pdf · ContinuitySA SANS / ISO22301 ... TC 241 - Road traffic safety management

ContinuitySA ISO22301 Presentation Slidescontinuitysa.co.za/.../ContinuitySA-ISO22301-Presentation-Slides.pdf · ContinuitySA SANS / ISO22301 ... TC 241 - Road traffic safety management

Documents
GS-7 ZAWADA-GIFFIN-AVALUTION- ISO22301 › images › conferences › sd2012 › sesmat › GS-7 ZAW… · Business Continuity Management Systems – Requirements ISO 22313 Business

GS-7 ZAWADA-GIFFIN-AVALUTION- ISO22301 › images › conferences › sd2012 › sesmat › GS-7 ZAW… · Business Continuity Management Systems – Requirements ISO 22313 Business

Documents